aboutsummaryrefslogtreecommitdiffstats
path: root/moon-abe/pbc-0.5.14
diff options
context:
space:
mode:
Diffstat (limited to 'moon-abe/pbc-0.5.14')
-rw-r--r--moon-abe/pbc-0.5.14/.gitignore58
-rw-r--r--moon-abe/pbc-0.5.14/COPYING165
-rw-r--r--moon-abe/pbc-0.5.14/INSTALL15
-rw-r--r--moon-abe/pbc-0.5.14/Makefile.am88
-rw-r--r--moon-abe/pbc-0.5.14/NEWS121
-rw-r--r--moon-abe/pbc-0.5.14/README20
-rw-r--r--moon-abe/pbc-0.5.14/announce8
-rw-r--r--moon-abe/pbc-0.5.14/arith/dlog.c187
-rw-r--r--moon-abe/pbc-0.5.14/arith/fasterfp.c546
-rw-r--r--moon-abe/pbc-0.5.14/arith/fastfp.c382
-rw-r--r--moon-abe/pbc-0.5.14/arith/field.c889
-rw-r--r--moon-abe/pbc-0.5.14/arith/fieldquadratic.c692
-rw-r--r--moon-abe/pbc-0.5.14/arith/fp.c49
-rw-r--r--moon-abe/pbc-0.5.14/arith/init_random.c18
-rw-r--r--moon-abe/pbc-0.5.14/arith/init_random.win32.c52
-rw-r--r--moon-abe/pbc-0.5.14/arith/montfp.c596
-rw-r--r--moon-abe/pbc-0.5.14/arith/multiz.c589
-rw-r--r--moon-abe/pbc-0.5.14/arith/naivefp.c270
-rw-r--r--moon-abe/pbc-0.5.14/arith/poly.c1724
-rw-r--r--moon-abe/pbc-0.5.14/arith/random.c87
-rw-r--r--moon-abe/pbc-0.5.14/arith/ternary_extension_field.c950
-rw-r--r--moon-abe/pbc-0.5.14/arith/tinyfp.c304
-rw-r--r--moon-abe/pbc-0.5.14/arith/z.c263
-rw-r--r--moon-abe/pbc-0.5.14/benchmark/REPORT.BAT18
-rw-r--r--moon-abe/pbc-0.5.14/benchmark/benchmark.c109
-rw-r--r--moon-abe/pbc-0.5.14/benchmark/ellnet.c65
-rw-r--r--moon-abe/pbc-0.5.14/benchmark/multipairing.c62
-rw-r--r--moon-abe/pbc-0.5.14/benchmark/report_times7
-rw-r--r--moon-abe/pbc-0.5.14/benchmark/timersa.c83
-rw-r--r--moon-abe/pbc-0.5.14/configure.ac191
-rwxr-xr-xmoon-abe/pbc-0.5.14/configure.lineno16097
-rw-r--r--moon-abe/pbc-0.5.14/debian/.gitignore10
-rw-r--r--moon-abe/pbc-0.5.14/debian/README.Debian6
-rw-r--r--moon-abe/pbc-0.5.14/debian/changelog137
-rw-r--r--moon-abe/pbc-0.5.14/debian/compat1
-rw-r--r--moon-abe/pbc-0.5.14/debian/control54
-rw-r--r--moon-abe/pbc-0.5.14/debian/copyright19
-rw-r--r--moon-abe/pbc-0.5.14/debian/docs2
-rw-r--r--moon-abe/pbc-0.5.14/debian/mv_things.sh53
-rw-r--r--moon-abe/pbc-0.5.14/debian/rules117
-rw-r--r--moon-abe/pbc-0.5.14/doc/basics.txt58
-rw-r--r--moon-abe/pbc-0.5.14/doc/bundle.txt119
-rw-r--r--moon-abe/pbc-0.5.14/doc/contributors.txt35
-rw-r--r--moon-abe/pbc-0.5.14/doc/custom-nochunks.xsl22
-rw-r--r--moon-abe/pbc-0.5.14/doc/custom-pretty.xsl32
-rw-r--r--moon-abe/pbc-0.5.14/doc/custom.xsl24
-rw-r--r--moon-abe/pbc-0.5.14/doc/default.css71
-rw-r--r--moon-abe/pbc-0.5.14/doc/elementfns.txt111
-rw-r--r--moon-abe/pbc-0.5.14/doc/extract67
-rw-r--r--moon-abe/pbc-0.5.14/doc/find_selflink.js37
-rw-r--r--moon-abe/pbc-0.5.14/doc/index.txt13
-rw-r--r--moon-abe/pbc-0.5.14/doc/internal.txt428
-rw-r--r--moon-abe/pbc-0.5.14/doc/macros.ad9
-rw-r--r--moon-abe/pbc-0.5.14/doc/makeover50
-rw-r--r--moon-abe/pbc-0.5.14/doc/miscfns.txt43
-rw-r--r--moon-abe/pbc-0.5.14/doc/pairingfns.txt69
-rw-r--r--moon-abe/pbc-0.5.14/doc/paramfns.txt37
-rw-r--r--moon-abe/pbc-0.5.14/doc/preface.txt18
-rw-r--r--moon-abe/pbc-0.5.14/doc/pretty.css97
-rw-r--r--moon-abe/pbc-0.5.14/doc/quickstart.txt69
-rw-r--r--moon-abe/pbc-0.5.14/doc/security.txt45
-rw-r--r--moon-abe/pbc-0.5.14/doc/sigex.txt155
-rw-r--r--moon-abe/pbc-0.5.14/ecc/a_param.c2315
-rw-r--r--moon-abe/pbc-0.5.14/ecc/curve.c987
-rw-r--r--moon-abe/pbc-0.5.14/ecc/d_param.c1258
-rw-r--r--moon-abe/pbc-0.5.14/ecc/e_param.c1006
-rw-r--r--moon-abe/pbc-0.5.14/ecc/eta_T_3.c835
-rw-r--r--moon-abe/pbc-0.5.14/ecc/f_param.c599
-rw-r--r--moon-abe/pbc-0.5.14/ecc/g_param.c1435
-rw-r--r--moon-abe/pbc-0.5.14/ecc/hilbert.c539
-rw-r--r--moon-abe/pbc-0.5.14/ecc/mnt.c496
-rw-r--r--moon-abe/pbc-0.5.14/ecc/mpc.c122
-rw-r--r--moon-abe/pbc-0.5.14/ecc/mpc.h93
-rw-r--r--moon-abe/pbc-0.5.14/ecc/pairing.c283
-rw-r--r--moon-abe/pbc-0.5.14/ecc/param.c220
-rw-r--r--moon-abe/pbc-0.5.14/ecc/param.h23
-rw-r--r--moon-abe/pbc-0.5.14/ecc/singular.c447
-rw-r--r--moon-abe/pbc-0.5.14/example/Makefile.am16
-rw-r--r--moon-abe/pbc-0.5.14/example/bls.c133
-rw-r--r--moon-abe/pbc-0.5.14/example/hess.c109
-rw-r--r--moon-abe/pbc-0.5.14/example/joux.c80
-rw-r--r--moon-abe/pbc-0.5.14/example/paterson.c114
-rw-r--r--moon-abe/pbc-0.5.14/example/yuanli.c165
-rw-r--r--moon-abe/pbc-0.5.14/example/zhangkim.c139
-rw-r--r--moon-abe/pbc-0.5.14/example/zss.c70
-rw-r--r--moon-abe/pbc-0.5.14/gen/Makefile.am18
-rw-r--r--moon-abe/pbc-0.5.14/gen/gena1param.c27
-rw-r--r--moon-abe/pbc-0.5.14/gen/genalldparams15
-rw-r--r--moon-abe/pbc-0.5.14/gen/genaparam.c21
-rw-r--r--moon-abe/pbc-0.5.14/gen/gendparam.c35
-rw-r--r--moon-abe/pbc-0.5.14/gen/geneparam.c21
-rw-r--r--moon-abe/pbc-0.5.14/gen/genfparam.c24
-rw-r--r--moon-abe/pbc-0.5.14/gen/gengparam.c33
-rw-r--r--moon-abe/pbc-0.5.14/gen/hilbertpoly.c57
-rw-r--r--moon-abe/pbc-0.5.14/gen/listfreeman.c38
-rw-r--r--moon-abe/pbc-0.5.14/gen/listmnt.c41
-rw-r--r--moon-abe/pbc-0.5.14/guru/19.c373
-rw-r--r--moon-abe/pbc-0.5.14/guru/59.c783
-rw-r--r--moon-abe/pbc-0.5.14/guru/checkfp.c334
-rw-r--r--moon-abe/pbc-0.5.14/guru/eta_T_3_test.c130
-rw-r--r--moon-abe/pbc-0.5.14/guru/exp_test.c88
-rw-r--r--moon-abe/pbc-0.5.14/guru/fp_test.c95
-rw-r--r--moon-abe/pbc-0.5.14/guru/indexcalculus.c869
-rw-r--r--moon-abe/pbc-0.5.14/guru/param_parse_test.c26
-rw-r--r--moon-abe/pbc-0.5.14/guru/poly_test.c136
-rw-r--r--moon-abe/pbc-0.5.14/guru/prodpairing_test.c44
-rw-r--r--moon-abe/pbc-0.5.14/guru/quadratic_test.c62
-rw-r--r--moon-abe/pbc-0.5.14/guru/sing.c263
-rw-r--r--moon-abe/pbc-0.5.14/guru/ternary_extension_field_test.c240
-rw-r--r--moon-abe/pbc-0.5.14/guru/testindexcalculus.c29
-rw-r--r--moon-abe/pbc-0.5.14/guru/timefp.c98
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc.h34
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_a1_param.h25
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_a_param.h25
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_curve.h79
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_d_param.h40
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_e_param.h29
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_f_param.h27
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_field.h694
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_fieldquadratic.h23
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_fp.h26
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_g_param.h28
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_hilbert.h13
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_i_param.h23
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_memory.h24
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_mnt.h49
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_multiz.h20
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_pairing.h280
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_param.h49
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_poly.h57
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_random.h32
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_singular.h11
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_ternary_extension_field.h22
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_test.h42
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_utils.h86
-rw-r--r--moon-abe/pbc-0.5.14/include/pbc_z.h12
-rw-r--r--moon-abe/pbc-0.5.14/makedeb.sh5
-rw-r--r--moon-abe/pbc-0.5.14/misc/darray.c176
-rw-r--r--moon-abe/pbc-0.5.14/misc/darray.h92
-rw-r--r--moon-abe/pbc-0.5.14/misc/extend_printf.c188
-rw-r--r--moon-abe/pbc-0.5.14/misc/get_time.c21
-rw-r--r--moon-abe/pbc-0.5.14/misc/get_time.win32.c42
-rw-r--r--moon-abe/pbc-0.5.14/misc/memory.c131
-rw-r--r--moon-abe/pbc-0.5.14/misc/symtab.c67
-rw-r--r--moon-abe/pbc-0.5.14/misc/symtab.h43
-rw-r--r--moon-abe/pbc-0.5.14/misc/utils.c101
-rw-r--r--moon-abe/pbc-0.5.14/param/a.param8
-rw-r--r--moon-abe/pbc-0.5.14/param/a1.param4
-rw-r--r--moon-abe/pbc-0.5.14/param/d105171-196-185.param14
-rw-r--r--moon-abe/pbc-0.5.14/param/d159.param14
-rw-r--r--moon-abe/pbc-0.5.14/param/d201.param14
-rw-r--r--moon-abe/pbc-0.5.14/param/d224.param14
-rw-r--r--moon-abe/pbc-0.5.14/param/d277699-175-167.param14
-rw-r--r--moon-abe/pbc-0.5.14/param/d278027-190-181.param14
-rw-r--r--moon-abe/pbc-0.5.14/param/e.param10
-rw-r--r--moon-abe/pbc-0.5.14/param/f.param7
-rw-r--r--moon-abe/pbc-0.5.14/param/g149.param16
-rw-r--r--moon-abe/pbc-0.5.14/param/i.param5
-rw-r--r--moon-abe/pbc-0.5.14/pbc/bilinear.test50
-rw-r--r--moon-abe/pbc-0.5.14/pbc/g2_test.pbc37
-rw-r--r--moon-abe/pbc-0.5.14/pbc/oldpbc.c1221
-rw-r--r--moon-abe/pbc-0.5.14/pbc/pairing_test.pbc21
-rw-r--r--moon-abe/pbc-0.5.14/pbc/parser.lex56
-rw-r--r--moon-abe/pbc-0.5.14/pbc/parser.y112
-rw-r--r--moon-abe/pbc-0.5.14/pbc/pbc.c953
-rw-r--r--moon-abe/pbc-0.5.14/pbc/pbc_getline.c17
-rw-r--r--moon-abe/pbc-0.5.14/pbc/pbc_getline.readline.c10
-rw-r--r--moon-abe/pbc-0.5.14/pbc/pbc_tree.h30
-rw-r--r--moon-abe/pbc-0.5.14/release96
-rw-r--r--moon-abe/pbc-0.5.14/setup21
-rw-r--r--moon-abe/pbc-0.5.14/simple.make396
-rw-r--r--moon-abe/pbc-0.5.14/test24
172 files changed, 47891 insertions, 0 deletions
diff --git a/moon-abe/pbc-0.5.14/.gitignore b/moon-abe/pbc-0.5.14/.gitignore
new file mode 100644
index 00000000..1ee795f6
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/.gitignore
@@ -0,0 +1,58 @@
+*.o
+*.lo
+.deps/
+.libs/
+Makefile
+Makefile.in
+aclocal.m4
+autom4te.cache/
+.dirstamp
+benchmark/benchmark
+benchmark/ellnet
+benchmark/timersa
+config.guess
+config.h
+config.h.in
+config.log
+config.status
+config.sub
+configure
+depcomp
+example/Makefile
+example/Makefile.in
+example/bls
+example/hess
+example/joux
+example/paterson
+example/yuanli
+example/zhangkim
+example/zss
+gen/Makefile
+gen/Makefile.in
+gen/gena1param
+gen/genaparam
+gen/gendparam
+gen/geneparam
+gen/genfparam
+gen/gengparam
+gen/hilbertpoly
+gen/listfreeman
+gen/listmnt
+git_config_back
+guru/*_test
+install-sh
+libpbc.la
+libtool
+ltmain.sh
+missing
+pbc/lex.yy.c
+pbc/lex.yy.h
+pbc/parser.tab.c
+pbc/parser.tab.h
+pbc/pbc
+stamp-h1
+tags
+compile
+m4/
+*.exe
+*.exe.stackdump
diff --git a/moon-abe/pbc-0.5.14/COPYING b/moon-abe/pbc-0.5.14/COPYING
new file mode 100644
index 00000000..65c5ca88
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/COPYING
@@ -0,0 +1,165 @@
+ GNU LESSER GENERAL PUBLIC LICENSE
+ Version 3, 29 June 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+
+ This version of the GNU Lesser General Public License incorporates
+the terms and conditions of version 3 of the GNU General Public
+License, supplemented by the additional permissions listed below.
+
+ 0. Additional Definitions.
+
+ As used herein, "this License" refers to version 3 of the GNU Lesser
+General Public License, and the "GNU GPL" refers to version 3 of the GNU
+General Public License.
+
+ "The Library" refers to a covered work governed by this License,
+other than an Application or a Combined Work as defined below.
+
+ An "Application" is any work that makes use of an interface provided
+by the Library, but which is not otherwise based on the Library.
+Defining a subclass of a class defined by the Library is deemed a mode
+of using an interface provided by the Library.
+
+ A "Combined Work" is a work produced by combining or linking an
+Application with the Library. The particular version of the Library
+with which the Combined Work was made is also called the "Linked
+Version".
+
+ The "Minimal Corresponding Source" for a Combined Work means the
+Corresponding Source for the Combined Work, excluding any source code
+for portions of the Combined Work that, considered in isolation, are
+based on the Application, and not on the Linked Version.
+
+ The "Corresponding Application Code" for a Combined Work means the
+object code and/or source code for the Application, including any data
+and utility programs needed for reproducing the Combined Work from the
+Application, but excluding the System Libraries of the Combined Work.
+
+ 1. Exception to Section 3 of the GNU GPL.
+
+ You may convey a covered work under sections 3 and 4 of this License
+without being bound by section 3 of the GNU GPL.
+
+ 2. Conveying Modified Versions.
+
+ If you modify a copy of the Library, and, in your modifications, a
+facility refers to a function or data to be supplied by an Application
+that uses the facility (other than as an argument passed when the
+facility is invoked), then you may convey a copy of the modified
+version:
+
+ a) under this License, provided that you make a good faith effort to
+ ensure that, in the event an Application does not supply the
+ function or data, the facility still operates, and performs
+ whatever part of its purpose remains meaningful, or
+
+ b) under the GNU GPL, with none of the additional permissions of
+ this License applicable to that copy.
+
+ 3. Object Code Incorporating Material from Library Header Files.
+
+ The object code form of an Application may incorporate material from
+a header file that is part of the Library. You may convey such object
+code under terms of your choice, provided that, if the incorporated
+material is not limited to numerical parameters, data structure
+layouts and accessors, or small macros, inline functions and templates
+(ten or fewer lines in length), you do both of the following:
+
+ a) Give prominent notice with each copy of the object code that the
+ Library is used in it and that the Library and its use are
+ covered by this License.
+
+ b) Accompany the object code with a copy of the GNU GPL and this license
+ document.
+
+ 4. Combined Works.
+
+ You may convey a Combined Work under terms of your choice that,
+taken together, effectively do not restrict modification of the
+portions of the Library contained in the Combined Work and reverse
+engineering for debugging such modifications, if you also do each of
+the following:
+
+ a) Give prominent notice with each copy of the Combined Work that
+ the Library is used in it and that the Library and its use are
+ covered by this License.
+
+ b) Accompany the Combined Work with a copy of the GNU GPL and this license
+ document.
+
+ c) For a Combined Work that displays copyright notices during
+ execution, include the copyright notice for the Library among
+ these notices, as well as a reference directing the user to the
+ copies of the GNU GPL and this license document.
+
+ d) Do one of the following:
+
+ 0) Convey the Minimal Corresponding Source under the terms of this
+ License, and the Corresponding Application Code in a form
+ suitable for, and under terms that permit, the user to
+ recombine or relink the Application with a modified version of
+ the Linked Version to produce a modified Combined Work, in the
+ manner specified by section 6 of the GNU GPL for conveying
+ Corresponding Source.
+
+ 1) Use a suitable shared library mechanism for linking with the
+ Library. A suitable mechanism is one that (a) uses at run time
+ a copy of the Library already present on the user's computer
+ system, and (b) will operate properly with a modified version
+ of the Library that is interface-compatible with the Linked
+ Version.
+
+ e) Provide Installation Information, but only if you would otherwise
+ be required to provide such information under section 6 of the
+ GNU GPL, and only to the extent that such information is
+ necessary to install and execute a modified version of the
+ Combined Work produced by recombining or relinking the
+ Application with a modified version of the Linked Version. (If
+ you use option 4d0, the Installation Information must accompany
+ the Minimal Corresponding Source and Corresponding Application
+ Code. If you use option 4d1, you must provide the Installation
+ Information in the manner specified by section 6 of the GNU GPL
+ for conveying Corresponding Source.)
+
+ 5. Combined Libraries.
+
+ You may place library facilities that are a work based on the
+Library side by side in a single library together with other library
+facilities that are not Applications and are not covered by this
+License, and convey such a combined library under terms of your
+choice, if you do both of the following:
+
+ a) Accompany the combined library with a copy of the same work based
+ on the Library, uncombined with any other library facilities,
+ conveyed under the terms of this License.
+
+ b) Give prominent notice with the combined library that part of it
+ is a work based on the Library, and explaining where to find the
+ accompanying uncombined form of the same work.
+
+ 6. Revised Versions of the GNU Lesser General Public License.
+
+ The Free Software Foundation may publish revised and/or new versions
+of the GNU Lesser General Public License from time to time. Such new
+versions will be similar in spirit to the present version, but may
+differ in detail to address new problems or concerns.
+
+ Each version is given a distinguishing version number. If the
+Library as you received it specifies that a certain numbered version
+of the GNU Lesser General Public License "or any later version"
+applies to it, you have the option of following the terms and
+conditions either of that published version or of any later version
+published by the Free Software Foundation. If the Library as you
+received it does not specify a version number of the GNU Lesser
+General Public License, you may choose any version of the GNU Lesser
+General Public License ever published by the Free Software Foundation.
+
+ If the Library as you received it specifies that a proxy can decide
+whether future versions of the GNU Lesser General Public License shall
+apply, that proxy's public statement of acceptance of any version is
+permanent authorization for you to choose that version for the
+Library.
diff --git a/moon-abe/pbc-0.5.14/INSTALL b/moon-abe/pbc-0.5.14/INSTALL
new file mode 100644
index 00000000..84180c78
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/INSTALL
@@ -0,0 +1,15 @@
+INSTALLING THE PBC LIBRARY
+==========================
+
+The PBC library needs the GMP library, which can be found at
+
+ http://www.swox.com/gmp/
+
+This build system has been tested and works on Linux and Mac OS X with a
+fink installation. You may need to specify paths via LDFLAGS and
+CPPFLAGS if libraries are located in places other than the default
+assumed in configure.ac. See ./configure --help for more information.
+
+./configure
+make
+make install
diff --git a/moon-abe/pbc-0.5.14/Makefile.am b/moon-abe/pbc-0.5.14/Makefile.am
new file mode 100644
index 00000000..ee252596
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/Makefile.am
@@ -0,0 +1,88 @@
+SUBDIRS = . example gen
+
+SO_VERSION = 1:0:0
+
+ChangeLog :
+ git log > ChangeLog
+
+ACLOCAL_AMFLAGS = -I m4
+CLEANFILES = *~
+maintainer-clean-local:
+ -rm -rf Makefile.in depcomp ltmain.sh config.h.in configure compile config.guess config.sub \
+ missing install-sh autom4te.cache aclocal.m4 tmp
+
+lib_LTLIBRARIES = libpbc.la
+
+# this should really be a versioned dir, i.e., $(includedir)/pbc-0.5.0
+library_includedir = $(includedir)/pbc
+library_include_HEADERS = include/pbc_a1_param.h \
+include/pbc_a_param.h \
+include/pbc_curve.h \
+include/pbc_d_param.h \
+include/pbc_e_param.h \
+include/pbc_field.h \
+include/pbc_multiz.h \
+include/pbc_z.h \
+include/pbc_fieldquadratic.h \
+include/pbc_f_param.h \
+include/pbc_g_param.h \
+include/pbc_i_param.h \
+include/pbc_fp.h \
+include/pbc_ternary_extension_field.h \
+include/pbc.h \
+include/pbc_hilbert.h \
+include/pbc_memory.h \
+include/pbc_mnt.h \
+include/pbc_pairing.h \
+include/pbc_param.h \
+include/pbc_poly.h \
+include/pbc_random.h \
+include/pbc_singular.h \
+include/pbc_test.h \
+include/pbc_utils.h
+
+libpbc_la_CPPFLAGS = -Iinclude
+libpbc_la_SOURCES = arith/field.c arith/z.c \
+ arith/naivefp.c arith/fastfp.c \
+ arith/fp.c arith/fasterfp.c arith/montfp.c \
+ arith/ternary_extension_field.c \
+ arith/multiz.c \
+ arith/dlog.c \
+ arith/fieldquadratic.c arith/poly.c \
+ arith/random.c arith/init_random.c \
+ misc/darray.c misc/symtab.c misc/get_time.c \
+ misc/utils.c misc/memory.c misc/extend_printf.c \
+ ecc/mpc.c ecc/mnt.c ecc/hilbert.c ecc/curve.c ecc/pairing.c \
+ ecc/singular.c \
+ ecc/eta_T_3.c \
+ ecc/param.c ecc/a_param.c ecc/d_param.c ecc/e_param.c \
+ ecc/f_param.c ecc/g_param.c
+libpbc_la_LDFLAGS = -lgmp -lm -version-info $(SO_VERSION) $(PBC_LDFLAGS) $(LIBPBC_LDFLAGS)
+
+# LDADD is fallback of program_LDADD
+# explicit "-lgmp" fixes error of "undefined reference to GMP symbol"
+# explicit "-lm" fixes error of "undefined reference to libm symbol"
+LDADD = libpbc.la -lgmp -lm
+noinst_PROGRAMS = pbc/pbc benchmark/benchmark benchmark/timersa benchmark/ellnet
+noinst_PROGRAMS += guru/fp_test guru/quadratic_test guru/poly_test guru/prodpairing_test
+noinst_PROGRAMS += guru/ternary_extension_field_test guru/eta_T_3_test
+pbc_pbc_CPPFLAGS = -I include
+pbc_pbc_SOURCES = pbc/parser.tab.c pbc/lex.yy.c pbc/pbc.c pbc/pbc_getline.c misc/darray.c misc/symtab.c
+benchmark_benchmark_CPPFLAGS = -I include
+benchmark_benchmark_SOURCES = benchmark/benchmark.c
+benchmark_timersa_CPPFLAGS = -I include
+benchmark_timersa_SOURCES = benchmark/timersa.c
+benchmark_ellnet_CPPFLAGS = -I include
+benchmark_ellnet_SOURCES = benchmark/ellnet.c
+guru_fp_test_CPPFLAGS = -I include
+guru_fp_test_SOURCES = guru/fp_test.c
+guru_quadratic_test_CPPFLAGS = -I include
+guru_quadratic_test_SOURCES = guru/quadratic_test.c
+guru_poly_test_CPPFLAGS = -I include
+guru_poly_test_SOURCES = $(libpbc_la_SOURCES) guru/poly_test.c
+guru_prodpairing_test_CPPFLAGS = -I include
+guru_prodpairing_test_SOURCES = guru/prodpairing_test.c
+guru_ternary_extension_field_test_CPPFLAGS = -I include
+guru_ternary_extension_field_test_SOURCES = guru/ternary_extension_field_test.c
+guru_eta_T_3_test_CPPFLAGS = -I include
+guru_eta_T_3_test_SOURCES = guru/eta_T_3_test.c
diff --git a/moon-abe/pbc-0.5.14/NEWS b/moon-abe/pbc-0.5.14/NEWS
new file mode 100644
index 00000000..4c08dae8
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/NEWS
@@ -0,0 +1,121 @@
+The PBC pairing-based cryptography library. See COPYING for license.
+
+Ben Lynn
+
+Changes between PBC version 0.5.14 and 0.5.13
+
+* Eta pairing (type I), by Homer Hsing
+
+Changes between PBC version 0.5.13 and 0.5.12
+
+* Many thanks to Homer Hsing for volunteering to maintain this library.
+* Flattened nested functions.
+* Bugfix for test script.
+
+Changes between PBC version 0.5.12 and 0.5.11
+
+* Fixed a parsing bug reported by Michael Adjedj.
+
+Changes between PBC version 0.5.11 and 0.5.10
+
+* Support native win32 compilation via autotools. Thanks to Michael Rushanan.
+
+Changes between PBC version 0.5.10 and 0.5.9
+
+* pairing_init_pbc_param() fix thanks to Michael Adjedj.
+
+Changes between PBC version 0.5.9 and 0.5.8
+
+* Bugfix thanks to Michael Adjedj.
+* Reduce high exponents for exponentiations in finite groups.
+
+Changes between PBC version 0.5.8 and 0.5.7
+
+* Changed the license to LGPL.
+
+Changes between PBC version 0.5.7 and 0.5.6
+
+* Faster multi-pairing (product of pairings) for A, A1, and D pairings.
+ Contributed by Zhang Ye.
+* New API functions element_pairing() and element_prod_pairing().
+
+Changes between PBC version 0.5.6 and 0.5.5
+
+* Projective coordinates for A1 pairings. Contributed by Zhang Ye.
+* Bugfix for affine coordinates for A pairings. Contributed by Zhang Ye.
+* Optionally suppress error messages. Based on code by Geremy Condra.
+
+Changes between PBC version 0.5.5 and 0.5.4
+
+* Fixed bug reported by Zhang Ye: comparisons with the identity element in the
+ input groups was broken.
+* Fixed bug reported by Mario Di Raimondo: comparisons in G2 for some pairing
+ types were broken. (Different representatives of the same coset are now
+ considered equal.)
+
+Changes between PBC version 0.5.4 and 0.5.3
+
+* Accessors for coordinates of points and coefficients of polynomials.
+
+Changes between PBC version 0.5.3 and 0.5.2
+
+* Revamped pairing-based calculator.
+
+Changes between PBC version 0.5.2 and 0.5.1
+
+* Fixed pbc_param_set_str().
+* Add DLL to Windows release.
+
+Changes between PBC version 0.5.1 and 0.5.0
+
+* Fixed pbc_param_t parsing bugs, and added error detection.
+* Increased buffer size in pbc_demo_pairing_init() so the sample parameters
+ actually work.
+
+== New in PBC 0.5.0 ==
+
+The largest changes involve pairing initialization and pairing parameters.
+
+For pairing initialization, supply a buffer containing pairing parameters
+instead of a `FILE *` stream. For example, rather than:
+
+ pairing_init_inp_str(pairing, stdin);
+
+write something like:
+
+ char s[1024];
+ size_t count = fread(s, 1, 1024, stdin);
+ if (!count) pbc_die("input error");
+ if (pairing_init_set_buf(pairing, s, count)) pbc_die("pairing init failed");
+
+For file reads, personally I like to use mmap() which suits
+pairing_init_set_buf().
+
+The `pbc_param_t` data type for pairing parameters replaces `a_param_t`, ...,
+`g_param_t`. Having the same data type for all pairing parameter types
+simplifies the library, though some functions had to be changed slightly.
+
+At last, one can initialize a `pairing_t` from a `pbc_param_t`:
+
+ pairing_t p;
+ pbc_param_t par;
+ pbc_param_init_a_gen(par, 160, 512);
+ pairing_init_pbc_param(p, par);
+ pbc_param_clear(par);
+
+=== Minor differences ===
+
+I trimmed the API. The file stream operations are gone. I removed the
+fetch_ops_t and tracker_t types: the standard C library already provides
+routines for reading from disk to memory.
+
+I refactored to avoid exposing `symtab_t` and `darray_t`, and undocumented
+routines such as `poly_alloc()`. I mostly preserved the headers that define
+these functions, but they are no longer included by `pbc.h`.
+
+I replaced the CMake files with `simple.make`, which I use during development,
+though I test the autotools build before release.
+
+To reduce symbol pollution, all official functions and variables of the PBC
+now start with `pbc_`, `field_`, `element_` or `pairing_`. Other names mostly
+have hidden visibility in a shared library. Watch out for renamed functions.
diff --git a/moon-abe/pbc-0.5.14/README b/moon-abe/pbc-0.5.14/README
new file mode 100644
index 00000000..c55cac60
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/README
@@ -0,0 +1,20 @@
+THE PBC LIBARY
+
+The PBC (Pairing-Based Crypto) library is a C library providing low-level
+routines for pairing-based cryptosystems. It provides an interface for
+cyclic groups and a bilinear pairing defined on them that are thought to
+be cryptographically secure. The interface abstracts the mathematical details
+away from the programmer, so no knowledge of elliptic curves is needed to use
+the library.
+
+The PBC library also contains routines to generate curves suitable for use
+in a bilinear pairing.
+
+See the online manual for more information. The DocBook source files that
+are used to create the manual are in the doc/ subdirectory.
+
+The PBC library is released under the GNU General Public License. See the
+file COPYING for details.
+
+------------------------------------------------------------------------------
+Ben Lynn <blynn@cs.stanford.edu>
diff --git a/moon-abe/pbc-0.5.14/announce b/moon-abe/pbc-0.5.14/announce
new file mode 100644
index 00000000..c13b2b95
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/announce
@@ -0,0 +1,8 @@
+#!/bin/bash
+VER=`grep AC_INIT configure.ac | sed 's/.*\[\([0-9]*\.[0-9]*\.[0-9]*\)\].*/\1/'`
+echo PBC $VER Released
+echo 'The new release is available at
+ http://crypto.stanford.edu/pbc/
+'
+sed -n '/^Changes between PBC version '$VER'/,/^Changes/p' < NEWS | sed '$c \
+-Ben'
diff --git a/moon-abe/pbc-0.5.14/arith/dlog.c b/moon-abe/pbc-0.5.14/arith/dlog.c
new file mode 100644
index 00000000..f77df1b7
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/arith/dlog.c
@@ -0,0 +1,187 @@
+// Brute force and Pollard rho discrete log algorithms.
+
+#include <stdarg.h>
+#include <stdint.h> // for intptr_t
+#include <stdio.h>
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_memory.h"
+#include "misc/darray.h"
+
+struct snapshot_s {
+ element_t a;
+ element_t b;
+ element_t snark;
+};
+typedef struct snapshot_s *snapshot_ptr;
+
+static void record(element_t asum, element_t bsum, element_t snark,
+ darray_t hole, mpz_t counter) {
+ snapshot_ptr ss = pbc_malloc(sizeof(struct snapshot_s));
+ element_init_same_as(ss->a, asum);
+ element_init_same_as(ss->b, bsum);
+ element_init_same_as(ss->snark, snark);
+ element_set(ss->a, asum);
+ element_set(ss->b, bsum);
+ element_set(ss->snark, snark);
+ darray_append(hole, ss);
+ element_printf("snark %Zd: %B\n", counter, snark);
+}
+
+// g, h in some group of order r
+// finds x such that g^x = h
+// will hang if no such x exists
+// x in some field_t that set_mpz makes sense for
+void element_dlog_brute_force(element_t x, element_t g, element_t h) {
+ element_t g0;
+ mpz_t count;
+
+ mpz_init(count);
+ element_init_same_as(g0, g);
+
+ element_set(g0, g);
+ mpz_set_ui(count, 1);
+ while (element_cmp(g0, h)) {
+ element_mul(g0, g0, g);
+//element_printf("g0^%Zd = %B\n", count, g0);
+ mpz_add_ui(count, count, 1);
+ }
+ element_set_mpz(x, count);
+ mpz_clear(count);
+ element_clear(g0);
+}
+
+// x in Z_r, g, h in some group of order r
+// finds x such that g^x = h
+void element_dlog_pollard_rho(element_t x, element_t g, element_t h) {
+// see Blake, Seroussi and Smart
+// only one snark for this implementation
+ int i, s = 20;
+ field_ptr Zr = x->field, G = g->field;
+ element_t asum;
+ element_t bsum;
+ element_t a[s];
+ element_t b[s];
+ element_t m[s];
+ element_t g0, snark;
+ darray_t hole;
+ int interval = 5;
+ mpz_t counter;
+ int found = 0;
+
+ mpz_init(counter);
+ element_init(g0, G);
+ element_init(snark, G);
+ element_init(asum, Zr);
+ element_init(bsum, Zr);
+ darray_init(hole);
+ //set up multipliers
+ for (i = 0; i < s; i++) {
+ element_init(a[i], Zr);
+ element_init(b[i], Zr);
+ element_init(m[i], G);
+ element_random(a[i]);
+ element_random(b[i]);
+ element_pow_zn(g0, g, a[i]);
+ element_pow_zn(m[i], h, b[i]);
+ element_mul(m[i], m[i], g0);
+ }
+
+ element_random(asum);
+ element_random(bsum);
+ element_pow_zn(g0, g, asum);
+ element_pow_zn(snark, h, bsum);
+ element_mul(snark, snark, g0);
+
+ record(asum, bsum, snark, hole, counter);
+ for (;;) {
+ int len = element_length_in_bytes(snark);
+ unsigned char *buf = pbc_malloc(len);
+ unsigned char hash = 0;
+
+ element_to_bytes(buf, snark);
+ for (i = 0; i < len; i++) {
+ hash += buf[i];
+ }
+ i = hash % s;
+ pbc_free(buf);
+
+ element_mul(snark, snark, m[i]);
+ element_add(asum, asum, a[i]);
+ element_add(bsum, bsum, b[i]);
+
+ for (i = 0; i < hole->count; i++) {
+ snapshot_ptr ss = hole->item[i];
+ if (!element_cmp(snark, ss->snark)) {
+ element_sub(bsum, bsum, ss->b);
+ element_sub(asum, ss->a, asum);
+ //answer is x such that x * bsum = asum
+ //complications arise if gcd(bsum, r) > 1
+ //which can happen if r is not prime
+ if (!mpz_probab_prime_p(Zr->order, 10)) {
+ mpz_t za, zb, zd, zm;
+
+ mpz_init(za);
+ mpz_init(zb);
+ mpz_init(zd);
+ mpz_init(zm);
+
+ element_to_mpz(za, asum);
+ element_to_mpz(zb, bsum);
+ mpz_gcd(zd, zb, Zr->order);
+ mpz_divexact(zm, Zr->order, zd);
+ mpz_divexact(zb, zb, zd);
+ //if zd does not divide za there is no solution
+ mpz_divexact(za, za, zd);
+ mpz_invert(zb, zb, zm);
+ mpz_mul(zb, za, zb);
+ mpz_mod(zb, zb, zm);
+ do {
+ element_pow_mpz(g0, g, zb);
+ if (!element_cmp(g0, h)) {
+ element_set_mpz(x, zb);
+ break;
+ }
+ mpz_add(zb, zb, zm);
+ mpz_sub_ui(zd, zd, 1);
+ } while (mpz_sgn(zd));
+ mpz_clear(zm);
+ mpz_clear(za);
+ mpz_clear(zb);
+ mpz_clear(zd);
+ } else {
+ element_div(x, asum, bsum);
+ }
+ found = 1;
+ break;
+ }
+ }
+ if (found) break;
+
+ mpz_add_ui(counter, counter, 1);
+ if (mpz_tstbit(counter, interval)) {
+ record(asum, bsum, snark, hole, counter);
+ interval++;
+ }
+ }
+
+ for (i = 0; i < s; i++) {
+ element_clear(a[i]);
+ element_clear(b[i]);
+ element_clear(m[i]);
+ }
+ element_clear(g0);
+ element_clear(snark);
+ for (i = 0; i < hole->count; i++) {
+ snapshot_ptr ss = hole->item[i];
+ element_clear(ss->a);
+ element_clear(ss->b);
+ element_clear(ss->snark);
+ pbc_free(ss);
+ }
+ darray_clear(hole);
+ element_clear(asum);
+ element_clear(bsum);
+ mpz_clear(counter);
+}
diff --git a/moon-abe/pbc-0.5.14/arith/fasterfp.c b/moon-abe/pbc-0.5.14/arith/fasterfp.c
new file mode 100644
index 00000000..5ce8243a
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/arith/fasterfp.c
@@ -0,0 +1,546 @@
+// Naive implementation of F_p.
+// It uses lowlevel GMP routines (mpn_* functions) like fastfp.c, but also
+// has a flag for the value 0, avoiding many memsets.
+//
+// I'm thinking of using the flag to also represent 1, -1,
+// but that complicates the logic even more, and I believe I need more
+// control than GMP is willing to give in order to avoid expensive
+// checks for 1, -1 everywhere.
+//
+// NOTE: does not work for moduli of the form:
+// 2^(something * 8 * sizeof(mp_limb_t))
+// See comments in add, double code.
+// (This kind of integer mod ring deserves its own implementation anyway.)
+
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h>
+#include <string.h>
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_random.h"
+#include "pbc_fp.h"
+#include "pbc_memory.h"
+
+struct fp_field_data_s {
+ size_t limbs;
+ size_t bytes;
+ mp_limb_t *primelimbs;
+};
+typedef struct fp_field_data_s fp_field_data_t[1];
+typedef struct fp_field_data_s *fp_field_data_ptr;
+
+struct data_s {
+ int flag;
+ mp_limb_t *d;
+};
+typedef struct data_s *dataptr;
+
+static void fp_init(element_ptr e) {
+ fp_field_data_ptr p = e->field->data;
+ dataptr dp = e->data = pbc_malloc(sizeof(struct data_s));
+ dp->flag = 0;
+ dp->d = pbc_malloc(p->bytes);
+}
+
+static void fp_clear(element_ptr e) {
+ dataptr dp = e->data;
+ pbc_free(dp->d);
+ pbc_free(e->data);
+}
+
+//assumes z is nonzero
+static inline void from_mpz(element_ptr e, mpz_ptr z) {
+ fp_field_data_ptr p = e->field->data;
+ size_t count;
+ dataptr dp = e->data;
+ mpz_export(dp->d, &count, -1, sizeof(mp_limb_t), 0, 0, z);
+ memset((void *) (((unsigned char *) dp->d) + count * sizeof(mp_limb_t)),
+ 0, (p->limbs - count) * sizeof(mp_limb_t));
+}
+
+static void fp_set_mpz(element_ptr e, mpz_ptr z) {
+ dataptr dp = e->data;
+ if (!mpz_sgn(z)) {
+ dp->flag = 0;
+ } else {
+ mpz_t tmp;
+ mpz_init(tmp);
+ mpz_mod(tmp, z, e->field->order);
+ from_mpz(e, tmp);
+ mpz_clear(tmp);
+ dp->flag = 2;
+ }
+}
+
+static void fp_set_si(element_ptr e, signed long int op) {
+ dataptr dp = e->data;
+ if (!op) {
+ dp->flag = 0;
+ } else {
+ const fp_field_data_ptr p = e->field->data;
+ const size_t t = p->limbs;
+ if (op < 0) {
+ mpn_sub_1(dp->d, p->primelimbs, t, -op);
+ } else {
+ dp->d[0] = op;
+ memset(&dp->d[1], 0, sizeof(mp_limb_t) * (t - 1));
+ }
+ dp->flag = 2;
+ }
+}
+
+static void fp_to_mpz(mpz_ptr z, element_ptr e) {
+ dataptr dp = e->data;
+ if (!dp->flag) {
+ mpz_set_ui(z, 0);
+ } else {
+ fp_field_data_ptr p = e->field->data;
+ mpz_import(z, p->limbs, -1, sizeof(mp_limb_t), 0, 0, dp->d);
+ }
+}
+
+static void fp_set0(element_ptr e) {
+ dataptr dp = e->data;
+ dp->flag = 0;
+}
+
+static void fp_set1(element_ptr e) {
+ fp_field_data_ptr p = e->field->data;
+ dataptr dp = e->data;
+ dp->flag = 2;
+ memset(&dp->d[1], 0, p->bytes - sizeof(mp_limb_t));
+ dp->d[0] = 1;
+}
+
+static int fp_is1(element_ptr e) {
+ dataptr dp = e->data;
+ if (!dp->flag) return 0;
+ else {
+ fp_field_data_ptr p = e->field->data;
+ size_t i, t = p->limbs;
+ if (dp->d[0] != 1) return 0;
+ for (i = 1; i < t; i++) if (dp->d[i]) return 0;
+ return 1;
+ }
+}
+
+static int fp_is0(element_ptr e) {
+ dataptr dp = e->data;
+ return !dp->flag;
+}
+
+static size_t fp_out_str(FILE * stream, int base, element_ptr e) {
+ size_t result;
+ mpz_t z;
+ mpz_init(z);
+ fp_to_mpz(z, e);
+ result = mpz_out_str(stream, base, z);
+ mpz_clear(z);
+ return result;
+}
+
+static void fp_set(element_ptr c, element_ptr a) {
+ dataptr ad = a->data;
+ dataptr cd = c->data;
+ if (a == c) return;
+ if (!ad->flag) {
+ cd->flag = 0;
+ } else {
+ fp_field_data_ptr p = a->field->data;
+
+ //Assembly is faster here, but I don't want to stoop to that level.
+ //Instead of calling slower memcpy, wrap stuff so that GMP assembly
+ //gets called.
+ /*
+ memcpy(cd->d, ad->d, p->bytes);
+ */
+ mpz_t z1, z2;
+ z1->_mp_d = cd->d;
+ z2->_mp_d = ad->d;
+ z1->_mp_size = z1->_mp_alloc = z2->_mp_size = z2->_mp_alloc = p->limbs;
+ mpz_set(z1, z2);
+
+ cd->flag = 2;
+ }
+}
+
+static void fp_add(element_ptr c, element_ptr a, element_ptr b) {
+ dataptr ad = a->data, bd = b->data;
+
+ if (!ad->flag) {
+ fp_set(c, b);
+ } else if (!bd->flag) {
+ fp_set(c, a);
+ } else {
+ dataptr cd = c->data;
+ fp_field_data_ptr p = a->field->data;
+ const size_t t = p->limbs;
+ mp_limb_t carry;
+ carry = mpn_add_n(cd->d, ad->d, bd->d, t);
+
+ if (carry) {
+ //assumes result of following sub is not zero,
+ //i.e. modulus cannot be 2^(n * bits_per_limb)
+ mpn_sub_n(cd->d, cd->d, p->primelimbs, t);
+ cd->flag = 2;
+ } else {
+ int i = mpn_cmp(cd->d, p->primelimbs, t);
+ if (!i) {
+ cd->flag = 0;
+ } else {
+ cd->flag = 2;
+ if (i > 0) {
+ mpn_sub_n(cd->d, cd->d, p->primelimbs, t);
+ }
+ }
+ }
+ }
+}
+
+static void fp_double(element_ptr c, element_ptr a) {
+ dataptr ad = a->data, cd = c->data;
+ if (!ad->flag) {
+ cd->flag = 0;
+ } else {
+ fp_field_data_ptr p = c->field->data;
+ const size_t t = p->limbs;
+ if (mpn_lshift(cd->d, ad->d, t, 1)) {
+ cd->flag = 2;
+ //again, assumes result is not zero:
+ mpn_sub_n(cd->d, cd->d, p->primelimbs, t);
+ } else {
+ int i = mpn_cmp(cd->d, p->primelimbs, t);
+ if (!i) {
+ cd->flag = 0;
+ } else {
+ cd->flag = 2;
+ if (i > 0) {
+ mpn_sub_n(cd->d, cd->d, p->primelimbs, t);
+ }
+ }
+ }
+ }
+}
+
+static void fp_halve(element_ptr c, element_ptr a) {
+ dataptr ad = a->data, cd = c->data;
+ if (!ad->flag) {
+ cd->flag = 0;
+ } else {
+ fp_field_data_ptr p = c->field->data;
+ const size_t t = p->limbs;
+ int carry = 0;
+ mp_limb_t *alimb = ad->d;
+ mp_limb_t *climb = cd->d;
+ if (alimb[0] & 1) {
+ carry = mpn_add_n(climb, alimb, p->primelimbs, t);
+ } else fp_set(c, a);
+
+ mpn_rshift(climb, climb, t, 1);
+ if (carry) climb[t - 1] |= ((mp_limb_t) 1) << (sizeof(mp_limb_t) * 8 - 1);
+ }
+}
+
+static void fp_neg(element_ptr c, element_ptr a) {
+ dataptr ad = a->data, cd = c->data;
+ if (!ad->flag) cd->flag = 0;
+ else {
+ fp_field_data_ptr p = a->field->data;
+ mpn_sub_n(cd->d, p->primelimbs, ad->d, p->limbs);
+ cd->flag = 2;
+ }
+}
+
+static void fp_sub(element_ptr c, element_ptr a, element_ptr b) {
+ dataptr ad = a->data, bd = b->data;
+
+ if (!ad->flag) {
+ fp_neg(c, b);
+ } else if (!bd->flag) {
+ fp_set(c, a);
+ } else {
+ fp_field_data_ptr p = c->field->data;
+ size_t t = p->limbs;
+ dataptr cd = c->data;
+ int i = mpn_cmp(ad->d, bd->d, t);
+
+ if (i == 0) {
+ cd->flag = 0;
+ } else {
+ cd->flag = 2;
+ mpn_sub_n(cd->d, ad->d, bd->d, t);
+ if (i < 0) {
+ mpn_add_n(cd->d, cd->d, p->primelimbs, t);
+ }
+ }
+ }
+}
+
+static void fp_mul(element_ptr c, element_ptr a, element_ptr b) {
+ dataptr ad = a->data, bd = b->data;
+ dataptr cd = c->data;
+
+ if (!ad->flag || !bd->flag) {
+ cd->flag = 0;
+ } else {
+ fp_field_data_ptr p = c->field->data;
+ size_t t = p->limbs;
+ //mp_limb_t tmp[3 * t + 1];
+ //mp_limb_t *qp = &tmp[2 * t];
+ mp_limb_t tmp[2 * t];
+ mp_limb_t qp[t + 1];
+ //static mp_limb_t tmp[2 * 100];
+ //static mp_limb_t qp[100 + 1];
+
+ mpn_mul_n(tmp, ad->d, bd->d, t);
+
+ mpn_tdiv_qr(qp, cd->d, 0, tmp, 2 * t, p->primelimbs, t);
+ cd->flag = 2;
+ }
+}
+
+static void fp_square(element_ptr c, element_ptr a) {
+ const fp_field_data_ptr p = c->field->data;
+ mpz_t z1, z2;
+ size_t diff;
+ dataptr ad = a->data;
+ dataptr cd = c->data;
+
+ if (!ad->flag) {
+ cd->flag = 0;
+ } else {
+ cd->flag = 2;
+ z1->_mp_d = cd->d;
+ z1->_mp_size = z1->_mp_alloc = p->limbs;
+ if (c == a) {
+ mpz_powm_ui(z1, z1, 2, c->field->order);
+ } else {
+ z2->_mp_d = ad->d;
+ z2->_mp_size = z2->_mp_alloc = p->limbs;
+ mpz_powm_ui(z1, z2, 2, c->field->order);
+ }
+
+ diff = p->limbs - z1->_mp_size;
+ if (diff) memset(&z1->_mp_d[z1->_mp_size], 0, diff * sizeof(mp_limb_t));
+
+ //mpn_sqr_n() might make the code below faster than the code above
+ //but GMP doesn't expose this function
+ /*
+ const fp_field_data_ptr p = c->field->data;
+ const size_t t = p->limbs;
+ mp_limb_t tmp[2 * t];
+ mp_limb_t qp[t + 1];
+
+ mpn_mul_n(tmp, ad->d, ad->d, t);
+
+ mpn_tdiv_qr(qp, cd->d, 0, tmp, 2 * t, p->primelimbs, t);
+ */
+ }
+}
+
+static void fp_mul_si(element_ptr c, element_ptr a, signed long int op) {
+ dataptr ad = a->data;
+ dataptr cd = c->data;
+
+ if (!ad->flag || !op) {
+ cd->flag = 0;
+ } else {
+ cd->flag = 2;
+ fp_field_data_ptr p = a->field->data;
+ size_t t = p->limbs;
+ mp_limb_t tmp[t + 1];
+ mp_limb_t qp[2];
+
+ tmp[t] = mpn_mul_1(tmp, ad->d, t, labs(op));
+ mpn_tdiv_qr(qp, cd->d, 0, tmp, t + 1, p->primelimbs, t);
+ if (op < 0) { //TODO: don't need to check c != 0 this time
+ fp_neg(c, c);
+ }
+ }
+}
+
+static void fp_pow_mpz(element_ptr c, element_ptr a, mpz_ptr op) {
+ dataptr ad = a->data;
+ dataptr cd = c->data;
+ if (!ad->flag) cd->flag = 0;
+ else {
+ mpz_t z;
+ mpz_init(z);
+ fp_to_mpz(z, a);
+ mpz_powm(z, z, op, a->field->order);
+ from_mpz(c, z);
+ mpz_clear(z);
+ cd->flag = 2;
+ }
+}
+
+static void fp_invert(element_ptr c, element_ptr a) {
+ //assumes a is invertible
+ dataptr cd = c->data;
+ mpz_t z;
+ mpz_init(z);
+ fp_to_mpz(z, a);
+ mpz_invert(z, z, a->field->order);
+ from_mpz(c, z);
+ mpz_clear(z);
+ cd->flag = 2;
+}
+
+static void fp_random(element_ptr a) {
+ dataptr ad = a->data;
+ mpz_t z;
+ mpz_init(z);
+ pbc_mpz_random(z, a->field->order);
+ if (mpz_sgn(z)) {
+ from_mpz(a, z);
+ ad->flag = 2;
+ } else {
+ ad->flag = 0;
+ }
+ mpz_clear(z);
+}
+
+static void fp_from_hash(element_ptr a, void *data, int len) {
+ mpz_t z;
+
+ mpz_init(z);
+ pbc_mpz_from_hash(z, a->field->order, data, len);
+ fp_set_mpz(a, z);
+ mpz_clear(z);
+}
+
+static int fp_cmp(element_ptr a, element_ptr b) {
+ dataptr ad = a->data, bd = b->data;
+ if (!ad->flag) {
+ return bd->flag;
+ } else {
+ fp_field_data_ptr p = a->field->data;
+ return mpn_cmp(ad->d, bd->d, p->limbs);
+ //return memcmp(ad->d, bd->d, p->limbs);
+ }
+}
+
+static int fp_sgn_odd(element_ptr a) {
+ dataptr ad = a->data;
+ if (!ad->flag) return 0;
+ return ad->d[0] & 1 ? 1 : -1;
+}
+
+static int fp_sgn_even(element_ptr a) {
+ fp_field_data_ptr p = a->field->data;
+ dataptr ad = a->data;
+ if (!ad->flag) return 0;
+ mp_limb_t sum[p->limbs];
+
+ int carry = mpn_add_n(sum, ad->d, ad->d, p->limbs);
+ if (carry) return 1;
+ return mpn_cmp(sum, p->primelimbs, p->limbs);
+}
+
+
+static int fp_is_sqr(element_ptr a) {
+ dataptr ad = a->data;
+ int res;
+ mpz_t z;
+ mpz_init(z);
+ //0 is a square
+ if (!ad->flag) return 1;
+ fp_to_mpz(z, a);
+ res = mpz_legendre(z, a->field->order) == 1;
+ mpz_clear(z);
+ return res;
+}
+
+static int fp_to_bytes(unsigned char *data, element_t a) {
+ dataptr ad = a->data;
+ int n = a->field->fixed_length_in_bytes;
+ if (!ad->flag) {
+ memset(data, 0, n);
+ } else {
+ mpz_t z;
+
+ mpz_init(z);
+ fp_to_mpz(z, a);
+ pbc_mpz_out_raw_n(data, n, z);
+ mpz_clear(z);
+ }
+ return n;
+}
+
+static int fp_from_bytes(element_t a, unsigned char *data) {
+ dataptr ad = a->data;
+ int n;
+ mpz_t z;
+
+ mpz_init(z);
+
+ n = a->field->fixed_length_in_bytes;
+ mpz_import(z, n, 1, 1, 1, 0, data);
+ if (!mpz_sgn(z)) ad->flag = 0;
+ else {
+ ad->flag = 2;
+ from_mpz(a, z);
+ }
+ mpz_clear(z);
+ return n;
+}
+
+static void fp_out_info(FILE* str, field_ptr f) {
+ element_fprintf(str, "GF(%Zd): zero flag + mpn", f->order);
+}
+
+static void fp_field_clear(field_t f) {
+ fp_field_data_ptr p = f->data;
+ pbc_free(p->primelimbs);
+ pbc_free(p);
+}
+
+void field_init_faster_fp(field_ptr f, mpz_t prime) {
+ PBC_ASSERT(!mpz_fits_ulong_p(prime), "modulus too small");
+ fp_field_data_ptr p;
+ field_init(f);
+ f->init = fp_init;
+ f->clear = fp_clear;
+ f->set_si = fp_set_si;
+ f->set_mpz = fp_set_mpz;
+ f->out_str = fp_out_str;
+ f->add = fp_add;
+ f->sub = fp_sub;
+ f->set = fp_set;
+ f->mul = fp_mul;
+ f->mul_si = fp_mul_si;
+ f->square = fp_square;
+ f->doub = fp_double;
+ f->halve = fp_halve;
+ f->pow_mpz = fp_pow_mpz;
+ f->neg = fp_neg;
+ f->cmp = fp_cmp;
+ f->sign = mpz_odd_p(prime) ? fp_sgn_odd : fp_sgn_even;
+ f->invert = fp_invert;
+ f->random = fp_random;
+ f->from_hash = fp_from_hash;
+ f->is1 = fp_is1;
+ f->is0 = fp_is0;
+ f->set0 = fp_set0;
+ f->set1 = fp_set1;
+ f->is_sqr = fp_is_sqr;
+ f->sqrt = element_tonelli;
+ f->field_clear = fp_field_clear;
+ f->to_bytes = fp_to_bytes;
+ f->from_bytes = fp_from_bytes;
+ f->to_mpz = fp_to_mpz;
+
+ f->out_info = fp_out_info;
+
+ p = f->data = pbc_malloc(sizeof(fp_field_data_t));
+ p->limbs = mpz_size(prime);
+ p->bytes = p->limbs * sizeof(mp_limb_t);
+ p->primelimbs = pbc_malloc(p->bytes);
+ mpz_export(p->primelimbs, &p->limbs, -1, sizeof(mp_limb_t), 0, 0, prime);
+
+ mpz_set(f->order, prime);
+ f->fixed_length_in_bytes = (mpz_sizeinbase(prime, 2) + 7) / 8;
+}
diff --git a/moon-abe/pbc-0.5.14/arith/fastfp.c b/moon-abe/pbc-0.5.14/arith/fastfp.c
new file mode 100644
index 00000000..13c6fb87
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/arith/fastfp.c
@@ -0,0 +1,382 @@
+// Naive implementation of F_p.
+// Uses lowlevel GMP routines (mpn_* functions).
+//
+// Within an element_t, ''data'' field of element holds pointer to array of
+// mp_limb_t, which is allocated on init and freed on clear.
+// Its size is fixed and determined by the number of limbs in the modulus.
+// This simplifies code but is inefficient for storing values like 0 and 1.
+
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h>
+#include <string.h>
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_random.h"
+#include "pbc_fp.h"
+#include "pbc_memory.h"
+
+struct fp_field_data_s {
+ size_t limbs;
+ size_t bytes;
+ mp_limb_t *primelimbs;
+};
+typedef struct fp_field_data_s fp_field_data_t[1];
+typedef struct fp_field_data_s *fp_field_data_ptr;
+
+static void fp_init(element_ptr e) {
+ fp_field_data_ptr p = e->field->data;
+ e->data = pbc_malloc(p->bytes);
+ memset(e->data, 0, p->bytes);
+ // e->data = pbc_calloc(sizeof(mp_limb_t), p->limbs);
+}
+
+static void fp_clear(element_ptr e) {
+ pbc_free(e->data);
+}
+
+static inline void from_mpz(element_ptr e, mpz_ptr z) {
+ fp_field_data_ptr p = e->field->data;
+ size_t count;
+ mpz_export(e->data, &count, -1, sizeof(mp_limb_t), 0, 0, z);
+ memset((void *) (((unsigned char *) e->data) + count * sizeof(mp_limb_t)), 0,
+ (p->limbs - count) * sizeof(mp_limb_t));
+}
+
+static void fp_set_mpz(element_ptr e, mpz_ptr z) {
+ mpz_t tmp;
+ mpz_init(tmp);
+ mpz_mod(tmp, z, e->field->order);
+ from_mpz(e, tmp);
+ mpz_clear(tmp);
+}
+
+static void fp_set_si(element_ptr e, signed long int op) {
+ const fp_field_data_ptr p = e->field->data;
+ const size_t t = p->limbs;
+ mp_limb_t *d = e->data;
+ if (op < 0) {
+ mpn_sub_1(d, p->primelimbs, t, -op);
+ } else {
+ d[0] = op;
+ memset(&d[1], 0, sizeof(mp_limb_t) * (t - 1));
+ }
+}
+
+static void fp_to_mpz(mpz_ptr z, element_ptr a) {
+ fp_field_data_ptr p = a->field->data;
+ mpz_import(z, p->limbs, -1, sizeof(mp_limb_t), 0, 0, a->data);
+}
+
+static void fp_set0(element_ptr e) {
+ fp_field_data_ptr p = e->field->data;
+ memset(e->data, 0, p->bytes);
+}
+
+static void fp_set1(element_ptr e) {
+ fp_field_data_ptr p = e->field->data;
+ mp_limb_t *d = e->data;
+ memset(&d[1], 0, p->bytes - sizeof(mp_limb_t));
+ d[0] = 1;
+}
+
+static int fp_is1(element_ptr e) {
+ fp_field_data_ptr p = e->field->data;
+ size_t i, t = p->limbs;
+ mp_limb_t *d = e->data;
+ if (d[0] != 1) return 0;
+ for (i = 1; i < t; i++) if (d[i]) return 0;
+ return 1;
+}
+
+static int fp_is0(element_ptr e) {
+ fp_field_data_ptr p = e->field->data;
+ size_t i, t = p->limbs;
+ mp_limb_t *d = e->data;
+ for (i = 0; i < t; i++) if (d[i]) return 0;
+ return 1;
+}
+
+static size_t fp_out_str(FILE * stream, int base, element_ptr e) {
+ size_t result;
+ mpz_t z;
+ mpz_init(z);
+ fp_to_mpz(z, e);
+ result = mpz_out_str(stream, base, z);
+ mpz_clear(z);
+ return result;
+}
+
+static void fp_add(element_ptr r, element_ptr a, element_ptr b) {
+ fp_field_data_ptr p = r->field->data;
+ const size_t t = p->limbs;
+ mp_limb_t carry;
+ carry = mpn_add_n(r->data, a->data, b->data, t);
+
+ if (carry || mpn_cmp(r->data, p->primelimbs, t) >= 0) {
+ mpn_sub_n(r->data, r->data, p->primelimbs, t);
+ }
+}
+
+static void fp_double(element_ptr r, element_ptr a) {
+ fp_field_data_ptr p = r->field->data;
+ const size_t t = p->limbs;
+ if (mpn_lshift(r->data, a->data, t, 1)
+ || mpn_cmp(r->data, p->primelimbs, t) >= 0) {
+ mpn_sub_n(r->data, r->data, p->primelimbs, t);
+ }
+}
+
+static void fp_set(element_ptr c, element_ptr a) {
+ fp_field_data_ptr p = a->field->data;
+ if (c == a) return;
+
+ // Assembly is faster here, but I don't want to stoop to that level.
+ // Instead of calling slower memcpy, wrap stuff so that GMP assembly
+ // gets called.
+ /*
+ memcpy(c->data, a->data, p->bytes);
+ */
+ mpz_t z1, z2;
+ z1->_mp_d = c->data;
+ z2->_mp_d = a->data;
+ z1->_mp_size = z1->_mp_alloc = z2->_mp_size = z2->_mp_alloc = p->limbs;
+ mpz_set(z1, z2);
+}
+
+static void fp_halve(element_ptr r, element_ptr a) {
+ fp_field_data_ptr p = r->field->data;
+ const size_t t = p->limbs;
+ int carry = 0;
+ mp_limb_t *alimb = a->data;
+ mp_limb_t *rlimb = r->data;
+ if (alimb[0] & 1) carry = mpn_add_n(rlimb, alimb, p->primelimbs, t);
+ else fp_set(r, a);
+
+ mpn_rshift(rlimb, rlimb, t, 1);
+ if (carry) rlimb[t - 1] |= ((mp_limb_t) 1) << (sizeof(mp_limb_t) * 8 - 1);
+}
+
+static void fp_sub(element_ptr r, element_ptr a, element_ptr b) {
+ fp_field_data_ptr p = r->field->data;
+ size_t t = p->limbs;
+ if (mpn_sub_n(r->data, a->data, b->data, t)) {
+ mpn_add_n(r->data, r->data, p->primelimbs, t);
+ }
+}
+
+static void fp_mul(element_ptr c, element_ptr a, element_ptr b) {
+ fp_field_data_ptr p = c->field->data;
+ size_t t = p->limbs;
+ //mp_limb_t tmp[3 * t + 1];
+ //mp_limb_t *qp = &tmp[2 * t];
+ mp_limb_t tmp[2 * t];
+ mp_limb_t qp[t + 1];
+ //static mp_limb_t tmp[2 * 100];
+ //static mp_limb_t qp[100 + 1];
+
+ mpn_mul_n(tmp, a->data, b->data, t);
+
+ mpn_tdiv_qr(qp, c->data, 0, tmp, 2 * t, p->primelimbs, t);
+}
+
+static void fp_square(element_ptr c, element_ptr a) {
+ const fp_field_data_ptr r = c->field->data;
+ mpz_t z1, z2;
+ size_t diff;
+
+ z1->_mp_d = c->data;
+ z1->_mp_size = z1->_mp_alloc = r->limbs;
+ if (c == a) {
+ mpz_powm_ui(z1, z1, 2, c->field->order);
+ } else {
+ z2->_mp_d = a->data;
+ z2->_mp_size = z2->_mp_alloc = r->limbs;
+ mpz_powm_ui(z1, z2, 2, c->field->order);
+ }
+
+ diff = r->limbs - z1->_mp_size;
+ if (diff) memset(&z1->_mp_d[z1->_mp_size], 0, diff * sizeof(mp_limb_t));
+
+ //mpn_sqr_n() might make the code below faster than the code above
+ //but GMP doesn't expose this function
+ /*
+ const fp_field_data_ptr r = c->field->data;
+ const size_t t = r->limbs;
+ mp_limb_t tmp[2 * t];
+ mp_limb_t qp[t + 1];
+
+ mpn_mul_n(tmp, a->data, a->data, t);
+
+ mpn_tdiv_qr(qp, c->data, 0, tmp, 2 * t, r->primelimbs, t);
+ */
+}
+
+static void fp_neg(element_ptr n, element_ptr a) {
+ if (fp_is0(a)) {
+ fp_set0(n);
+ } else {
+ fp_field_data_ptr p = a->field->data;
+ mpn_sub_n(n->data, p->primelimbs, a->data, p->limbs);
+ }
+}
+
+static void fp_mul_si(element_ptr e, element_ptr a, signed long int op) {
+ fp_field_data_ptr p = e->field->data;
+ size_t t = p->limbs;
+ mp_limb_t tmp[t + 1];
+ mp_limb_t qp[2];
+
+ tmp[t] = mpn_mul_1(tmp, a->data, t, labs(op));
+ mpn_tdiv_qr(qp, e->data, 0, tmp, t + 1, p->primelimbs, t);
+ if (op < 0) {
+ fp_neg(e, e);
+ }
+}
+
+static void fp_pow_mpz(element_ptr c, element_ptr a, mpz_ptr op) {
+ mpz_t z;
+ mpz_init(z);
+ fp_to_mpz(z, a);
+ mpz_powm(z, z, op, c->field->order);
+ from_mpz(c, z);
+ mpz_clear(z);
+}
+
+static void fp_invert(element_ptr e, element_ptr a) {
+ mpz_t z;
+ mpz_init(z);
+ fp_to_mpz(z, a);
+ mpz_invert(z, z, e->field->order);
+ from_mpz(e, z);
+ mpz_clear(z);
+}
+
+static void fp_random(element_ptr a) {
+ mpz_t z;
+ mpz_init(z);
+ pbc_mpz_random(z, a->field->order);
+ from_mpz(a, z);
+ mpz_clear(z);
+}
+
+static void fp_from_hash(element_ptr a, void *data, int len) {
+ mpz_t z;
+
+ mpz_init(z);
+ pbc_mpz_from_hash(z, a->field->order, data, len);
+ fp_set_mpz(a, z);
+ mpz_clear(z);
+}
+
+static int fp_cmp(element_ptr a, element_ptr b) {
+ fp_field_data_ptr p = a->field->data;
+ return mpn_cmp(a->data, b->data, p->limbs);
+ //return memcmp(a->data, b->data, p->limbs);
+}
+
+static int fp_sgn_odd(element_ptr a) {
+ if (fp_is0(a)) return 0;
+ mp_limb_t *lp = a->data;
+ return lp[0] & 1 ? 1 : -1;
+}
+
+static int fp_sgn_even(element_ptr a) {
+ fp_field_data_ptr p = a->field->data;
+ if (fp_is0(a)) return 0;
+ mp_limb_t sum[p->limbs];
+
+ int carry = mpn_add_n(sum, a->data, a->data, p->limbs);
+ if (carry) return 1;
+ return mpn_cmp(sum, p->primelimbs, p->limbs);
+}
+
+static int fp_is_sqr(element_ptr a) {
+ int res;
+ mpz_t z;
+ mpz_init(z);
+ //0 is a square
+ if (fp_is0(a)) return 1;
+ fp_to_mpz(z, a);
+ res = mpz_legendre(z, a->field->order) == 1;
+ mpz_clear(z);
+ return res;
+}
+
+static int fp_to_bytes(unsigned char *data, element_t e) {
+ mpz_t z;
+ int n;
+
+ mpz_init(z);
+ fp_to_mpz(z, e);
+ n = e->field->fixed_length_in_bytes;
+ pbc_mpz_out_raw_n(data, n, z);
+ mpz_clear(z);
+ return n;
+}
+
+static int fp_from_bytes(element_t e, unsigned char *data) {
+ int n;
+ mpz_t z;
+
+ mpz_init(z);
+
+ n = e->field->fixed_length_in_bytes;
+ mpz_import(z, n, 1, 1, 1, 0, data);
+ fp_set_mpz(e, z);
+ mpz_clear(z);
+ return n;
+}
+
+static void fp_field_clear(field_t f) {
+ fp_field_data_ptr p = f->data;
+ pbc_free(p->primelimbs);
+ pbc_free(p);
+}
+
+void field_init_fast_fp(field_ptr f, mpz_t prime) {
+ PBC_ASSERT(!mpz_fits_ulong_p(prime), "modulus too small");
+ fp_field_data_ptr p;
+ field_init(f);
+ f->init = fp_init;
+ f->clear = fp_clear;
+ f->set_si = fp_set_si;
+ f->set_mpz = fp_set_mpz;
+ f->out_str = fp_out_str;
+ f->add = fp_add;
+ f->sub = fp_sub;
+ f->set = fp_set;
+ f->mul = fp_mul;
+ f->mul_si = fp_mul_si;
+ f->square = fp_square;
+ f->doub = fp_double;
+ f->halve = fp_halve;
+ f->pow_mpz = fp_pow_mpz;
+ f->neg = fp_neg;
+ f->cmp = fp_cmp;
+ f->sign = mpz_odd_p(prime) ? fp_sgn_odd : fp_sgn_even;
+ f->invert = fp_invert;
+ f->random = fp_random;
+ f->from_hash = fp_from_hash;
+ f->is1 = fp_is1;
+ f->is0 = fp_is0;
+ f->set0 = fp_set0;
+ f->set1 = fp_set1;
+ f->is_sqr = fp_is_sqr;
+ f->sqrt = element_tonelli;
+ f->field_clear = fp_field_clear;
+ f->to_bytes = fp_to_bytes;
+ f->from_bytes = fp_from_bytes;
+ f->to_mpz = fp_to_mpz;
+
+ p = f->data = pbc_malloc(sizeof(fp_field_data_t));
+ p->limbs = mpz_size(prime);
+ p->bytes = p->limbs * sizeof(mp_limb_t);
+ p->primelimbs = pbc_malloc(p->bytes);
+ mpz_export(p->primelimbs, &p->limbs, -1, sizeof(mp_limb_t), 0, 0, prime);
+
+ mpz_set(f->order, prime);
+ f->fixed_length_in_bytes = (mpz_sizeinbase(prime, 2) + 7) / 8;
+}
diff --git a/moon-abe/pbc-0.5.14/arith/field.c b/moon-abe/pbc-0.5.14/arith/field.c
new file mode 100644
index 00000000..af94e37f
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/arith/field.c
@@ -0,0 +1,889 @@
+#include <ctype.h>
+#include <stdarg.h>
+#include <stdint.h> // for intptr_t
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h> // for memcmp()
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_multiz.h"
+#include "pbc_memory.h"
+
+// returns recommended window size. n is exponent.
+static int optimal_pow_window_size(mpz_ptr n) {
+ int exp_bits;
+
+ exp_bits = mpz_sizeinbase(n, 2);
+
+ // try to minimize 2^k + n/(k+1).
+ return exp_bits > 9065 ? 8 :
+ exp_bits > 3529 ? 7 :
+ exp_bits > 1324 ? 6 :
+ exp_bits > 474 ? 5 :
+ exp_bits > 157 ? 4 :
+ exp_bits > 47 ? 3 :
+ 2;
+}
+
+/* builds k-bit lookup window for base a */
+static element_t *build_pow_window(element_ptr a, int k) {
+ int s;
+ int lookup_size;
+ element_t *lookup;
+
+ if (k < 1) return NULL; // no window
+
+ /* build 2^k lookup table. lookup[i] = x^i. */
+ /* TODO: a more careful word-finding algorithm would allow
+ * us to avoid calculating even lookup entries > 2
+ */
+ lookup_size = 1 << k;
+ lookup = pbc_malloc(lookup_size * sizeof(element_t));
+ element_init(lookup[0], a->field);
+ element_set1(lookup[0]);
+ for (s = 1; s < lookup_size; s++) {
+ element_init(lookup[s], a->field);
+ element_mul(lookup[s], lookup[s - 1], a);
+ }
+
+ return lookup;
+}
+
+static void clear_pow_window(int k, element_t * lookup) {
+ int s;
+ int lookup_size = 1 << k;
+
+ for (s = 0; s < lookup_size; s++) {
+ element_clear(lookup[s]);
+ }
+ pbc_free(lookup);
+}
+
+/*
+ * left-to-right exponentiation with k-bit window.
+ * NB. must have k >= 1.
+ */
+static void element_pow_wind(element_ptr x, mpz_ptr n,
+ int k, element_t * a_lookup) {
+ int s;
+ int bit;
+
+ int inword; // boolean: currently reading word?
+ int word = 0; // the word to look up. 0<word<base
+ int wbits = 0; // # of bits so far in word. wbits<=k.
+
+ element_t result;
+
+ // early abort if raising to power 0
+ if (!mpz_sgn(n)) {
+ element_set1(x);
+ return;
+ }
+
+ element_init(result, x->field);
+ element_set1(result);
+
+ for (inword = 0, s = mpz_sizeinbase(n, 2) - 1; s >= 0; s--) {
+ element_square(result, result);
+ bit = mpz_tstbit(n, s);
+
+ if (!inword && !bit)
+ continue; // keep scanning. note continue.
+
+ if (!inword) { // was scanning, just found word
+ inword = 1; // so, start new word
+ word = 1;
+ wbits = 1;
+ } else {
+ word = (word << 1) + bit;
+ wbits++; // continue word
+ }
+
+ if (wbits == k || s == 0) {
+ element_mul(result, result, a_lookup[word]);
+ inword = 0;
+ }
+ }
+
+ element_set(x, result);
+ element_clear(result);
+}
+
+static void generic_pow_mpz(element_ptr x, element_ptr a, mpz_ptr n) {
+ int k;
+ element_t *a_lookup;
+
+ if (mpz_is0(n)) {
+ element_set1(x);
+ return;
+ }
+
+ k = optimal_pow_window_size(n);
+ a_lookup = build_pow_window(a, k);
+ element_pow_wind(x, n, k, a_lookup);
+ clear_pow_window(k, a_lookup);
+}
+
+/* TODO: Allow fields to choose this exponentiation routine so we can compare.
+static void naive_generic_pow_mpz(element_ptr x, element_ptr a, mpz_ptr n) {
+ int s;
+
+ element_t result;
+
+ if (mpz_is0(n)) {
+ element_set1(x);
+ return;
+ }
+
+ element_init(result, x->field);
+ element_set1(result);
+
+ for (s = mpz_sizeinbase(n, 2) - 1; s >= 0; s--) {
+ element_square(result, result);
+ if (mpz_tstbit(n, s)) {
+ element_mul(result, result, a);
+ }
+ }
+ element_set(x, result);
+ element_clear(result);
+}
+*/
+
+void element_pow2_mpz(element_ptr x, element_ptr a1, mpz_ptr n1,
+ element_ptr a2, mpz_ptr n2) {
+ int s, s1, s2;
+ int b1, b2;
+
+ element_t result, a1a2;
+
+ if (mpz_is0(n1) && mpz_is0(n2)) {
+ element_set1(x);
+ return;
+ }
+
+ element_init(result, x->field);
+ element_set1(result);
+
+ element_init(a1a2, x->field);
+ element_mul(a1a2, a1, a2);
+
+ s1 = mpz_sizeinbase(n1, 2) - 1;
+ s2 = mpz_sizeinbase(n2, 2) - 1;
+ for (s = (s1 > s2) ? s1 : s2; s >= 0; s--) {
+ element_mul(result, result, result);
+ b1 = mpz_tstbit(n1, s);
+ b2 = mpz_tstbit(n2, s);
+ if (b1 && b2) {
+ element_mul(result, result, a1a2);
+ } else if (b1) {
+ element_mul(result, result, a1);
+ } else if (b2) {
+ element_mul(result, result, a2);
+ }
+ }
+
+ element_set(x, result);
+ element_clear(result);
+ element_clear(a1a2);
+}
+
+void element_pow3_mpz(element_ptr x, element_ptr a1, mpz_ptr n1,
+ element_ptr a2, mpz_ptr n2,
+ element_ptr a3, mpz_ptr n3) {
+ int s, s1, s2, s3;
+ int b;
+ int i;
+
+ element_t result;
+ element_t lookup[8];
+
+ if (mpz_is0(n1) && mpz_is0(n2) && mpz_is0(n3)) {
+ element_set1(x);
+ return;
+ }
+
+ element_init(result, x->field);
+ element_set1(result);
+
+ for (i = 0; i < 8; i++)
+ element_init(lookup[i], x->field);
+
+ // build lookup table.
+ element_set1(lookup[0]);
+ element_set(lookup[1], a1);
+ element_set(lookup[2], a2);
+ element_set(lookup[4], a3);
+ element_mul(lookup[3], a1, a2);
+ element_mul(lookup[5], a1, a3);
+ element_mul(lookup[6], a2, a3);
+ element_mul(lookup[7], lookup[6], a1);
+
+ // calculate largest exponent bitsize
+ s1 = mpz_sizeinbase(n1, 2) - 1;
+ s2 = mpz_sizeinbase(n2, 2) - 1;
+ s3 = mpz_sizeinbase(n3, 2) - 1;
+ s = (s1 > s2) ? ((s1 > s3) ? s1 : s3)
+ : ((s2 > s3) ? s2 : s3);
+
+ for (; s >= 0; s--) {
+ element_mul(result, result, result);
+ b = (mpz_tstbit(n1, s))
+ + (mpz_tstbit(n2, s) << 1)
+ + (mpz_tstbit(n3, s) << 2);
+ element_mul(result, result, lookup[b]);
+ }
+
+ element_set(x, result);
+ element_clear(result);
+ for (i = 0; i < 8; i++)
+ element_clear(lookup[i]);
+}
+
+struct element_base_table {
+ int k;
+ int bits;
+ int num_lookups;
+ element_t **table;
+};
+
+/* build k-bit base table for n-bit exponentiation w/ base a */
+static void *element_build_base_table(element_ptr a, int bits, int k) {
+ struct element_base_table *base_table;
+ element_t multiplier;
+ int i, j;
+ int lookup_size;
+
+ element_t *lookup;
+
+ // pbc_info("building %d bits %d k", bits, k);
+ lookup_size = 1 << k;
+
+ base_table = pbc_malloc(sizeof(struct element_base_table));
+ base_table->num_lookups = bits / k + 1;
+ base_table->k = k;
+ base_table->bits = bits;
+ base_table->table =
+ pbc_malloc(base_table->num_lookups * sizeof(element_t *));
+
+ element_init(multiplier, a->field);
+ element_set(multiplier, a);
+
+ for (i = 0; i < base_table->num_lookups; i++) {
+ lookup = pbc_malloc(lookup_size * sizeof(element_t));
+ element_init(lookup[0], a->field);
+ element_set1(lookup[0]);
+ for (j = 1; j < lookup_size; j++) {
+ element_init(lookup[j], a->field);
+ element_mul(lookup[j], multiplier, lookup[j - 1]);
+ }
+ element_mul(multiplier, multiplier, lookup[lookup_size - 1]);
+ base_table->table[i] = lookup;
+ }
+
+ element_clear(multiplier);
+ return base_table;
+}
+
+/*
+ * exponentiation using aggressive base lookup table
+ * must have k >= 1.
+ */
+static void element_pow_base_table(element_ptr x, mpz_ptr power,
+ struct element_base_table *base_table) {
+ int word; /* the word to look up. 0<word<base */
+ int row, s; /* row and col in base table */
+ int num_lookups;
+
+ element_t result;
+ mpz_t n;
+ mpz_init_set(n, power);
+
+ // Early abort if raising to power 0.
+ if (!mpz_sgn(n)) {
+ element_set1(x);
+ return;
+ }
+ if (mpz_cmp(n, x->field->order) > 0) {
+ mpz_mod(n, n, x->field->order);
+ }
+
+ element_init(result, x->field);
+ element_set1(result);
+
+ num_lookups = mpz_sizeinbase(n, 2) / base_table->k + 1;
+
+ for (row = 0; row < num_lookups; row++) {
+ word = 0;
+ for (s = 0; s < base_table->k; s++) {
+ word |= mpz_tstbit(n, base_table->k * row + s) << s;
+ }
+ if (word > 0) {
+ element_mul(result, result, base_table->table[row][word]);
+ }
+ }
+
+ element_set(x, result);
+ element_clear(result);
+ mpz_clear(n);
+}
+
+static void default_element_pp_init(element_pp_t p, element_t in) {
+ p->data =
+ element_build_base_table(in, mpz_sizeinbase(in->field->order, 2), 5);
+}
+
+static void default_element_pp_pow(element_t out, mpz_ptr power, element_pp_t p) {
+ element_pow_base_table(out, power, p->data);
+}
+
+static void default_element_pp_clear(element_pp_t p) {
+ struct element_base_table *base_table = p->data;
+ int lookup_size = 1 << base_table->k;
+ element_t *lookup;
+ int i, j;
+
+ element_t **epp = base_table->table;
+
+ for (i = 0; i < base_table->num_lookups; i++) {
+ lookup = epp[i];
+ for (j = 0; j < lookup_size; j++) {
+ element_clear(lookup[j]);
+ }
+ pbc_free(lookup);
+ }
+ pbc_free(epp);
+
+ pbc_free(base_table);
+}
+
+void field_set_nqr(field_ptr f, element_t nqr) {
+ if (!f->nqr) {
+ f->nqr = pbc_malloc(sizeof(element_t));
+ element_init(f->nqr, f);
+ }
+ element_set(f->nqr, nqr);
+}
+
+void field_gen_nqr(field_ptr f) {
+ f->nqr = pbc_malloc(sizeof(element_t));
+ element_init(f->nqr, f);
+ do {
+ element_random(f->nqr);
+ } while (element_is_sqr(f->nqr));
+}
+
+element_ptr field_get_nqr(field_ptr f) {
+ if (!f->nqr) field_gen_nqr(f);
+ return f->nqr;
+}
+
+static void generic_square(element_ptr r, element_ptr a) {
+ element_mul(r, a, a);
+}
+static void generic_mul_mpz(element_ptr r, element_ptr a, mpz_ptr z) {
+ element_t e0;
+ element_init(e0, r->field);
+ element_set_mpz(e0, z);
+ element_mul(r, a, e0);
+ element_clear(e0);
+}
+
+static void generic_mul_si(element_ptr r, element_ptr a, signed long int n) {
+ element_t e0;
+ element_init(e0, r->field);
+ element_set_si(e0, n);
+ element_mul(r, a, e0);
+ element_clear(e0);
+}
+
+static void generic_double(element_ptr r, element_ptr a) {
+ element_add(r, a, a);
+}
+
+static void generic_halve(element_ptr r, element_ptr a) {
+ element_t e0;
+ element_init(e0, r->field);
+ element_set_si(e0, 2);
+ element_invert(e0, e0);
+ element_mul(r, a, e0);
+ element_clear(e0);
+}
+
+static void zero_to_mpz(mpz_t z, element_ptr a) {
+ UNUSED_VAR(a);
+ mpz_set_ui(z, 0);
+}
+
+static void zero_set_mpz(element_ptr a, mpz_t z) {
+ UNUSED_VAR(z);
+ element_set0(a);
+}
+
+static void zero_random(element_ptr a) {
+ element_set0(a);
+}
+
+static void generic_set_si(element_ptr a, long int si) {
+ mpz_t z;
+ mpz_init(z);
+ mpz_set_si(z, si);
+ element_set_mpz(a, z);
+ mpz_clear(z);
+}
+
+static void generic_set_multiz(element_ptr a, multiz m) {
+ mpz_t z;
+ mpz_init(z);
+ multiz_to_mpz(z, m);
+ element_set_mpz(a, z);
+ mpz_clear(z);
+}
+
+static void generic_sub(element_ptr c, element_ptr a, element_ptr b) {
+ if (c != a) {
+ element_neg(c, b);
+ element_add(c, c, a);
+ } else {
+ element_t tmp;
+ element_init(tmp, a->field);
+ element_neg(tmp, b);
+ element_add(c, tmp, a);
+ element_clear(tmp);
+ }
+}
+
+static void generic_div(element_ptr c, element_ptr a, element_ptr b) {
+ if (c != a) {
+ element_invert(c, b);
+ element_mul(c, c, a);
+ } else {
+ element_t tmp;
+ element_init(tmp, a->field);
+ element_invert(tmp, b);
+ element_mul(c, tmp, a);
+ element_clear(tmp);
+ }
+}
+
+static void generic_add_ui(element_ptr c, element_ptr a,
+ unsigned long int b) {
+ element_t e;
+ mpz_t z;
+ element_init(e, c->field);
+ mpz_init(z);
+ mpz_set_ui(z, b);
+ element_set_mpz(e, z);
+ element_add(c, a, e);
+ mpz_clear(z);
+ element_clear(e);
+}
+
+static int generic_cmp(element_ptr a, element_ptr b) {
+ int result;
+ unsigned char *buf1, *buf2;
+ int len;
+ if (a == b) return 0;
+ len = element_length_in_bytes(a);
+ if (len != element_length_in_bytes(b)) return 1;
+ buf1 = pbc_malloc(len);
+ buf2 = pbc_malloc(len);
+ element_to_bytes(buf1, a);
+ element_to_bytes(buf2, b);
+ result = memcmp(buf1, buf2, len);
+ pbc_free(buf1);
+ pbc_free(buf2);
+ return result;
+}
+
+static int generic_is0(element_ptr a) {
+ int result;
+ element_t b;
+ element_init(b, a->field);
+ result = !element_cmp(a, b); // element_cmp returns 0 if 'a' and 'b' are the same, nonzero otherwise. generic_is0 returns true if 'a' is 0.
+ element_clear(b);
+ return result;
+}
+
+static int generic_is1(element_ptr a) {
+ int result;
+ element_t b;
+ element_init(b, a->field);
+ element_set1(b);
+ result = !element_cmp(a, b); // element_cmp returns 0 if 'a' and 'b' are the same, nonzero otherwise. generic_is1 returns true if 'a' is 1.
+ element_clear(b);
+ return result;
+}
+
+static void generic_out_info(FILE * out, field_ptr f) {
+ element_fprintf(out, "unknown field %p, order = %Zd", f, f->order);
+}
+
+static int generic_item_count(element_ptr e) {
+ UNUSED_VAR(e);
+ return 0;
+}
+
+static element_ptr generic_item(element_ptr e, int i) {
+ UNUSED_VAR(e);
+ UNUSED_VAR(i);
+ return NULL;
+}
+
+static element_ptr generic_get_x(element_ptr e) {
+ return element_item(e, 0);
+}
+
+static element_ptr generic_get_y(element_ptr e) {
+ return element_item(e, 1);
+}
+
+static int default_element_snprint(char *s, size_t n, element_t e) {
+ UNUSED_VAR(e);
+ if (n == 1) {
+ s[0] = '0';
+ } else if (n >= 2) {
+ s[0] = '?';
+ s[1] = '\0';
+ }
+ return 1;
+}
+
+static int default_element_set_str(element_t e, const char *s, int base) {
+ UNUSED_VAR(s);
+ UNUSED_VAR(base);
+ element_set0(e);
+ return 0;
+}
+
+static void warn_field_clear(field_ptr f) {
+ pbc_warn("field %p has no clear function", f);
+}
+
+void field_out_info(FILE* out, field_ptr f) {
+ f->out_info(out, f);
+}
+
+void field_init(field_ptr f) {
+ // should be called by each field_init_*
+ f->nqr = NULL;
+ mpz_init(f->order);
+
+ // this should later be set
+ f->field_clear = warn_field_clear;
+
+ // and this to something more helpful
+ f->out_info = generic_out_info;
+
+ // many of these can usually be optimized for particular fields
+ // provided for developer's convenience
+ f->halve = generic_halve;
+ f->doub = generic_double;
+ f->square = generic_square;
+ f->mul_mpz = generic_mul_mpz;
+ f->mul_si = generic_mul_si;
+ f->cmp = generic_cmp;
+ f->sub = generic_sub;
+ f->div = generic_div;
+ f->add_ui = generic_add_ui;
+
+ // default: converts all elements to integer 0
+ // reads all integers as 0
+ // random always outputs 0
+ f->to_mpz = zero_to_mpz;
+ f->set_mpz = zero_set_mpz;
+ f->set_multiz = generic_set_multiz;
+ f->random = zero_random;
+ f->set_si = generic_set_si;
+ f->is1 = generic_is1;
+ f->is0 = generic_is0;
+
+ // By default, an element has no components.
+ f->item_count = generic_item_count;
+ f->item = generic_item;
+ f->get_x = generic_get_x;
+ f->get_y = generic_get_y;
+
+ // these are fast, thanks to Hovav
+ f->pow_mpz = generic_pow_mpz;
+ f->pp_init = default_element_pp_init;
+ f->pp_clear = default_element_pp_clear;
+ f->pp_pow = default_element_pp_pow;
+
+ f->snprint = default_element_snprint;
+ f->set_str = default_element_set_str;
+ f->pairing = NULL;
+}
+
+void field_clear(field_ptr f) {
+ if (f->nqr) {
+ element_clear(f->nqr);
+ pbc_free(f->nqr);
+ }
+ mpz_clear(f->order);
+ f->field_clear(f);
+}
+
+void pbc_mpz_out_raw_n(unsigned char *data, int n, mpz_t z) {
+ size_t count;
+ if (mpz_sgn(z)) {
+ count = (mpz_sizeinbase(z, 2) + 7) / 8;
+ mpz_export(&data[n - count], NULL, 1, 1, 1, 0, z);
+ memset(data, 0, n - count);
+ } else {
+ memset(data, 0, n);
+ }
+}
+
+//for short hashes H, do
+// buf = H || 0 || H || 1 || H || ...
+//before calling mpz_import
+void pbc_mpz_from_hash(mpz_t z, mpz_t limit,
+ unsigned char *data, unsigned int len) {
+ size_t i = 0, n, count = (mpz_sizeinbase(limit, 2) + 7) / 8;
+ unsigned char buf[count];
+ unsigned char counter = 0;
+ int done = 0;
+ for (;;) {
+ if (len >= count - i) {
+ n = count - i;
+ done = 1;
+ } else n = len;
+ memcpy(buf + i, data, n);
+ i += n;
+ if (done) break;
+ buf[i] = counter;
+ counter++;
+ i++;
+ if (i == count) break;
+ }
+ PBC_ASSERT(i == count, "did not read whole buffer");
+ mpz_import(z, count, 1, 1, 1, 0, buf);
+ while (mpz_cmp(z, limit) > 0) {
+ mpz_tdiv_q_2exp(z, z, 1);
+ }
+}
+
+// Square root algorithm for Fp.
+// TODO: What happens if this is run on other kinds of fields?
+void element_tonelli(element_ptr x, element_ptr a) {
+ int s;
+ int i;
+ mpz_t e;
+ mpz_t t, t0;
+ element_t ginv, e0;
+ element_ptr nqr;
+
+ mpz_init(t);
+ mpz_init(e);
+ mpz_init(t0);
+ element_init(ginv, a->field);
+ element_init(e0, a->field);
+ nqr = field_get_nqr(a->field);
+
+ element_invert(ginv, nqr);
+
+ //let q be the order of the field
+ //q - 1 = 2^s t, t odd
+ mpz_sub_ui(t, a->field->order, 1);
+ s = mpz_scan1(t, 0);
+ mpz_tdiv_q_2exp(t, t, s);
+ mpz_set_ui(e, 0);
+ for (i = 2; i <= s; i++) {
+ mpz_sub_ui(t0, a->field->order, 1);
+ mpz_tdiv_q_2exp(t0, t0, i);
+ element_pow_mpz(e0, ginv, e);
+ element_mul(e0, e0, a);
+ element_pow_mpz(e0, e0, t0);
+ if (!element_is1(e0)) mpz_setbit(e, i - 1);
+ }
+ element_pow_mpz(e0, ginv, e);
+ element_mul(e0, e0, a);
+ mpz_add_ui(t, t, 1);
+ mpz_tdiv_q_2exp(t, t, 1);
+ mpz_tdiv_q_2exp(e, e, 1);
+
+ // (suggested by Hovav Shacham) replace next three lines with
+ // element_pow2_mpz(x, e0, t, nqr, e);
+ // once sliding windows are implemented for pow2.
+ element_pow_mpz(e0, e0, t);
+ element_pow_mpz(x, nqr, e);
+ element_mul(x, x, e0);
+
+ mpz_clear(t);
+ mpz_clear(e);
+ mpz_clear(t0);
+ element_clear(ginv);
+ element_clear(e0);
+}
+
+// Like mpz_set_str except returns number of bytes read and allows trailing
+// junk. This simplifies code for parsing elements like "[123, 456]".
+// TODO: Handle 0x, 0X and 0 conventions for hexadecimal and octal.
+int pbc_mpz_set_str(mpz_t z, const char *s, int base) {
+ int b, i = 0;
+ mpz_set_ui(z, 0);
+ if (!base) b = 10;
+ else if (base < 2 || base > 36) return 0;
+ else b = base;
+
+ for (;;) {
+ int j;
+ char c = s[i];
+ if (!c) break;
+ if (isspace(c)) {
+ i++;
+ continue;
+ }
+ if (isdigit(c)) {
+ j = c - '0';
+ } else if (c >= 'A' && c <= 'Z') {
+ j = c - 'A';
+ } else if (c >= 'a' && c <= 'z') {
+ j = c - 'a';
+ } else break;
+
+ if (j >= b) break;
+
+ mpz_mul_ui(z, z, b);
+ mpz_add_ui(z, z, j);
+ i++;
+ }
+ return i;
+}
+
+// Divides `n` with primes up to `limit`. For each factor found,
+// call `fun`. If the callback returns nonzero, then aborts and returns 1.
+// Otherwise returns 0.
+int pbc_trial_divide(int (*fun)(mpz_t factor,
+ unsigned int multiplicity,
+ void *scope_ptr),
+ void *scope_ptr,
+ mpz_t n,
+ mpz_ptr limit) {
+ mpz_t p, m;
+ mpz_t fac;
+ unsigned int mul;
+
+ mpz_init(fac);
+ mpz_init(p);
+ mpz_init(m);
+ mpz_set(m ,n);
+ mpz_set_ui(p, 2);
+
+ while (mpz_cmp_ui(m, 1)) {
+ if (mpz_probab_prime_p(m, 10)) {
+ mpz_set(p, m);
+ }
+ if (limit && mpz_cmp(p, limit) > 0) {
+ mpz_set(p, m);
+ }
+ if (mpz_divisible_p(m, p)) {
+ mul = 0;
+ mpz_set(fac, p);
+ do {
+ mpz_divexact(m, m, p);
+ mul++;
+ } while (mpz_divisible_p(m, p));
+ if (fun(fac, mul, scope_ptr)) {
+ mpz_clear(fac);
+ mpz_clear(m);
+ mpz_clear(p);
+ return 1;
+ }
+ }
+ mpz_nextprime(p, p);
+ }
+
+ mpz_clear(fac);
+ mpz_clear(m);
+ mpz_clear(p);
+ return 0;
+}
+
+// For each digit of 'n', call fun(). If it returns 1, then return 1 and
+// abort. Otherwise return 0.
+int pbc_mpz_trickle(int (*fun)(char), int base, mpz_t n) {
+ // TODO: Support different bases.
+ if (!base) base = 10;
+ if (base < 2 || base > 10) {
+ pbc_warn("only bases 2 to 10 supported");
+ return 1;
+ }
+ mpz_t d, z, q;
+ mpz_init(d);
+ mpz_init(z);
+ mpz_init(q);
+ mpz_set(z, n);
+ int res;
+ int len;
+ mpz_ui_pow_ui(d, base, len = mpz_sizeinbase(z, base));
+ if (mpz_cmp(d, z) > 0) {
+ len--;
+ mpz_divexact_ui(d, d, base);
+ }
+ while (mpz_cmp_ui(z, base) >= 0) {
+ mpz_fdiv_qr(q, z, z, d);
+ res = fun('0' + mpz_get_ui(q));
+ if (res) goto clean;
+ mpz_divexact_ui(d, d, base);
+ len--;
+ }
+ while (len) {
+ res = fun('0');
+ if (res) goto clean;
+ len--;
+ }
+ res = fun('0' + mpz_get_ui(z));
+clean:
+ mpz_clear(q);
+ mpz_clear(z);
+ mpz_clear(d);
+ return res;
+}
+
+void element_multi_double(element_t n[], element_t a[], int m) {
+ element_ptr *temp1 = pbc_malloc(sizeof(*temp1)*m);
+ element_ptr *temp2 = pbc_malloc(sizeof(*temp2)*m);
+ int i;
+
+ for(i=0; i<m; i++) {
+ PBC_ASSERT_MATCH2(n[i], a[i]);
+ temp1[i] = n[i];
+ temp2[i] = a[i];
+ }
+ n[0]->field->multi_doub(temp1, temp2, m);
+ pbc_free(temp1);
+ pbc_free(temp2);
+}
+
+void element_multi_add(element_t n[], element_t a[],element_t b[], int m) {
+ size_t size = sizeof(element_ptr)*m;
+ element_ptr *temp1 = pbc_malloc(size);
+ element_ptr *temp2 = pbc_malloc(size);
+ element_ptr *temp3 = pbc_malloc(size);
+
+ int i;
+ for(i=0; i<m; i++){
+ PBC_ASSERT_MATCH3(n[i], a[i], b[i]);
+ temp1[i] = n[i];
+ temp2[i] = a[i];
+ temp3[i] = b[i];
+ }
+
+ n[0]->field->multi_add(temp1, temp2, temp3, m);
+ pbc_free(temp1);
+ pbc_free(temp2);
+ pbc_free(temp3);
+}
+
+element_ptr element_new(field_ptr f) {
+ element_ptr e = pbc_malloc(sizeof(*e));
+ element_init(e, f);
+ return e;
+}
+
+void element_free(element_ptr e) {
+ element_clear(e);
+ pbc_free(e);
+}
diff --git a/moon-abe/pbc-0.5.14/arith/fieldquadratic.c b/moon-abe/pbc-0.5.14/arith/fieldquadratic.c
new file mode 100644
index 00000000..bfb46027
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/arith/fieldquadratic.c
@@ -0,0 +1,692 @@
+// Quadratic extension fields.
+//
+// The fq_ functions are for general quadratic extensions.
+// The fi_ functions are faster versions of some of these functions specialized
+// for fields extended by sqrt(-1).
+// TODO: Instead of lazily generating a quadratic nonresidue, in this case
+// we can use sqrt(base field nqr) as the nqr of the extension.
+
+#include <ctype.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h>
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_multiz.h"
+#include "pbc_fieldquadratic.h"
+#include "pbc_memory.h"
+
+// Per-element data.
+typedef struct {
+ // Elements have the form x + ya, where a is the square root of a quadratic
+ // nonresidue in the base field.
+ element_t x;
+ element_t y;
+} *eptr;
+
+// Per-field data: we use ''data'' as a field_ptr to the base field.
+
+// Return the quadratic nonresidue used to build this field.
+// Should only be called from routines used exclusively by the generic quadratic
+// extension code.
+static inline element_ptr fq_nqr(field_ptr f) {
+ return field_get_nqr((field_ptr) f->data);
+}
+
+static void fq_init(element_ptr e) {
+ eptr p = e->data = pbc_malloc(sizeof(*p));
+ field_ptr f = e->field->data;
+ element_init(p->x, f);
+ element_init(p->y, f);
+}
+
+static void fq_clear(element_ptr e) {
+ eptr p = e->data;
+ element_clear(p->x);
+ element_clear(p->y);
+ pbc_free(e->data);
+}
+
+static void fq_set_si(element_ptr e, signed long int i) {
+ eptr p = e->data;
+ element_set_si(p->x, i);
+ element_set0(p->y);
+}
+
+static void fq_set_mpz(element_ptr e, mpz_t z) {
+ eptr p = e->data;
+ element_set_mpz(p->x, z);
+ element_set0(p->y);
+}
+
+// Projection: attempts to convert Re(e) to mpz.
+static void fq_to_mpz(mpz_t z, element_ptr e) {
+ eptr p = e->data;
+ element_to_mpz(z, p->x);
+}
+
+static void fq_set0(element_ptr e) {
+ eptr p = e->data;
+ element_set0(p->x);
+ element_set0(p->y);
+}
+
+static void fq_set1(element_ptr e) {
+ eptr p = e->data;
+ element_set1(p->x);
+ element_set0(p->y);
+}
+
+static int fq_is0(element_ptr e) {
+ eptr p = e->data;
+ return element_is0(p->x) && element_is0(p->y);
+}
+
+static int fq_is1(element_ptr e) {
+ eptr p = e->data;
+ return element_is1(p->x) && element_is0(p->y);
+}
+
+static size_t fq_out_str(FILE *stream, int base, element_ptr e) {
+ size_t result = 4, status;
+ eptr p = e->data;
+ if (EOF == fputc('[', stream)) return 0;
+ result = element_out_str(stream, base, p->x);
+ if (!result) return 0;
+ if (EOF == fputs(", ", stream)) return 0;
+ status = element_out_str(stream, base, p->y);
+ if (!status) return 0;
+ if (EOF == fputc(']', stream)) return 0;
+ return result + status;
+}
+
+static int fq_snprint(char *s, size_t n, element_ptr e) {
+ eptr p = e->data;
+ size_t result = 0, left;
+ int status;
+
+ #define clip_sub() { \
+ result += status; \
+ left = result >= n ? 0 : n - result; \
+ }
+
+ status = snprintf(s, n, "[");
+ if (status < 0) return status;
+ clip_sub();
+ status = element_snprint(s + result, left, p->x);
+ if (status < 0) return status;
+ clip_sub();
+ status = snprintf(s + result, left, ", ");
+ if (status < 0) return status;
+ clip_sub();
+ status = element_snprint(s + result, left, p->y);
+ if (status < 0) return status;
+ clip_sub();
+ status = snprintf(s + result, left, "]");
+ if (status < 0) return status;
+ return result + status;
+ #undef clip_sub
+}
+
+static void fq_set_multiz(element_ptr e, multiz m) {
+ eptr p = e->data;
+ if (multiz_is_z(m)) {
+ element_set_multiz(p->x, m);
+ element_set0(p->y);
+ return;
+ }
+ element_set_multiz(p->x, multiz_at(m, 0));
+ if (2 > multiz_count(m)) element_set0(p->y);
+ else element_set_multiz(p->y, multiz_at(m, 1));
+}
+
+static int fq_set_str(element_ptr e, const char *s, int base) {
+ const char *cp = s;
+ element_set0(e);
+ while (*cp && isspace(*cp)) cp++;
+ if (*cp++ != '[') return 0;
+ eptr p = e->data;
+ cp += element_set_str(p->x, cp, base);
+ while (*cp && isspace(*cp)) cp++;
+ if (*cp++ != ',') return 0;
+ cp += element_set_str(p->y, cp, base);
+ if (*cp++ != ']') return 0;
+ return cp - s;
+}
+
+static int fq_sign(element_ptr n) {
+ int res;
+ eptr r = n->data;
+ res = element_sign(r->x);
+ if (!res) return element_sign(r->y);
+ return res;
+}
+
+static void fq_add(element_ptr n, element_ptr a, element_ptr b) {
+ eptr p = a->data;
+ eptr q = b->data;
+ eptr r = n->data;
+ element_add(r->x, p->x, q->x);
+ element_add(r->y, p->y, q->y);
+}
+
+static void fq_double(element_ptr n, element_ptr a) {
+ eptr p = a->data;
+ eptr r = n->data;
+ element_double(r->x, p->x);
+ element_double(r->y, p->y);
+}
+
+static void fq_sub(element_ptr n, element_ptr a, element_ptr b) {
+ eptr p = a->data;
+ eptr q = b->data;
+ eptr r = n->data;
+ element_sub(r->x, p->x, q->x);
+ element_sub(r->y, p->y, q->y);
+}
+
+static void fq_set(element_ptr n, element_ptr a) {
+ eptr p = a->data;
+ eptr r = n->data;
+ element_set(r->x, p->x);
+ element_set(r->y, p->y);
+}
+
+static void fq_mul(element_ptr n, element_ptr a, element_ptr b) {
+ eptr p = a->data;
+ eptr q = b->data;
+ eptr r = n->data;
+
+ element_ptr nqr = fq_nqr(n->field);
+ element_t e0, e1, e2;
+
+ element_init(e0, p->x->field);
+ element_init(e1, e0->field);
+ element_init(e2, e0->field);
+ /* naive:
+ element_mul(e0, p->x, q->x);
+ element_mul(e1, p->y, q->y);
+ element_mul(e1, e1, nqr);
+ element_add(e0, e0, e1);
+ element_mul(e1, p->x, q->y);
+ element_mul(e2, p->y, q->x);
+ element_add(e1, e1, e2);
+ element_set(r->x, e0);
+ element_set(r->y, e1);
+ */
+ // Karatsuba:
+ element_add(e0, p->x, p->y);
+ element_add(e1, q->x, q->y);
+ element_mul(e2, e0, e1);
+ element_mul(e0, p->x, q->x);
+ element_mul(e1, p->y, q->y);
+ element_mul(r->x, e1, nqr);
+ element_add(r->x, r->x, e0);
+ element_sub(e2, e2, e0);
+ element_sub(r->y, e2, e1);
+
+ element_clear(e0);
+ element_clear(e1);
+ element_clear(e2);
+}
+
+static void fq_mul_mpz(element_ptr n, element_ptr a, mpz_ptr z) {
+ eptr p = a->data;
+ eptr r = n->data;
+ element_mul_mpz(r->x, p->x, z);
+ element_mul_mpz(r->y, p->y, z);
+}
+
+static void fq_mul_si(element_ptr n, element_ptr a, signed long int z) {
+ eptr p = a->data;
+ eptr r = n->data;
+ element_mul_si(r->x, p->x, z);
+ element_mul_si(r->y, p->y, z);
+}
+
+static void fq_square(element_ptr n, element_ptr a) {
+ eptr p = a->data;
+ eptr r = n->data;
+ element_ptr nqr = fq_nqr(n->field);
+ element_t e0, e1;
+
+ element_init(e0, p->x->field);
+ element_init(e1, e0->field);
+ element_square(e0, p->x);
+ element_square(e1, p->y);
+ element_mul(e1, e1, nqr);
+ element_add(e0, e0, e1);
+ element_mul(e1, p->x, p->y);
+ //TODO: which is faster?
+ //element_add(e1, e1, e1);
+ element_double(e1, e1);
+ element_set(r->x, e0);
+ element_set(r->y, e1);
+ element_clear(e0);
+ element_clear(e1);
+}
+
+static void fq_neg(element_ptr n, element_ptr a) {
+ eptr p = a->data;
+ eptr r = n->data;
+ element_neg(r->x, p->x);
+ element_neg(r->y, p->y);
+}
+
+static void fq_random(element_ptr e) {
+ eptr p = e->data;
+ element_random(p->x);
+ element_random(p->y);
+}
+
+static int fq_cmp(element_ptr a, element_ptr b) {
+ eptr p = a->data;
+ eptr q = b->data;
+ return element_cmp(p->x, q->x) || element_cmp(p->y, q->y);
+}
+
+static void fq_invert(element_ptr n, element_ptr a) {
+ eptr p = a->data;
+ eptr r = n->data;
+ element_ptr nqr = fq_nqr(n->field);
+ element_t e0, e1;
+
+ element_init(e0, p->x->field);
+ element_init(e1, e0->field);
+ element_square(e0, p->x);
+ element_square(e1, p->y);
+ element_mul(e1, e1, nqr);
+ element_sub(e0, e0, e1);
+ element_invert(e0, e0);
+ element_mul(r->x, p->x, e0);
+ element_neg(e0, e0);
+ element_mul(r->y, p->y, e0);
+
+ element_clear(e0);
+ element_clear(e1);
+}
+
+static void fq_from_hash(element_ptr n, void *data, int len) {
+ eptr r = n->data;
+ int k = len / 2;
+ element_from_hash(r->x, data, k);
+ element_from_hash(r->y, (char *)data + k, len - k);
+}
+
+static int fq_length_in_bytes(element_ptr e) {
+ eptr p = e->data;
+ return element_length_in_bytes(p->x) + element_length_in_bytes(p->y);
+}
+
+static int fq_to_bytes(unsigned char *data, element_t e) {
+ eptr p = e->data;
+ int len;
+ len = element_to_bytes(data, p->x);
+ len += element_to_bytes(data + len, p->y);
+ return len;
+}
+
+static int fq_from_bytes(element_t e, unsigned char *data) {
+ eptr p = e->data;
+ int len;
+ len = element_from_bytes(p->x, data);
+ len += element_from_bytes(p->y, data + len);
+ return len;
+}
+
+static int fq_is_sqr(element_ptr e) {
+ //x + y sqrt(nqr) is a square iff x^2 - nqr y^2 is (in the base field)
+ eptr p = e->data;
+ element_t e0, e1;
+ element_ptr nqr = fq_nqr(e->field);
+ int result;
+ element_init(e0, p->x->field);
+ element_init(e1, e0->field);
+ element_square(e0, p->x);
+ element_square(e1, p->y);
+ element_mul(e1, e1, nqr);
+ element_sub(e0, e0, e1);
+ result = element_is_sqr(e0);
+ element_clear(e0);
+ element_clear(e1);
+ return result;
+}
+
+static void fq_sqrt(element_ptr n, element_ptr e) {
+ eptr p = e->data;
+ eptr r = n->data;
+ element_ptr nqr = fq_nqr(n->field);
+ element_t e0, e1, e2;
+
+ //if (a+b sqrt(nqr))^2 = x+y sqrt(nqr) then
+ //2a^2 = x +- sqrt(x^2 - nqr y^2)
+ //(take the sign which allows a to exist)
+ //and 2ab = y
+ element_init(e0, p->x->field);
+ element_init(e1, e0->field);
+ element_init(e2, e0->field);
+ element_square(e0, p->x);
+ element_square(e1, p->y);
+ element_mul(e1, e1, nqr);
+ element_sub(e0, e0, e1);
+ element_sqrt(e0, e0);
+ //e0 = sqrt(x^2 - nqr y^2)
+ element_add(e1, p->x, e0);
+ element_set_si(e2, 2);
+ element_invert(e2, e2);
+ element_mul(e1, e1, e2);
+ //e1 = (x + sqrt(x^2 - nqr y^2))/2
+ if (!element_is_sqr(e1)) {
+ element_sub(e1, e1, e0);
+ //e1 should be a square
+ }
+ element_sqrt(e0, e1);
+ element_add(e1, e0, e0);
+ element_invert(e1, e1);
+ element_mul(r->y, p->y, e1);
+ element_set(r->x, e0);
+ element_clear(e0);
+ element_clear(e1);
+ element_clear(e2);
+}
+
+static int fq_item_count(element_ptr e) {
+ UNUSED_VAR(e);
+ return 2;
+}
+
+static element_ptr fq_item(element_ptr e, int i) {
+ eptr p = e->data;
+ switch(i) {
+ case 0:
+ return p->x;
+ case 1:
+ return p->y;
+ default:
+ return NULL;
+ }
+}
+
+static void field_clear_fq(field_ptr f) {
+ UNUSED_VAR(f);
+ //f->order gets cleared automatically
+}
+
+static void fq_out_info(FILE *out, field_ptr f) {
+ field_ptr fbase = f->data;
+ element_fprintf(out, "extension x^2 + %B, base field: ", fq_nqr(f));
+ field_out_info(out, fbase);
+}
+
+// Specialized versions of some of the above for the case K[i].
+
+static void fi_mul(element_ptr n, element_ptr a, element_ptr b) {
+ eptr p = a->data;
+ eptr q = b->data;
+ eptr r = n->data;
+ element_t e0, e1, e2;
+
+ element_init(e0, p->x->field);
+ element_init(e1, e0->field);
+ element_init(e2, e0->field);
+ /* Naive method:
+ element_mul(e0, p->x, q->x);
+ element_mul(e1, p->y, q->y);
+ element_sub(e0, e0, e1);
+ element_mul(e1, p->x, q->y);
+ element_mul(e2, p->y, q->x);
+ element_add(e1, e1, e2);
+ element_set(r->x, e0);
+ element_set(r->y, e1);
+ */
+ // Karatsuba multiplicaiton:
+ element_add(e0, p->x, p->y);
+ element_add(e1, q->x, q->y);
+ element_mul(e2, e0, e1);
+ element_mul(e0, p->x, q->x);
+ element_sub(e2, e2, e0);
+ element_mul(e1, p->y, q->y);
+ element_sub(r->x, e0, e1);
+ element_sub(r->y, e2, e1);
+
+ element_clear(e0);
+ element_clear(e1);
+ element_clear(e2);
+}
+
+static void fi_square(element_ptr n, element_ptr a) {
+ eptr p = a->data;
+ eptr r = n->data;
+ element_t e0, e1;
+
+ element_init(e0, p->x->field);
+ element_init(e1, e0->field);
+ // Re(n) = x^2 - y^2 = (x+y)(x-y)
+ element_add(e0, p->x, p->y);
+ element_sub(e1, p->x, p->y);
+ element_mul(e0, e0, e1);
+ // Im(n) = 2xy
+ element_mul(e1, p->x, p->y);
+ element_add(e1, e1, e1);
+ element_set(r->x, e0);
+ element_set(r->y, e1);
+ element_clear(e0);
+ element_clear(e1);
+}
+
+static void fi_invert(element_ptr n, element_ptr a) {
+ eptr p = a->data;
+ eptr r = n->data;
+ element_t e0, e1;
+
+ element_init(e0, p->x->field);
+ element_init(e1, e0->field);
+ element_square(e0, p->x);
+ element_square(e1, p->y);
+ element_add(e0, e0, e1);
+ element_invert(e0, e0);
+ element_mul(r->x, p->x, e0);
+ element_neg(e0, e0);
+ element_mul(r->y, p->y, e0);
+
+ element_clear(e0);
+ element_clear(e1);
+}
+
+static int fi_is_sqr(element_ptr e) {
+ // x + yi is a square <=> x^2 + y^2 is (in the base field).
+
+ // Proof: (=>) if x+yi = (a+bi)^2, then a^2 - b^2 = x, 2ab = y,
+ // thus (a^2 + b^2)^2 = (a^2 - b^2)^2 + (2ab)^2 = x^2 + y^2
+
+ // (<=) Suppose A^2 = x^2 + y^2. If there exist a, b satisfying:
+ // a^2 = (+-A + x)/2, b^2 = (+-A - x)/2
+ // then (a + bi)^2 = x + yi.
+ //
+ // We show that exactly one of (A + x)/2, (-A + x)/2 is a quadratic residue
+ // (thus a, b do exist). Suppose not. Then the product (x^2 - A^2) / 4 is
+ // some quadratic residue, a contradiction since this would imply x^2 - A^2 =
+ // -y^2 is also a quadratic residue, but we know -1 is not a quadratic
+ // residue. QED.
+ eptr p = e->data;
+ element_t e0, e1;
+ int result;
+ element_init(e0, p->x->field);
+ element_init(e1, e0->field);
+ element_square(e0, p->x);
+ element_square(e1, p->y);
+ element_add(e0, e0, e1);
+ result = element_is_sqr(e0);
+ element_clear(e0);
+ element_clear(e1);
+ return result;
+}
+
+static void fi_sqrt(element_ptr n, element_ptr e) {
+ eptr p = e->data;
+ eptr r = n->data;
+ element_t e0, e1, e2;
+
+ // If (a+bi)^2 = x+yi then 2a^2 = x +- sqrt(x^2 + y^2)
+ // where we choose the sign so that a exists, and 2ab = y.
+ // Thus 2b^2 = - (x -+ sqrt(x^2 + y^2)).
+ element_init(e0, p->x->field);
+ element_init(e1, e0->field);
+ element_init(e2, e0->field);
+ element_square(e0, p->x);
+ element_square(e1, p->y);
+ element_add(e0, e0, e1);
+ element_sqrt(e0, e0);
+ // e0 = sqrt(x^2 + y^2)
+ element_add(e1, p->x, e0);
+ element_set_si(e2, 2);
+ element_invert(e2, e2);
+ element_mul(e1, e1, e2);
+ // e1 = (x + sqrt(x^2 + y^2))/2
+ if (!element_is_sqr(e1)) {
+ element_sub(e1, e1, e0);
+ // e1 should be a square.
+ }
+ element_sqrt(e0, e1);
+ element_add(e1, e0, e0);
+ element_invert(e1, e1);
+ element_mul(r->y, p->y, e1);
+ element_set(r->x, e0);
+ element_clear(e0);
+ element_clear(e1);
+ element_clear(e2);
+}
+
+static void fi_out_info(FILE *out, field_ptr f) {
+ field_ptr fbase = f->data;
+ fprintf(out, "extension x^2 + 1, base field: ");
+ field_out_info(out, fbase);
+}
+
+static void field_clear_fi(field_ptr f) {
+ UNUSED_VAR(f);
+}
+
+// All the above should be static.
+
+void element_field_to_quadratic(element_ptr r, element_ptr a) {
+ eptr p = r->data;
+ element_set(p->x, a);
+ element_set0(p->y);
+}
+
+void element_field_to_fi(element_ptr a, element_ptr b) {
+ element_field_to_quadratic(a, b);
+}
+
+static element_ptr fq_get_x(element_ptr a) {
+ return ((eptr) a->data)->x;
+}
+
+static element_ptr fq_get_y(element_ptr a) {
+ return ((eptr) a->data)->y;
+}
+
+void field_init_quadratic(field_ptr f, field_ptr fbase) {
+ field_init(f);
+
+ f->field_clear = field_clear_fq;
+ f->data = fbase;
+
+ f->init = fq_init;
+ f->clear = fq_clear;
+ f->set_si = fq_set_si;
+ f->set_mpz = fq_set_mpz;
+ f->to_mpz = fq_to_mpz;
+ f->out_str = fq_out_str;
+ f->snprint = fq_snprint;
+ f->set_multiz = fq_set_multiz;
+ f->set_str = fq_set_str;
+ f->sign = fq_sign;
+ f->add = fq_add;
+ f->sub = fq_sub;
+ f->set = fq_set;
+ f->mul = fq_mul;
+ f->mul_mpz = fq_mul_mpz;
+ f->mul_si = fq_mul_si;
+ f->square = fq_square;
+ f->doub = fq_double;
+ f->neg = fq_neg;
+ f->cmp = fq_cmp;
+ f->invert = fq_invert;
+ f->random = fq_random;
+ f->from_hash = fq_from_hash;
+ f->is1 = fq_is1;
+ f->is0 = fq_is0;
+ f->set0 = fq_set0;
+ f->set1 = fq_set1;
+ f->is_sqr = fq_is_sqr;
+ f->sqrt = fq_sqrt;
+ f->to_bytes = fq_to_bytes;
+ f->from_bytes = fq_from_bytes;
+ f->out_info = fq_out_info;
+ f->item_count = fq_item_count;
+ f->item = fq_item;
+ f->get_x = fq_get_x;
+ f->get_y = fq_get_y;
+
+ mpz_mul(f->order, fbase->order, fbase->order);
+ if (fbase->fixed_length_in_bytes < 0) {
+ f->length_in_bytes = fq_length_in_bytes;
+ f->fixed_length_in_bytes = -1;
+ } else {
+ f->fixed_length_in_bytes = 2 * fbase->fixed_length_in_bytes;
+ }
+}
+
+void field_init_fi(field_ptr f, field_ptr fbase) {
+ field_init(f);
+ f->field_clear = field_clear_fi;
+ f->data = fbase;
+ f->init = fq_init;
+ f->clear = fq_clear;
+ f->set_si = fq_set_si;
+ f->set_mpz = fq_set_mpz;
+ f->to_mpz = fq_to_mpz;
+ f->out_str = fq_out_str;
+ f->snprint = fq_snprint;
+ f->set_multiz = fq_set_multiz;
+ f->set_str = fq_set_str;
+ f->sign = fq_sign;
+ f->add = fq_add;
+ f->sub = fq_sub;
+ f->set = fq_set;
+ f->mul = fi_mul;
+ f->mul_mpz = fq_mul_mpz;
+ f->mul_si = fq_mul_si;
+ f->square = fi_square;
+ f->doub = fq_double;
+ f->neg = fq_neg;
+ f->cmp = fq_cmp;
+ f->invert = fi_invert;
+ f->random = fq_random;
+ f->from_hash = fq_from_hash;
+ f->is1 = fq_is1;
+ f->is0 = fq_is0;
+ f->set0 = fq_set0;
+ f->set1 = fq_set1;
+ f->is_sqr = fi_is_sqr;
+ f->sqrt = fi_sqrt;
+ f->to_bytes = fq_to_bytes;
+ f->from_bytes = fq_from_bytes;
+ f->out_info = fi_out_info;
+ f->item_count = fq_item_count;
+ f->item = fq_item;
+ f->get_x = fq_get_x;
+ f->get_y = fq_get_y;
+
+ mpz_mul(f->order, fbase->order, fbase->order);
+ if (fbase->fixed_length_in_bytes < 0) {
+ f->length_in_bytes = fq_length_in_bytes;
+ f->fixed_length_in_bytes = -1;
+ } else {
+ f->fixed_length_in_bytes = 2 * fbase->fixed_length_in_bytes;
+ }
+}
diff --git a/moon-abe/pbc-0.5.14/arith/fp.c b/moon-abe/pbc-0.5.14/arith/fp.c
new file mode 100644
index 00000000..e0127a8e
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/arith/fp.c
@@ -0,0 +1,49 @@
+// F_p initialization.
+//
+// Specific implementations of F_p are found in naivefp.c, fastfp.c, fasterfp.c
+// and montfp.c. For pairing-based cryptosystems, montfp.c is the fastest.
+// I keep all versions around for testing, and also to show off the modularity
+// of the code.
+
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <gmp.h>
+#include <string.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_fp.h"
+
+// By default, use the montfp.c implementation of F_p. After
+// pbc_tweak_use_fp(), future field_init_fp calls will use the specified
+// implementation. This is useful for benchmarking and testing.
+static void (*option_fpinit) (field_ptr f, mpz_t prime) = field_init_mont_fp;
+
+void pbc_tweak_use_fp(char *s) {
+ if (!strcmp(s, "naive")) {
+ option_fpinit = field_init_naive_fp;
+ } else if (!strcmp(s, "fast")) {
+ option_fpinit = field_init_fast_fp;
+ } else if (!strcmp(s, "faster")) {
+ option_fpinit = field_init_faster_fp;
+ } else if (!strcmp(s, "mont")) {
+ option_fpinit = field_init_mont_fp;
+ } else {
+ pbc_error("no such Fp implementation: %s", s);
+ }
+}
+
+void field_init_fp(field_ptr f, mpz_t modulus) {
+ if (mpz_fits_ulong_p(modulus)) {
+ // If this case mattered, I'd have written a F_p implementation specialized
+ // for moduli that fits into machine words.
+ field_init_naive_fp(f, modulus);
+ } else {
+ if (mpz_odd_p(modulus)) {
+ option_fpinit(f, modulus);
+ } else {
+ // montfp.c only supports odd moduli.
+ field_init_faster_fp(f, modulus);
+ }
+ }
+}
diff --git a/moon-abe/pbc-0.5.14/arith/init_random.c b/moon-abe/pbc-0.5.14/arith/init_random.c
new file mode 100644
index 00000000..bd040a38
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/arith/init_random.c
@@ -0,0 +1,18 @@
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h>
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_random.h"
+
+void pbc_init_random(void) {
+ FILE *fp;
+ fp = fopen("/dev/urandom", "rb");
+ if (!fp) {
+ pbc_warn("could not open /dev/urandom, using deterministic random number generator");
+ pbc_random_set_deterministic(0);
+ } else {
+ pbc_random_set_file("/dev/urandom");
+ fclose(fp);
+ }
+}
diff --git a/moon-abe/pbc-0.5.14/arith/init_random.win32.c b/moon-abe/pbc-0.5.14/arith/init_random.win32.c
new file mode 100644
index 00000000..ec7f8732
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/arith/init_random.win32.c
@@ -0,0 +1,52 @@
+// Win32 Compatibility Code added by Yulian Kalev and Stefan Georg Weber.
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h>
+#include <windows.h>
+#include <wincrypt.h>
+#include <gmp.h>
+#include "pbc_random.h"
+#include "pbc_utils.h"
+#include "pbc_memory.h"
+
+static void win32_mpz_random(mpz_t r, mpz_t limit, void *data) {
+ UNUSED_VAR (data);
+ HCRYPTPROV phProv;
+ unsigned int error;
+ if (!CryptAcquireContext(&phProv,NULL,NULL,PROV_RSA_FULL,0)) {
+ error = GetLastError();
+ if (error == 0x80090016) { //need to create a new keyset
+ if (!CryptAcquireContext(&phProv,NULL,NULL,PROV_RSA_FULL,CRYPT_NEWKEYSET)) {
+ pbc_error("Couldn't create CryptContext: %x", (int)GetLastError());
+ return;
+ }
+ } else {
+ pbc_error("Couldn't create CryptContext: %x", error);
+ return;
+ }
+ }
+ int n, bytecount, leftover;
+ unsigned char *bytes;
+ mpz_t z;
+ mpz_init(z);
+ n = mpz_sizeinbase(limit, 2);
+ bytecount = (n + 7) / 8;
+ leftover = n % 8;
+ bytes = (unsigned char *) pbc_malloc(bytecount);
+ for (;;) {
+ CryptGenRandom(phProv,bytecount,(byte *)bytes);
+ if (leftover) {
+ *bytes = *bytes % (1 << leftover);
+ }
+ mpz_import(z, bytecount, 1, 1, 0, 0, bytes);
+ if (mpz_cmp(z, limit) < 0) break;
+ }
+ CryptReleaseContext(phProv,0);
+ mpz_set(r, z);
+ mpz_clear(z);
+ pbc_free(bytes);
+}
+
+void pbc_init_random(void) {
+ pbc_random_set_function(win32_mpz_random, NULL);
+}
diff --git a/moon-abe/pbc-0.5.14/arith/montfp.c b/moon-abe/pbc-0.5.14/arith/montfp.c
new file mode 100644
index 00000000..c79bb72b
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/arith/montfp.c
@@ -0,0 +1,596 @@
+// F_p using Montgomery representation.
+//
+// Let b = 256^sizeof(mp_limb_t).
+// Let R = b^t be the smallest power of b greater than the modulus p.
+// Then x is stored as xR (mod p).
+// Addition: same as naive implementation.
+// Multipication: Montgomery reduction.
+// Code assumes the modulus p is odd.
+//
+// TODO: mul_2exp(x, p->bytes * 8) could be replaced with
+// faster code that messes with GMP internals
+
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h>
+#include <string.h>
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_random.h"
+#include "pbc_fp.h"
+#include "pbc_memory.h"
+
+// Per-field data.
+typedef struct {
+ size_t limbs; // Number of limbs per element.
+ size_t bytes; // Number of bytes per element.
+ mp_limb_t *primelimbs; // Points to an array of limbs holding the modulus.
+ mp_limb_t negpinv; // -p^-1 mod b
+ mp_limb_t *R; // R mod p
+ mp_limb_t *R3; // R^3 mod p
+} *fptr;
+
+// Per-element data.
+typedef struct {
+ char flag; // flag == 0 means the element is zero.
+ mp_limb_t *d; // Otherwise d points to an array holding the element.
+} *eptr;
+
+// Copies limbs of z into dst and zeroes any leading limbs, where n is the
+// total number of limbs.
+// Requires z to have at most n limbs.
+static inline void set_limbs(mp_limb_t *dst, mpz_t z, size_t n) {
+ size_t count;
+ mpz_export(dst, &count, -1, sizeof(mp_limb_t), 0, 0, z);
+ memset((void *) (((unsigned char *) dst) + count * sizeof(mp_limb_t)),
+ 0, (n - count) * sizeof(mp_limb_t));
+}
+
+static void fp_init(element_ptr e) {
+ fptr p = e->field->data;
+ eptr ep = e->data = pbc_malloc(sizeof(*ep));
+ ep->flag = 0;
+ ep->d = pbc_malloc(p->bytes);
+}
+
+static void fp_clear(element_ptr e) {
+ eptr ep = e->data;
+ pbc_free(ep->d);
+ pbc_free(e->data);
+}
+
+static void fp_set_mpz(element_ptr e, mpz_ptr z) {
+ fptr p = e->field->data;
+ eptr ep = e->data;
+ if (!mpz_sgn(z)) ep->flag = 0;
+ else {
+ mpz_t tmp;
+ mpz_init(tmp);
+ mpz_mul_2exp(tmp, z, p->bytes * 8);
+ mpz_mod(tmp, tmp, e->field->order);
+ if (!mpz_sgn(tmp)) ep->flag = 0;
+ else {
+ set_limbs(ep->d, tmp, p->limbs);
+ ep->flag = 2;
+ }
+ mpz_clear(tmp);
+ }
+}
+
+static void fp_set_si(element_ptr e, signed long int op) {
+ fptr p = e->field->data;
+ eptr ep = e->data;
+ if (!op) ep->flag = 0;
+ else {
+ mpz_t tmp;
+ mpz_init(tmp);
+ // TODO: Could be optimized.
+ mpz_set_si(tmp, op);
+ mpz_mul_2exp(tmp, tmp, p->bytes * 8);
+ mpz_mod(tmp, tmp, e->field->order);
+ if (!mpz_sgn(tmp)) ep->flag = 0;
+ else {
+ set_limbs(ep->d, tmp, p->limbs);
+ ep->flag = 2;
+ }
+ mpz_clear(tmp);
+ }
+}
+
+// Montgomery reduction.
+// Algorithm II.4 from Blake, Seroussi and Smart.
+static void mont_reduce(mp_limb_t *x, mp_limb_t *y, fptr p) {
+ size_t t = p->limbs;
+ size_t i;
+ mp_limb_t flag = 0;
+ for (i = 0; i < t; i++) {
+ mp_limb_t u = y[i] * p->negpinv;
+ mp_limb_t carry = mpn_addmul_1(&y[i], p->primelimbs, t, u);
+ //mpn_add_1(&y[i+t], &y[i+t], t - i + 1, carry);
+ flag += mpn_add_1(&y[i + t], &y[i + t], t - i, carry);
+ }
+ if (flag || mpn_cmp(&y[t], p->primelimbs, t) >= 0) {
+ mpn_sub_n(x, &y[t], p->primelimbs, t);
+ } else {
+ // TODO: GMP set might be faster.
+ memcpy(x, &y[t], t * sizeof(mp_limb_t));
+ }
+}
+
+static void fp_to_mpz(mpz_ptr z, element_ptr e) {
+ eptr ep = e->data;
+ if (!ep->flag) mpz_set_ui(z, 0);
+ else {
+ // x is stored as xR.
+ // We must divide out R to convert to standard representation.
+ fptr p = e->field->data;
+ mp_limb_t tmp[2 * p->limbs];
+
+ memcpy(tmp, ep->d, p->limbs * sizeof(mp_limb_t));
+ memset(&tmp[p->limbs], 0, p->limbs * sizeof(mp_limb_t));
+ _mpz_realloc(z, p->limbs);
+ mont_reduce(z->_mp_d, tmp, p);
+ // Remove leading zero limbs.
+ for (z->_mp_size = p->limbs; !z->_mp_d[z->_mp_size - 1]; z->_mp_size--);
+ }
+}
+
+static void fp_set0(element_ptr e) {
+ eptr ep = e->data;
+ ep->flag = 0;
+}
+
+static void fp_set1(element_ptr e) {
+ fptr p = e->field->data;
+ eptr ep = e->data;
+ ep->flag = 2;
+ memcpy(ep->d, p->R, p->bytes);
+}
+
+static int fp_is1(element_ptr e) {
+ eptr ep = e->data;
+ if (!ep->flag) return 0;
+ else {
+ fptr p = e->field->data;
+ return !mpn_cmp(ep->d, p->R, p->limbs);
+ }
+}
+
+static int fp_is0(element_ptr e) {
+ eptr ep = e->data;
+ return !ep->flag;
+}
+
+static size_t fp_out_str(FILE * stream, int base, element_ptr e) {
+ size_t result;
+ mpz_t z;
+ mpz_init(z);
+ fp_to_mpz(z, e);
+ result = mpz_out_str(stream, base, z);
+ mpz_clear(z);
+ return result;
+}
+
+static int fp_snprint(char *s, size_t n, element_ptr e) {
+ int result;
+ mpz_t z;
+ mpz_init(z);
+ fp_to_mpz(z, e);
+ result = gmp_snprintf(s, n, "%Zd", z);
+ mpz_clear(z);
+ return result;
+}
+
+static int fp_set_str(element_ptr e, const char *s, int base) {
+ mpz_t z;
+ mpz_init(z);
+ int result = pbc_mpz_set_str(z, s, base);
+ mpz_mod(z, z, e->field->order);
+ fp_set_mpz(e, z);
+ mpz_clear(z);
+ return result;
+}
+
+static void fp_set(element_ptr c, element_ptr a) {
+ eptr ad = a->data;
+ eptr cd = c->data;
+ if (a == c) return;
+ if (!ad->flag) cd->flag = 0;
+ else {
+ fptr p = a->field->data;
+
+ // Assembly is faster, but I don't want to stoop to that level.
+ // Instead of memcpy(), we rewrite so GMP assembly ends up being invoked.
+ /*
+ memcpy(cd->d, ad->d, p->bytes);
+ */
+ mpz_t z1, z2;
+ z1->_mp_d = cd->d;
+ z2->_mp_d = ad->d;
+ z1->_mp_size = z1->_mp_alloc = z2->_mp_size = z2->_mp_alloc = p->limbs;
+ mpz_set(z1, z2);
+
+ cd->flag = 2;
+ }
+}
+
+static void fp_add(element_ptr c, element_ptr a, element_ptr b) {
+ eptr ad = a->data, bd = b->data;
+
+ if (!ad->flag) {
+ fp_set(c, b);
+ } else if (!bd->flag) {
+ fp_set(c, a);
+ } else {
+ eptr cd = c->data;
+ fptr p = a->field->data;
+ const size_t t = p->limbs;
+ mp_limb_t carry;
+ carry = mpn_add_n(cd->d, ad->d, bd->d, t);
+
+ if (carry) {
+ // Assumes result of following sub is not zero,
+ // i.e. modulus cannot be 2^(n * bits_per_limb).
+ mpn_sub_n(cd->d, cd->d, p->primelimbs, t);
+ cd->flag = 2;
+ } else {
+ int i = mpn_cmp(cd->d, p->primelimbs, t);
+ if (!i) {
+ cd->flag = 0;
+ } else {
+ cd->flag = 2;
+ if (i > 0) {
+ mpn_sub_n(cd->d, cd->d, p->primelimbs, t);
+ }
+ }
+ }
+ }
+}
+
+static void fp_double(element_ptr c, element_ptr a) {
+ eptr ad = a->data, cd = c->data;
+ if (!ad->flag) {
+ cd->flag = 0;
+ } else {
+ fptr p = c->field->data;
+ const size_t t = p->limbs;
+ if (mpn_lshift(cd->d, ad->d, t, 1)) {
+ cd->flag = 2;
+ // Again, assumes result is not zero.
+ mpn_sub_n(cd->d, cd->d, p->primelimbs, t);
+ } else {
+ int i = mpn_cmp(cd->d, p->primelimbs, t);
+ if (!i) {
+ cd->flag = 0;
+ } else {
+ cd->flag = 2;
+ if (i > 0) {
+ mpn_sub_n(cd->d, cd->d, p->primelimbs, t);
+ }
+ }
+ }
+ }
+}
+
+static void fp_halve(element_ptr c, element_ptr a) {
+ eptr ad = a->data, cd = c->data;
+ if (!ad->flag) {
+ cd->flag = 0;
+ } else {
+ fptr p = c->field->data;
+ const size_t t = p->limbs;
+ int carry = 0;
+ mp_limb_t *alimb = ad->d;
+ mp_limb_t *climb = cd->d;
+ if (alimb[0] & 1) {
+ carry = mpn_add_n(climb, alimb, p->primelimbs, t);
+ } else fp_set(c, a);
+
+ mpn_rshift(climb, climb, t, 1);
+ if (carry) climb[t - 1] |= ((mp_limb_t) 1) << (sizeof(mp_limb_t) * 8 - 1);
+ }
+}
+
+static void fp_neg(element_ptr c, element_ptr a) {
+ eptr ad = a->data, cd = c->data;
+ if (!ad->flag) cd->flag = 0;
+ else {
+ fptr p = a->field->data;
+ mpn_sub_n(cd->d, p->primelimbs, ad->d, p->limbs);
+ cd->flag = 2;
+ }
+}
+
+static void fp_sub(element_ptr c, element_ptr a, element_ptr b) {
+ eptr ad = a->data, bd = b->data;
+
+ if (!ad->flag) {
+ fp_neg(c, b);
+ } else if (!bd->flag) {
+ fp_set(c, a);
+ } else {
+ fptr p = c->field->data;
+ size_t t = p->limbs;
+ eptr cd = c->data;
+ int i = mpn_cmp(ad->d, bd->d, t);
+
+ if (i == 0) {
+ cd->flag = 0;
+ } else {
+ cd->flag = 2;
+ mpn_sub_n(cd->d, ad->d, bd->d, t);
+ if (i < 0) {
+ mpn_add_n(cd->d, cd->d, p->primelimbs, t);
+ }
+ }
+ }
+}
+
+// Montgomery multiplication.
+// See Blake, Seroussi and Smart.
+static inline void mont_mul(mp_limb_t *c, mp_limb_t *a, mp_limb_t *b,
+ fptr p) {
+ // Instead of right shifting every iteration
+ // I allocate more room for the z array.
+ size_t i, t = p->limbs;
+ mp_limb_t z[2 * t + 1];
+ mp_limb_t u = (a[0] * b[0]) * p->negpinv;
+ mp_limb_t v = z[t] = mpn_mul_1(z, b, t, a[0]);
+ z[t] += mpn_addmul_1(z, p->primelimbs, t, u);
+ z[t + 1] = z[t] < v; // Handle overflow.
+ for (i = 1; i < t; i++) {
+ u = (z[i] + a[i] * b[0]) * p->negpinv;
+ v = z[t + i] += mpn_addmul_1(z + i, b, t, a[i]);
+ z[t + i] += mpn_addmul_1(z + i, p->primelimbs, t, u);
+ z[t + i + 1] = z[t + i] < v;
+ }
+ if (z[t * 2] || mpn_cmp(z + t, p->primelimbs, t) >= 0) {
+ mpn_sub_n(c, z + t, p->primelimbs, t);
+ } else {
+ memcpy(c, z + t, t * sizeof(mp_limb_t));
+ // Doesn't seem to make a difference:
+ /*
+ mpz_t z1, z2;
+ z1->_mp_d = c;
+ z2->_mp_d = z + t;
+ z1->_mp_size = z1->_mp_alloc = z2->_mp_size = z2->_mp_alloc = t;
+ mpz_set(z1, z2);
+ */
+ }
+}
+
+static void fp_mul(element_ptr c, element_ptr a, element_ptr b) {
+ eptr ad = a->data, bd = b->data;
+ eptr cd = c->data;
+
+ if (!ad->flag || !bd->flag) {
+ cd->flag = 0;
+ } else {
+ fptr p = c->field->data;
+ mont_mul(cd->d, ad->d, bd->d, p);
+ cd->flag = 2;
+ }
+}
+
+static void fp_pow_mpz(element_ptr c, element_ptr a, mpz_ptr op) {
+ // Alternative: rewrite GMP mpz_powm().
+ fptr p = a->field->data;
+ eptr ad = a->data;
+ eptr cd = c->data;
+ if (!ad->flag) cd->flag = 0;
+ else {
+ mpz_t z;
+ mpz_init(z);
+ fp_to_mpz(z, a);
+ mpz_powm(z, z, op, a->field->order);
+ mpz_mul_2exp(z, z, p->bytes * 8);
+ mpz_mod(z, z, a->field->order);
+ set_limbs(cd->d, z, p->limbs);
+ mpz_clear(z);
+ cd->flag = 2;
+ }
+}
+
+// Inversion is slower than in a naive Fp implementation because of an extra
+// multiplication.
+// Requires nonzero a.
+static void fp_invert(element_ptr c, element_ptr a) {
+ eptr ad = a->data;
+ eptr cd = c->data;
+ fptr p = a->field->data;
+ mp_limb_t tmp[p->limbs];
+ mpz_t z;
+
+ mpz_init(z);
+
+ // Copy the limbs into a regular mpz_t so we can invert using the standard
+ // mpz_invert().
+ mpz_import(z, p->limbs, -1, sizeof(mp_limb_t), 0, 0, ad->d);
+ mpz_invert(z, z, a->field->order);
+ set_limbs(tmp, z, p->limbs);
+
+ // Normalize.
+ mont_mul(cd->d, tmp, p->R3, p);
+ cd->flag = 2;
+ mpz_clear(z);
+}
+
+static void fp_random(element_ptr a) {
+ fptr p = a->field->data;
+ eptr ad = a->data;
+ mpz_t z;
+ mpz_init(z);
+ pbc_mpz_random(z, a->field->order);
+ if (mpz_sgn(z)) {
+ mpz_mul_2exp(z, z, p->bytes * 8);
+ mpz_mod(z, z, a->field->order);
+ set_limbs(ad->d, z, p->limbs);
+ ad->flag = 2;
+ } else {
+ ad->flag = 0;
+ }
+ mpz_clear(z);
+}
+
+static void fp_from_hash(element_ptr a, void *data, int len) {
+ mpz_t z;
+
+ mpz_init(z);
+ pbc_mpz_from_hash(z, a->field->order, data, len);
+ fp_set_mpz(a, z);
+ mpz_clear(z);
+}
+
+static int fp_cmp(element_ptr a, element_ptr b) {
+ eptr ad = a->data, bd = b->data;
+ if (!ad->flag) return bd->flag;
+ else {
+ fptr p = a->field->data;
+ return mpn_cmp(ad->d, bd->d, p->limbs);
+ //return memcmp(ad->d, bd->d, p->limbs);
+ }
+}
+
+static int fp_sgn_odd(element_ptr a) {
+ eptr ad = a->data;
+ if (!ad->flag) return 0;
+ else {
+ mpz_t z;
+ mpz_init(z);
+ int res;
+ fp_to_mpz(z, a);
+ res = mpz_odd_p(z) ? 1 : -1;
+ mpz_clear(z);
+ return res;
+ }
+}
+
+static int fp_is_sqr(element_ptr a) {
+ eptr ad = a->data;
+ int res;
+ mpz_t z;
+ mpz_init(z);
+ // 0 is a square.
+ if (!ad->flag) return 1;
+ fp_to_mpz(z, a);
+ res = mpz_legendre(z, a->field->order) == 1;
+ mpz_clear(z);
+ return res;
+}
+
+static int fp_to_bytes(unsigned char *data, element_t a) {
+ mpz_t z;
+ int n = a->field->fixed_length_in_bytes;
+
+ mpz_init(z);
+ fp_to_mpz(z, a);
+ pbc_mpz_out_raw_n(data, n, z);
+ mpz_clear(z);
+ return n;
+}
+
+static int fp_from_bytes(element_t a, unsigned char *data) {
+ fptr p = a->field->data;
+ eptr ad = a->data;
+ int n;
+ mpz_t z;
+
+ mpz_init(z);
+
+ n = a->field->fixed_length_in_bytes;
+ mpz_import(z, n, 1, 1, 1, 0, data);
+ if (!mpz_sgn(z)) ad->flag = 0;
+ else {
+ ad->flag = 2;
+ mpz_mul_2exp(z, z, p->bytes * 8);
+ mpz_mod(z, z, a->field->order);
+ set_limbs(ad->d, z, p->limbs);
+ }
+ mpz_clear(z);
+ return n;
+}
+
+static void fp_field_clear(field_t f) {
+ fptr p = f->data;
+ pbc_free(p->primelimbs);
+ pbc_free(p->R);
+ pbc_free(p->R3);
+ pbc_free(p);
+}
+
+// The only public functions. All the above should be static.
+
+static void fp_out_info(FILE * out, field_ptr f) {
+ element_fprintf(out, "GF(%Zd): Montgomery representation", f->order);
+}
+
+void field_init_mont_fp(field_ptr f, mpz_t prime) {
+ PBC_ASSERT(!mpz_fits_ulong_p(prime), "modulus too small");
+ fptr p;
+ field_init(f);
+ f->init = fp_init;
+ f->clear = fp_clear;
+ f->set_si = fp_set_si;
+ f->set_mpz = fp_set_mpz;
+ f->out_str = fp_out_str;
+ f->snprint = fp_snprint;
+ f->set_str = fp_set_str;
+ f->add = fp_add;
+ f->sub = fp_sub;
+ f->set = fp_set;
+ f->mul = fp_mul;
+ f->doub = fp_double;
+ f->halve = fp_halve;
+ f->pow_mpz = fp_pow_mpz;
+ f->neg = fp_neg;
+ f->sign = fp_sgn_odd;
+ f->cmp = fp_cmp;
+ f->invert = fp_invert;
+ f->random = fp_random;
+ f->from_hash = fp_from_hash;
+ f->is1 = fp_is1;
+ f->is0 = fp_is0;
+ f->set0 = fp_set0;
+ f->set1 = fp_set1;
+ f->is_sqr = fp_is_sqr;
+ f->sqrt = element_tonelli;
+ f->field_clear = fp_field_clear;
+ f->to_bytes = fp_to_bytes;
+ f->from_bytes = fp_from_bytes;
+ f->to_mpz = fp_to_mpz;
+ f->out_info = fp_out_info;
+
+ // Initialize per-field data specific to this implementation.
+ p = f->data = pbc_malloc(sizeof(*p));
+ p->limbs = mpz_size(prime);
+ p->bytes = p->limbs * sizeof(mp_limb_t);
+ p->primelimbs = pbc_malloc(p->bytes);
+ mpz_export(p->primelimbs, &p->limbs, -1, sizeof(mp_limb_t), 0, 0, prime);
+
+ mpz_set(f->order, prime);
+ f->fixed_length_in_bytes = (mpz_sizeinbase(prime, 2) + 7) / 8;
+
+ // Compute R, R3 and negpinv.
+ mpz_t z;
+ mpz_init(z);
+
+ p->R = pbc_malloc(p->bytes);
+ p->R3 = pbc_malloc(p->bytes);
+ mpz_setbit(z, p->bytes * 8);
+ mpz_mod(z, z, prime);
+ set_limbs(p->R, z, p->limbs);
+
+ mpz_powm_ui(z, z, 3, prime);
+ set_limbs(p->R3, z, p->limbs);
+
+ mpz_set_ui(z, 0);
+
+ // Algorithm II.5 in Blake, Seroussi and Smart is better but this suffices
+ // since we're only doing it once.
+ mpz_setbit(z, p->bytes * 8);
+ mpz_invert(z, prime, z);
+ p->negpinv = -mpz_get_ui(z);
+ mpz_clear(z);
+}
diff --git a/moon-abe/pbc-0.5.14/arith/multiz.c b/moon-abe/pbc-0.5.14/arith/multiz.c
new file mode 100644
index 00000000..6c8b43cc
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/arith/multiz.c
@@ -0,0 +1,589 @@
+// Multinomials over Z.
+// e.g. [[1, 2], 3, [4, [5, 6]]] means
+// (1 + 2y) + 3 x + (4 + (5 + 6z)y)x^2
+// Convenient interchange format for different groups, rings, and fields.
+
+// TODO: Canonicalize, e.g. [[1]], 0, 0] --> 1.
+
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h>
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_multiz.h"
+#include "pbc_random.h"
+#include "pbc_fp.h"
+#include "pbc_memory.h"
+#include "misc/darray.h"
+
+// Per-element data.
+struct multiz_s {
+ // Either it's an mpz, or a list of mpzs.
+ char type;
+ union {
+ mpz_t z;
+ darray_t a;
+ };
+};
+
+enum {
+ T_MPZ,
+ T_ARR,
+};
+
+static multiz multiz_new_empty_list(void) {
+ multiz ep = pbc_malloc(sizeof(*ep));
+ ep->type = T_ARR;
+ darray_init(ep->a);
+ return ep;
+}
+
+void multiz_append(element_ptr x, element_ptr e) {
+ multiz l = x->data;
+ darray_append(l->a, e->data);
+}
+
+static multiz multiz_new(void) {
+ multiz ep = pbc_malloc(sizeof(*ep));
+ ep->type = T_MPZ;
+ mpz_init(ep->z);
+ return ep;
+}
+
+static void f_init(element_ptr e) {
+ e->data = multiz_new();
+}
+
+static void multiz_free(multiz ep) {
+ switch(ep->type) {
+ case T_MPZ:
+ mpz_clear(ep->z);
+ break;
+ default:
+ PBC_ASSERT(T_ARR == ep->type, "no such type");
+ darray_forall(ep->a, (void(*)(void*))multiz_free);
+ darray_clear(ep->a);
+ break;
+ }
+ pbc_free(ep);
+}
+
+static void f_clear(element_ptr e) {
+ multiz_free(e->data);
+}
+
+element_ptr multiz_new_list(element_ptr e) {
+ element_ptr x = pbc_malloc(sizeof(*x));
+ element_init_same_as(x, e);
+ multiz_free(x->data);
+ x->data = multiz_new_empty_list();
+ multiz_append(x, e);
+ return x;
+}
+
+static void f_set_si(element_ptr e, signed long int op) {
+ multiz_free(e->data);
+ f_init(e);
+ multiz ep = e->data;
+ mpz_set_si(ep->z, op);
+}
+
+static void f_set_mpz(element_ptr e, mpz_ptr z) {
+ multiz_free(e->data);
+ f_init(e);
+ multiz ep = e->data;
+ mpz_set(ep->z, z);
+}
+
+static void f_set0(element_ptr e) {
+ multiz_free(e->data);
+ f_init(e);
+}
+
+static void f_set1(element_ptr e) {
+ multiz_free(e->data);
+ f_init(e);
+ multiz ep = e->data;
+ mpz_set_ui(ep->z, 1);
+}
+
+static size_t multiz_out_str(FILE *stream, int base, multiz ep) {
+ switch(ep->type) {
+ case T_MPZ:
+ return mpz_out_str(stream, base, ep->z);
+ default:
+ PBC_ASSERT(T_ARR == ep->type, "no such type");
+ fputc('[', stream);
+ size_t res = 1;
+ int n = darray_count(ep->a);
+ int i;
+ for(i = 0; i < n; i++) {
+ if (i) res += 2, fputs(", ", stream);
+ res += multiz_out_str(stream, base, darray_at(ep->a, i));
+ }
+ fputc(']', stream);
+ res++;
+ return res;
+ }
+}
+
+static size_t f_out_str(FILE *stream, int base, element_ptr e) {
+ return multiz_out_str(stream, base, e->data);
+}
+
+void multiz_to_mpz(mpz_ptr z, multiz ep) {
+ while(ep->type == T_ARR) ep = darray_at(ep->a, 0);
+ PBC_ASSERT(T_MPZ == ep->type, "no such type");
+ mpz_set(z, ep->z);
+}
+
+static void f_to_mpz(mpz_ptr z, element_ptr a) {
+ multiz_to_mpz(z, a->data);
+}
+
+static int multiz_sgn(multiz ep) {
+ while(ep->type == T_ARR) ep = darray_at(ep->a, 0);
+ PBC_ASSERT(T_MPZ == ep->type, "no such type");
+ return mpz_sgn(ep->z);
+}
+
+static int f_sgn(element_ptr a) {
+ return multiz_sgn(a->data);
+}
+
+static void add_to_x(void *data,
+ multiz x,
+ void (*fun)(mpz_t, const mpz_t, void *scope_ptr),
+ void *scope_ptr);
+
+static multiz multiz_new_unary(const multiz y,
+ void (*fun)(mpz_t, const mpz_t, void *scope_ptr), void *scope_ptr) {
+ multiz x = pbc_malloc(sizeof(*x));
+ switch(y->type) {
+ case T_MPZ:
+ x->type = T_MPZ;
+ mpz_init(x->z);
+ fun(x->z, y->z, scope_ptr);
+ break;
+ default:
+ PBC_ASSERT(T_ARR == ep->type, "no such type");
+ x->type = T_ARR;
+ darray_init(x->a);
+ darray_forall4(y->a,
+ (void(*)(void*,void*,void*,void*))add_to_x,
+ x,
+ fun,
+ scope_ptr);
+ break;
+ }
+ return x;
+}
+
+static void add_to_x(void *data,
+ multiz x,
+ void (*fun)(mpz_t, const mpz_t, void *scope_ptr),
+ void *scope_ptr) {
+ darray_append(x->a, multiz_new_unary(data, fun, scope_ptr));
+}
+
+static void mpzset(mpz_t dst, const mpz_t src, void *scope_ptr) {
+ UNUSED_VAR(scope_ptr);
+ mpz_set(dst, src);
+}
+
+static multiz multiz_clone(multiz y) {
+ return multiz_new_unary(y, (void(*)(mpz_t, const mpz_t, void *))mpzset, NULL);
+}
+
+static multiz multiz_new_bin(const multiz a, const multiz b,
+ void (*fun)(mpz_t, const mpz_t, const mpz_t)) {
+ if (T_MPZ == a->type) {
+ if (T_MPZ == b->type) {
+ multiz x = multiz_new();
+ fun(x->z, a->z, b->z);
+ return x;
+ } else {
+ multiz x = multiz_clone(b);
+ multiz z = x;
+ PBC_ASSERT(T_ARR == z->type, "no such type");
+ while(z->type == T_ARR) z = darray_at(z->a, 0);
+ fun(z->z, a->z, z->z);
+ return x;
+ }
+ } else {
+ PBC_ASSERT(T_ARR == a->type, "no such type");
+ if (T_MPZ == b->type) {
+ multiz x = multiz_clone(a);
+ multiz z = x;
+ PBC_ASSERT(T_ARR == z->type, "no such type");
+ while(z->type == T_ARR) z = darray_at(z->a, 0);
+ fun(z->z, b->z, z->z);
+ return x;
+ } else {
+ PBC_ASSERT(T_ARR == b->type, "no such type");
+ int m = darray_count(a->a);
+ int n = darray_count(b->a);
+ int min = m < n ? m : n;
+ int max = m > n ? m : n;
+ multiz x = multiz_new_empty_list();
+ int i;
+ for(i = 0; i < min; i++) {
+ multiz z = multiz_new_bin(darray_at(a->a, i), darray_at(b->a, i), fun);
+ darray_append(x->a, z);
+ }
+ multiz zero = multiz_new();
+ for(; i < max; i++) {
+ multiz z = multiz_new_bin(m > n ? darray_at(a->a, i) : zero,
+ n > m ? darray_at(b->a, i) : zero,
+ fun);
+ darray_append(x->a, z);
+ }
+ multiz_free(zero);
+ return x;
+ }
+ }
+}
+static multiz multiz_new_add(const multiz a, const multiz b) {
+ return multiz_new_bin(a, b, mpz_add);
+}
+
+static void f_add(element_ptr n, element_ptr a, element_ptr b) {
+ multiz delme = n->data;
+ n->data = multiz_new_add(a->data, b->data);
+ multiz_free(delme);
+}
+
+static multiz multiz_new_sub(const multiz a, const multiz b) {
+ return multiz_new_bin(a, b, mpz_sub);
+}
+static void f_sub(element_ptr n, element_ptr a, element_ptr b) {
+ multiz delme = n->data;
+ n->data = multiz_new_sub(a->data, b->data);
+ multiz_free(delme);
+}
+
+static void mpzmul(mpz_t x, const mpz_t y, const mpz_t z) {
+ mpz_mul(x, y, z);
+}
+
+static multiz multiz_new_mul(const multiz a, const multiz b) {
+ if (T_MPZ == a->type) {
+ // Multiply each coefficient of b by a->z.
+ return multiz_new_unary(b, (void(*)(mpz_t, const mpz_t, void *))mpzmul, a->z);
+ } else {
+ PBC_ASSERT(T_ARR == a->type, "no such type");
+ if (T_MPZ == b->type) {
+ // Multiply each coefficient of a by b->z.
+ return multiz_new_unary(a, (void(*)(mpz_t, const mpz_t, void *))mpzmul, b->z);
+ } else {
+ PBC_ASSERT(T_ARR == b->type, "no such type");
+ int m = darray_count(a->a);
+ int n = darray_count(b->a);
+ int max = m + n - 1;
+ multiz x = multiz_new_empty_list();
+ int i;
+ multiz zero = multiz_new();
+ for(i = 0; i < max; i++) {
+ multiz z = multiz_new();
+ int j;
+ for (j = 0; j <= i; j++) {
+ multiz y = multiz_new_mul(j < m ? darray_at(a->a, j) : zero,
+ i - j < n ? darray_at(b->a, i - j) : zero);
+ multiz t = multiz_new_add(z, y);
+ multiz_free(y);
+ multiz_free(z);
+ z = t;
+ }
+ darray_append(x->a, z);
+ }
+ multiz_free(zero);
+ return x;
+ }
+ }
+}
+static void f_mul(element_ptr n, element_ptr a, element_ptr b) {
+ multiz delme = n->data;
+ n->data = multiz_new_mul(a->data, b->data);
+ multiz_free(delme);
+}
+
+static void f_mul_mpz(element_ptr n, element_ptr a, mpz_ptr z) {
+ multiz delme = n->data;
+ n->data = multiz_new_unary(a->data, (void(*)(mpz_t, const mpz_t, void *))mpzmul, z);
+ multiz_free(delme);
+}
+
+static void mulsi(mpz_t x, const mpz_t y, signed long *i) {
+ mpz_mul_si(x, y, *i);
+}
+
+static void f_mul_si(element_ptr n, element_ptr a, signed long int z) {
+ multiz delme = n->data;
+ n->data = multiz_new_unary(a->data, (void(*)(mpz_t, const mpz_t, void *))mulsi, &z);
+ multiz_free(delme);
+}
+
+static void mpzneg(mpz_t dst, const mpz_t src, void *scope_ptr) {
+ UNUSED_VAR(scope_ptr);
+ mpz_neg(dst, src);
+}
+
+static multiz multiz_new_neg(multiz z) {
+ return multiz_new_unary(z, (void(*)(mpz_t, const mpz_t, void *))mpzneg, NULL);
+}
+
+static void f_set(element_ptr n, element_ptr a) {
+ multiz delme = n->data;
+ n->data = multiz_clone(a->data);
+ multiz_free(delme);
+}
+
+static void f_neg(element_ptr n, element_ptr a) {
+ multiz delme = n->data;
+ n->data = multiz_new_neg(a->data);
+ multiz_free(delme);
+}
+
+static void f_div(element_ptr c, element_ptr a, element_ptr b) {
+ mpz_t d;
+ mpz_init(d);
+ element_to_mpz(d, b);
+ multiz delme = c->data;
+ c->data = multiz_new_unary(a->data, (void(*)(mpz_t, const mpz_t, void *))mpz_tdiv_q, d);
+ mpz_clear(d);
+ multiz_free(delme);
+}
+
+// Doesn't make sense if order is infinite.
+static void f_random(element_ptr n) {
+ multiz delme = n->data;
+ f_init(n);
+ multiz_free(delme);
+}
+
+static void f_from_hash(element_ptr n, void *data, int len) {
+ mpz_t z;
+ mpz_init(z);
+ mpz_import(z, len, -1, 1, -1, 0, data);
+ f_set_mpz(n, z);
+ mpz_clear(z);
+}
+
+static int f_is1(element_ptr n) {
+ multiz ep = n->data;
+ return ep->type == T_MPZ && !mpz_cmp_ui(ep->z, 1);
+}
+
+int multiz_is0(multiz m) {
+ return m->type == T_MPZ && mpz_is0(m->z);
+}
+
+static int f_is0(element_ptr n) {
+ return multiz_is0(n->data);
+}
+
+static int f_item_count(element_ptr e) {
+ multiz z = e->data;
+ if (T_MPZ == z->type) return 0;
+ return darray_count(z->a);
+}
+
+// TODO: Redesign multiz so this doesn't leak.
+static element_ptr f_item(element_ptr e, int i) {
+ multiz z = e->data;
+ if (T_MPZ == z->type) return NULL;
+ element_ptr r = malloc(sizeof(*r));
+ r->field = e->field;
+ r->data = darray_at(z->a, i);
+ return r;
+}
+
+// Usual meaning when both are integers.
+// Otherwise, compare coefficients.
+static int multiz_cmp(multiz a, multiz b) {
+ if (T_MPZ == a->type) {
+ if (T_MPZ == b->type) {
+ // Simplest case: both are integers.
+ return mpz_cmp(a->z, b->z);
+ }
+ // Leading coefficient of b.
+ while(T_ARR == b->type) b = darray_last(b->a);
+ PBC_ASSERT(T_MPZ == b->type, "no such type");
+ return -mpz_sgn(b->z);
+ }
+ PBC_ASSERT(T_ARR == a->type, "no such type");
+ if (T_MPZ == b->type) {
+ // Leading coefficient of a.
+ while(T_ARR == a->type) a = darray_last(a->a);
+ PBC_ASSERT(T_MPZ == a->type, "no such type");
+ return mpz_sgn(a->z);
+ }
+ PBC_ASSERT(T_ARR == b->type, "no such type");
+ int m = darray_count(a->a);
+ int n = darray_count(b->a);
+ if (m > n) {
+ // Leading coefficient of a.
+ while(T_ARR == a->type) a = darray_last(a->a);
+ PBC_ASSERT(T_MPZ == a->type, "no such type");
+ return mpz_sgn(a->z);
+ }
+ if (n > m) {
+ // Leading coefficient of b.
+ while(T_ARR == b->type) b = darray_last(b->a);
+ PBC_ASSERT(T_MPZ == b->type, "no such type");
+ return -mpz_sgn(b->z);
+ }
+ for(n--; n >= 0; n--) {
+ int i = multiz_cmp(darray_at(a->a, n), darray_at(b->a, n));
+ if (i) return i;
+ }
+ return 0;
+}
+static int f_cmp(element_ptr x, element_ptr y) {
+ return multiz_cmp(x->data, y->data);
+}
+
+static void f_field_clear(field_t f) { UNUSED_VAR (f); }
+
+// OpenSSL convention:
+// 4 bytes containing length
+// followed by number in big-endian, most-significant bit set if negative
+// (prepending null byte if necessary)
+// Positive numbers also the same as mpz_out_raw.
+static int z_to_bytes(unsigned char *data, element_t e) {
+ mpz_ptr z = e->data;
+ size_t msb = mpz_sizeinbase(z, 2);
+ size_t n = 4;
+ size_t i;
+
+ if (!(msb % 8)) {
+ data[4] = 0;
+ n++;
+ }
+ if (mpz_sgn(z) < 0) {
+ mpz_export(data + n, NULL, 1, 1, 1, 0, z);
+ data[4] |= 128;
+ } else {
+ mpz_export(data + n, NULL, 1, 1, 1, 0, z);
+ }
+ n += (msb + 7) / 8 - 4;
+ for (i=0; i<4; i++) {
+ data[i] = (n >> 8 * (3 - i));
+ }
+ n += 4;
+
+ return n;
+}
+
+static int z_from_bytes(element_t e, unsigned char *data) {
+ unsigned char *ptr;
+ size_t i, n;
+ mpz_ptr z = e->data;
+ mpz_t z1;
+ int neg = 0;
+
+ mpz_init(z1);
+ mpz_set_ui(z, 0);
+
+ ptr = data;
+ n = 0;
+ for (i=0; i<4; i++) {
+ n += ((unsigned int) *ptr) << 8 * (3 - i);
+ ptr++;
+ }
+ if (data[4] & 128) {
+ neg = 1;
+ data[4] &= 127;
+ }
+ for (i=0; i<n; i++) {
+ mpz_set_ui(z1, *ptr);
+ mpz_mul_2exp(z1, z1, 8 * (n - 1 - i));
+ ptr++;
+ mpz_add(z, z, z1);
+ }
+ mpz_clear(z1);
+ if (neg) mpz_neg(z, z);
+ return n;
+}
+
+static int z_length_in_bytes(element_ptr a) {
+ return (mpz_sizeinbase(a->data, 2) + 7) / 8 + 4;
+}
+
+static void f_out_info(FILE *out, field_ptr f) {
+ UNUSED_VAR(f);
+ fprintf(out, "Z multinomials");
+}
+
+static int f_set_str(element_ptr e, const char *s, int base) {
+ // TODO: Square brackets.
+ mpz_t z;
+ mpz_init(z);
+ int result = pbc_mpz_set_str(z, s, base);
+ f_set_mpz(e, z);
+ mpz_clear(z);
+ return result;
+}
+
+static void f_set_multiz(element_ptr e, multiz m) {
+ multiz delme = e->data;
+ e->data = multiz_clone(m);
+ multiz_free(delme);
+}
+
+void field_init_multiz(field_ptr f) {
+ field_init(f);
+ f->init = f_init;
+ f->clear = f_clear;
+ f->set_si = f_set_si;
+ f->set_mpz = f_set_mpz;
+ f->set_multiz = f_set_multiz;
+ f->set_str = f_set_str;
+ f->out_str = f_out_str;
+ f->sign = f_sgn;
+ f->add = f_add;
+ f->sub = f_sub;
+ f->set = f_set;
+ f->mul = f_mul;
+ f->mul_mpz = f_mul_mpz;
+ f->mul_si = f_mul_si;
+ f->neg = f_neg;
+ f->cmp = f_cmp;
+ f->div = f_div;
+ f->random = f_random;
+ f->from_hash = f_from_hash;
+ f->is1 = f_is1;
+ f->is0 = f_is0;
+ f->set0 = f_set0;
+ f->set1 = f_set1;
+ f->field_clear = f_field_clear;
+ f->to_bytes = z_to_bytes;
+ f->from_bytes = z_from_bytes;
+ f->to_mpz = f_to_mpz;
+ f->length_in_bytes = z_length_in_bytes;
+ f->item = f_item;
+ f->item_count = f_item_count;
+
+ f->out_info = f_out_info;
+
+ mpz_set_ui(f->order, 0);
+ f->data = NULL;
+ f->fixed_length_in_bytes = -1;
+}
+
+int multiz_is_z(multiz m) {
+ return T_MPZ == m->type;
+}
+
+int multiz_count(multiz m) {
+ if (T_ARR != m->type) return -1;
+ return darray_count(m->a);
+}
+
+multiz multiz_at(multiz m, int i) {
+ PBC_ASSERT(T_ARR == m->type, "wrong type");
+ PBC_ASSERT(darray_count(m->a) > i, "out of bounds");
+ return darray_at(m->a, i);
+}
diff --git a/moon-abe/pbc-0.5.14/arith/naivefp.c b/moon-abe/pbc-0.5.14/arith/naivefp.c
new file mode 100644
index 00000000..ceb1b7fb
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/arith/naivefp.c
@@ -0,0 +1,270 @@
+// Naive implementation of F_p.
+// Little more than wrappers around GMP mpz functions.
+
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h>
+#include <string.h>
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_random.h"
+#include "pbc_fp.h"
+#include "pbc_memory.h"
+
+static void zp_init(element_ptr e) {
+ e->data = pbc_malloc(sizeof(mpz_t));
+ mpz_init(e->data);
+}
+
+static void zp_clear(element_ptr e) {
+ mpz_clear(e->data);
+ pbc_free(e->data);
+}
+
+static void zp_set_si(element_ptr e, signed long int op) {
+ mpz_set_si(e->data, op);
+ mpz_mod(e->data, e->data, e->field->order);
+}
+
+static void zp_set_mpz(element_ptr e, mpz_ptr z) {
+ mpz_set(e->data, z);
+ mpz_mod(e->data, e->data, e->field->order);
+}
+
+static void zp_set0(element_ptr e) {
+ mpz_set_si(e->data, 0);
+}
+
+static void zp_set1(element_ptr e) {
+ mpz_set_si(e->data, 1);
+}
+
+static size_t zp_out_str(FILE * stream, int base, element_ptr e) {
+ return mpz_out_str(stream, base, e->data);
+}
+
+static int zp_snprint(char *s, size_t n, element_ptr e) {
+ return gmp_snprintf(s, n, "%Zd", e->data);
+}
+
+static int zp_set_str(element_ptr e, const char *s, int base) {
+ int result = pbc_mpz_set_str(e->data, s, base);
+ mpz_mod(e->data, e->data, e->field->order);
+ return result;
+}
+
+static int zp_sgn_odd(element_ptr a) {
+ mpz_ptr z = a->data;
+
+ return mpz_is0(z) ? 0 : (mpz_odd_p(z) ? 1 : -1);
+}
+
+static int zp_sgn_even(element_ptr a) {
+ mpz_t z;
+ mpz_init(z);
+ int res;
+
+ if (mpz_is0(a->data)) {
+ res = 0;
+ } else {
+ mpz_add(z, a->data, a->data);
+ res = mpz_cmp(z, a->field->order);
+ }
+ mpz_clear(z);
+ return res;
+}
+
+static void zp_add(element_ptr n, element_ptr a, element_ptr b) {
+ /*
+ mpz_add(n->data, a->data, b->data);
+ mpz_mod(n->data, n->data, n->field->order);
+ */
+ //This seems faster:
+ mpz_add(n->data, a->data, b->data);
+ if (mpz_cmp(n->data, n->field->order) >= 0) {
+ mpz_sub(n->data, n->data, n->field->order);
+ }
+}
+
+static void zp_sub(element_ptr n, element_ptr a, element_ptr b) {
+ //mpz_sub(n->data, a->data, b->data);
+ //mpz_mod(n->data, n->data, n->field->order);
+ mpz_sub(n->data, a->data, b->data);
+ if (mpz_sgn((mpz_ptr) n->data) < 0) {
+ mpz_add(n->data, n->data, n->field->order);
+ }
+}
+
+static void zp_square(element_ptr c, element_ptr a) {
+ /*
+ mpz_mul(c->data, a->data, a->data);
+ mpz_mod(c->data, c->data, c->field->order);
+ */
+ mpz_powm_ui(c->data, a->data, 2, c->field->order);
+
+ /*
+ const mpz_ptr prime = c->field->order;
+ const size_t t = prime->_mp_size;
+ const mpz_ptr p = a->data;
+ const mpz_ptr r = c->data;
+ mp_limb_t tmp[2 * t];
+ mp_limb_t qp[t + 1];
+
+ mpn_mul_n(tmp, p->_mp_d, p->_mp_d, t);
+
+ mpn_tdiv_qr(qp, r->_mp_d, 0, tmp, 2 * t, prime->_mp_d, t);
+ */
+}
+
+static void zp_double(element_ptr n, element_ptr a) {
+ //mpz_add(n->data, a->data, a->data);
+ mpz_mul_2exp(n->data, a->data, 1);
+ if (mpz_cmp(n->data, n->field->order) >= 0) {
+ mpz_sub(n->data, n->data, n->field->order);
+ }
+}
+
+static void zp_halve(element_ptr n, element_ptr a) {
+ mpz_ptr z = a->data;
+ if (mpz_odd_p(z)) {
+ mpz_add(n->data, z, a->field->order);
+ mpz_tdiv_q_2exp(n->data, n->data, 1);
+ } else {
+ mpz_tdiv_q_2exp(n->data, a->data, 1);
+ }
+}
+
+static void zp_mul(element_ptr n, element_ptr a, element_ptr b) {
+ mpz_mul(n->data, a->data, b->data);
+ mpz_mod(n->data, n->data, n->field->order);
+}
+
+static void zp_mul_mpz(element_ptr n, element_ptr a, mpz_ptr z) {
+ mpz_mul(n->data, a->data, z);
+ mpz_mod(n->data, n->data, n->field->order);
+}
+
+static void zp_mul_si(element_ptr n, element_ptr a, signed long int z) {
+ mpz_mul_si(n->data, a->data, z);
+ mpz_mod(n->data, n->data, n->field->order);
+}
+
+static void zp_pow_mpz(element_ptr n, element_ptr a, mpz_ptr z) {
+ mpz_powm(n->data, a->data, z, n->field->order);
+}
+
+static void zp_set(element_ptr n, element_ptr a) {
+ mpz_set(n->data, a->data);
+}
+
+static void zp_neg(element_ptr n, element_ptr a) {
+ if (mpz_is0(a->data)) {
+ mpz_set_ui(n->data, 0);
+ } else {
+ mpz_sub(n->data, n->field->order, a->data);
+ }
+}
+
+static void zp_invert(element_ptr n, element_ptr a) {
+ mpz_invert(n->data, a->data, n->field->order);
+}
+
+static void zp_random(element_ptr n) {
+ pbc_mpz_random(n->data, n->field->order);
+}
+
+static void zp_from_hash(element_ptr n, void *data, int len) {
+ pbc_mpz_from_hash(n->data, n->field->order, data, len);
+}
+
+static int zp_is1(element_ptr n) {
+ return !mpz_cmp_ui((mpz_ptr) n->data, 1);
+}
+
+static int zp_is0(element_ptr n) {
+ return mpz_is0(n->data);
+}
+
+static int zp_cmp(element_ptr a, element_ptr b) {
+ return mpz_cmp((mpz_ptr) a->data, (mpz_ptr) b->data);
+}
+
+static int zp_is_sqr(element_ptr a) {
+ //0 is a square
+ if (mpz_is0(a->data)) return 1;
+ return mpz_legendre(a->data, a->field->order) == 1;
+}
+
+static void zp_field_clear(field_t f) {
+ UNUSED_VAR(f);
+}
+
+static int zp_to_bytes(unsigned char *data, element_t e) {
+ int n;
+
+ n = e->field->fixed_length_in_bytes;
+
+ pbc_mpz_out_raw_n(data, n, e->data);
+ return n;
+}
+
+static int zp_from_bytes(element_t e, unsigned char *data) {
+ mpz_ptr z = e->data;
+ int n;
+ n = e->field->fixed_length_in_bytes;
+ mpz_import(z, n, 1, 1, 1, 0, data);
+ return n;
+}
+
+static void zp_to_mpz(mpz_ptr z, element_ptr a) {
+ mpz_set(z, a->data);
+}
+
+static void zp_out_info(FILE * out, field_ptr f) {
+ element_fprintf(out, "GF(%Zd), GMP wrapped", f->order);
+}
+
+void field_init_naive_fp(field_ptr f, mpz_t prime) {
+ field_init(f);
+ f->init = zp_init;
+ f->clear = zp_clear;
+ f->set_si = zp_set_si;
+ f->set_mpz = zp_set_mpz;
+ f->out_str = zp_out_str;
+ f->snprint = zp_snprint;
+ f->set_str = zp_set_str;
+ f->sign = mpz_odd_p(prime) ? zp_sgn_odd : zp_sgn_even;
+ f->add = zp_add;
+ f->sub = zp_sub;
+ f->set = zp_set;
+ f->square = zp_square;
+ f->doub = zp_double;
+ f->halve = zp_halve;
+ f->mul = zp_mul;
+ f->mul_mpz = zp_mul_mpz;
+ f->mul_si = zp_mul_si;
+ f->pow_mpz = zp_pow_mpz;
+ f->neg = zp_neg;
+ f->cmp = zp_cmp;
+ f->invert = zp_invert;
+ f->random = zp_random;
+ f->from_hash = zp_from_hash;
+ f->is1 = zp_is1;
+ f->is0 = zp_is0;
+ f->set0 = zp_set0;
+ f->set1 = zp_set1;
+ f->is_sqr = zp_is_sqr;
+ f->sqrt = element_tonelli;
+ f->field_clear = zp_field_clear;
+ f->to_bytes = zp_to_bytes;
+ f->from_bytes = zp_from_bytes;
+ f->to_mpz = zp_to_mpz;
+
+ f->out_info = zp_out_info;
+
+ mpz_set(f->order, prime);
+ f->data = NULL;
+ f->fixed_length_in_bytes = (mpz_sizeinbase(prime, 2) + 7) / 8;
+}
diff --git a/moon-abe/pbc-0.5.14/arith/poly.c b/moon-abe/pbc-0.5.14/arith/poly.c
new file mode 100644
index 00000000..bd2dad33
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/arith/poly.c
@@ -0,0 +1,1724 @@
+#include <ctype.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h>
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_multiz.h"
+#include "pbc_poly.h"
+#include "pbc_memory.h"
+#include "misc/darray.h"
+
+// == Polynomial rings ==
+//
+// Per-field data:
+typedef struct {
+ field_ptr field; // Ring where coefficients live.
+ fieldmap mapbase; // Map element from underlying field to constant term.
+} *pfptr;
+
+// Per-element data:
+//TODO: Would we ever need any field besides coeff?
+typedef struct {
+ // The coefficients are held in a darray which is resized as needed.
+ // The last array entry represents the leading coefficient and should be
+ // nonzero. An empty darray represents 0.
+ darray_t coeff;
+} *peptr;
+
+// == Polynomial modulo rings ==
+//
+// Per-field data:
+typedef struct {
+ field_ptr field; // Base field.
+ fieldmap mapbase; // Similar to mapbase above.
+ int n; // Degree of extension.
+ element_t poly; // Polynomial of degree n.
+ element_t *xpwr; // x^n,...,x^{2n-2} mod poly
+} *mfptr;
+// Per-element data: just a pointer to an array of element_t. This array always
+// has size n.
+
+// Add or remove coefficients until there are exactly n of them. Any new
+// coefficients are initialized to zero, which violates the invariant that the
+// leading coefficient must be nonzero. Thus routines calling this function
+// must check for this and fix the polynomial if necessary, e.g. by calling
+// poly_remove_leading_zeroes().
+static void poly_alloc(element_ptr e, int n) {
+ pfptr pdp = e->field->data;
+ peptr p = e->data;
+ element_ptr e0;
+ int k = p->coeff->count;
+ while (k < n) {
+ e0 = pbc_malloc(sizeof(element_t));
+ element_init(e0, pdp->field);
+ darray_append(p->coeff, e0);
+ k++;
+ }
+ while (k > n) {
+ k--;
+ e0 = darray_at(p->coeff, k);
+ element_clear(e0);
+ pbc_free(e0);
+ darray_remove_last(p->coeff);
+ }
+}
+
+static void poly_init(element_ptr e) {
+ peptr p = e->data = pbc_malloc(sizeof(*p));
+ darray_init(p->coeff);
+}
+
+static void poly_clear(element_ptr e) {
+ peptr p = e->data;
+
+ poly_alloc(e, 0);
+ darray_clear(p->coeff);
+ pbc_free(e->data);
+}
+
+// Some operations may zero a leading coefficient, which will cause other
+// routines to fail. After such an operation, this function should be called,
+// as it strips all leading zero coefficients and frees the memory they
+// occupied, reestablishing the guarantee that the last element of the array
+// is nonzero.
+static void poly_remove_leading_zeroes(element_ptr e) {
+ peptr p = e->data;
+ int n = p->coeff->count - 1;
+ while (n >= 0) {
+ element_ptr e0 = p->coeff->item[n];
+ if (!element_is0(e0)) return;
+ element_clear(e0);
+ pbc_free(e0);
+ darray_remove_last(p->coeff);
+ n--;
+ }
+}
+
+static void poly_set0(element_ptr e) {
+ poly_alloc(e, 0);
+}
+
+static void poly_set1(element_ptr e) {
+ peptr p = e->data;
+ element_ptr e0;
+
+ poly_alloc(e, 1);
+ e0 = p->coeff->item[0];
+ element_set1(e0);
+}
+
+static int poly_is0(element_ptr e) {
+ peptr p = e->data;
+ return !p->coeff->count;
+}
+
+static int poly_is1(element_ptr e) {
+ peptr p = e->data;
+ if (p->coeff->count == 1) {
+ return element_is1(p->coeff->item[0]);
+ }
+ return 0;
+}
+
+static void poly_set_si(element_ptr e, signed long int op) {
+ peptr p = e->data;
+ element_ptr e0;
+
+ poly_alloc(e, 1);
+ e0 = p->coeff->item[0];
+ element_set_si(e0, op);
+ poly_remove_leading_zeroes(e);
+}
+
+static void poly_set_mpz(element_ptr e, mpz_ptr op) {
+ peptr p = e->data;
+
+ poly_alloc(e, 1);
+ element_set_mpz(p->coeff->item[0], op);
+ poly_remove_leading_zeroes(e);
+}
+
+static void poly_set_multiz(element_ptr e, multiz op) {
+ if (multiz_is_z(op)) {
+ // TODO: Remove unnecessary copy.
+ mpz_t z;
+ mpz_init(z);
+ multiz_to_mpz(z, op);
+ poly_set_mpz(e, z);
+ mpz_clear(z);
+ return;
+ }
+ peptr p = e->data;
+ int n = multiz_count(op);
+ poly_alloc(e, n);
+ int i;
+ for(i = 0; i < n; i++) {
+ element_set_multiz(p->coeff->item[i], multiz_at(op, i));
+ }
+ poly_remove_leading_zeroes(e);
+}
+
+static void poly_set(element_ptr dst, element_ptr src) {
+ peptr psrc = src->data;
+ peptr pdst = dst->data;
+ int i;
+
+ poly_alloc(dst, psrc->coeff->count);
+ for (i=0; i<psrc->coeff->count; i++) {
+ element_set(pdst->coeff->item[i], psrc->coeff->item[i]);
+ }
+}
+
+static int poly_coeff_count(element_ptr e) {
+ return ((peptr) e->data)->coeff->count;
+}
+
+static element_ptr poly_coeff(element_ptr e, int n) {
+ peptr ep = e->data;
+ PBC_ASSERT(n < poly_coeff_count(e), "coefficient out of range");
+ return (element_ptr) ep->coeff->item[n];
+}
+
+static int poly_sgn(element_ptr f) {
+ int res = 0;
+ int i;
+ int n = poly_coeff_count(f);
+ for (i=0; i<n; i++) {
+ res = element_sgn(poly_coeff(f, i));
+ if (res) break;
+ }
+ return res;
+}
+
+static void poly_add(element_ptr sum, element_ptr f, element_ptr g) {
+ int i, n, n1;
+ element_ptr big;
+
+ n = poly_coeff_count(f);
+ n1 = poly_coeff_count(g);
+ if (n > n1) {
+ big = f;
+ n = n1;
+ n1 = poly_coeff_count(f);
+ } else {
+ big = g;
+ }
+
+ poly_alloc(sum, n1);
+ for (i=0; i<n; i++) {
+ element_add(poly_coeff(sum, i), poly_coeff(f, i), poly_coeff(g, i));
+ }
+ for (; i<n1; i++) {
+ element_set(poly_coeff(sum, i), poly_coeff(big, i));
+ }
+ poly_remove_leading_zeroes(sum);
+}
+
+static void poly_sub(element_ptr diff, element_ptr f, element_ptr g) {
+ int i, n, n1;
+ element_ptr big;
+
+ n = poly_coeff_count(f);
+ n1 = poly_coeff_count(g);
+ if (n > n1) {
+ big = f;
+ n = n1;
+ n1 = poly_coeff_count(f);
+ } else {
+ big = g;
+ }
+
+ poly_alloc(diff, n1);
+ for (i=0; i<n; i++) {
+ element_sub(poly_coeff(diff, i), poly_coeff(f, i), poly_coeff(g, i));
+ }
+ for (; i<n1; i++) {
+ if (big == f) {
+ element_set(poly_coeff(diff, i), poly_coeff(big, i));
+ } else {
+ element_neg(poly_coeff(diff, i), poly_coeff(big, i));
+ }
+ }
+ poly_remove_leading_zeroes(diff);
+}
+
+static void poly_neg(element_ptr f, element_ptr g) {
+ peptr pf = f->data;
+ peptr pg = g->data;
+ int i, n;
+
+ n = pg->coeff->count;
+ poly_alloc(f, n);
+ for (i=0; i<n; i++) {
+ element_neg(pf->coeff->item[i], pg->coeff->item[i]);
+ }
+}
+
+static void poly_double(element_ptr f, element_ptr g) {
+ peptr pf = f->data;
+ peptr pg = g->data;
+ int i, n;
+
+ n = pg->coeff->count;
+ poly_alloc(f, n);
+ for (i=0; i<n; i++) {
+ element_double(pf->coeff->item[i], pg->coeff->item[i]);
+ }
+}
+
+static void poly_mul_mpz(element_ptr f, element_ptr g, mpz_ptr z) {
+ peptr pf = f->data;
+ peptr pg = g->data;
+ int i, n;
+
+ n = pg->coeff->count;
+ poly_alloc(f, n);
+ for (i=0; i<n; i++) {
+ element_mul_mpz(pf->coeff->item[i], pg->coeff->item[i], z);
+ }
+}
+
+static void poly_mul_si(element_ptr f, element_ptr g, signed long int z) {
+ peptr pf = f->data;
+ peptr pg = g->data;
+ int i, n;
+
+ n = pg->coeff->count;
+ poly_alloc(f, n);
+ for (i=0; i<n; i++) {
+ element_mul_si(pf->coeff->item[i], pg->coeff->item[i], z);
+ }
+}
+
+static void poly_mul(element_ptr r, element_ptr f, element_ptr g) {
+ peptr pprod;
+ peptr pf = f->data;
+ peptr pg = g->data;
+ pfptr pdp = r->field->data;
+ int fcount = pf->coeff->count;
+ int gcount = pg->coeff->count;
+ int i, j, n;
+ element_t prod;
+ element_t e0;
+
+ if (!fcount || !gcount) {
+ element_set0(r);
+ return;
+ }
+ element_init(prod, r->field);
+ pprod = prod->data;
+ n = fcount + gcount - 1;
+ poly_alloc(prod, n);
+ element_init(e0, pdp->field);
+ for (i=0; i<n; i++) {
+ element_ptr x = pprod->coeff->item[i];
+ element_set0(x);
+ for (j=0; j<=i; j++) {
+ if (j < fcount && i - j < gcount) {
+ element_mul(e0, pf->coeff->item[j], pg->coeff->item[i - j]);
+ element_add(x, x, e0);
+ }
+ }
+ }
+ poly_remove_leading_zeroes(prod);
+ element_set(r, prod);
+ element_clear(e0);
+ element_clear(prod);
+}
+
+static void polymod_random(element_ptr e) {
+ element_t *coeff = e->data;
+ int i, n = polymod_field_degree(e->field);
+
+ for (i=0; i<n; i++) {
+ element_random(coeff[i]);
+ }
+}
+
+static void polymod_from_hash(element_ptr e, void *data, int len) {
+ // TODO: Improve this.
+ element_t *coeff = e->data;
+ int i, n = polymod_field_degree(e->field);
+ for (i=0; i<n; i++) {
+ element_from_hash(coeff[i], data, len);
+ }
+}
+
+static size_t poly_out_str(FILE *stream, int base, element_ptr e) {
+ int i;
+ int n = poly_coeff_count(e);
+ size_t result = 2, status;
+
+ /*
+ if (!n) {
+ if (EOF == fputs("[0]", stream)) return 0;
+ return 3;
+ }
+ */
+ if (EOF == fputc('[', stream)) return 0;
+ for (i=0; i<n; i++) {
+ if (i) {
+ if (EOF == fputs(", ", stream)) return 0;
+ result += 2;
+ }
+ status = element_out_str(stream, base, poly_coeff(e, i));
+ if (!status) return 0;
+ result += status;
+ }
+ if (EOF == fputc(']', stream)) return 0;
+ return result;
+}
+
+static int poly_snprint(char *s, size_t size, element_ptr e) {
+ int i;
+ int n = poly_coeff_count(e);
+ size_t result = 0, left;
+ int status;
+
+ #define clip_sub() { \
+ result += status; \
+ left = result >= size ? 0 : size - result; \
+ }
+
+ status = snprintf(s, size, "[");
+ if (status < 0) return status;
+ clip_sub();
+
+ for (i=0; i<n; i++) {
+ if (i) {
+ status = snprintf(s + result, left, ", ");
+ if (status < 0) return status;
+ clip_sub();
+ }
+ status = element_snprint(s + result, left, poly_coeff(e, i));
+ if (status < 0) return status;
+ clip_sub();
+ }
+ status = snprintf(s + result, left, "]");
+ if (status < 0) return status;
+ return result + status;
+ #undef clip_sub
+}
+
+static void poly_div(element_ptr quot, element_ptr rem,
+ element_ptr a, element_ptr b) {
+ peptr pq, pr;
+ pfptr pdp = a->field->data;
+ element_t q, r;
+ element_t binv, e0;
+ element_ptr qe;
+ int m, n;
+ int i, k;
+
+ if (element_is0(b)) pbc_die("division by zero");
+ n = poly_degree(b);
+ m = poly_degree(a);
+ if (n > m) {
+ element_set(rem, a);
+ element_set0(quot);
+ return;
+ }
+ element_init(r, a->field);
+ element_init(q, a->field);
+ element_init(binv, pdp->field);
+ element_init(e0, pdp->field);
+ pq = q->data;
+ pr = r->data;
+ element_set(r, a);
+ k = m - n;
+ poly_alloc(q, k + 1);
+ element_invert(binv, poly_coeff(b, n));
+ while (k >= 0) {
+ qe = pq->coeff->item[k];
+ element_mul(qe, binv, pr->coeff->item[m]);
+ for (i=0; i<=n; i++) {
+ element_mul(e0, qe, poly_coeff(b, i));
+ element_sub(pr->coeff->item[i + k], pr->coeff->item[i + k], e0);
+ }
+ k--;
+ m--;
+ }
+ poly_remove_leading_zeroes(r);
+ element_set(quot, q);
+ element_set(rem, r);
+
+ element_clear(q);
+ element_clear(r);
+ element_clear(e0);
+ element_clear(binv);
+}
+
+static void poly_invert(element_ptr res, element_ptr f, element_ptr m) {
+ element_t q, r0, r1, r2;
+ element_t b0, b1, b2;
+ element_t inv;
+
+ element_init(b0, res->field);
+ element_init(b1, res->field);
+ element_init(b2, res->field);
+ element_init(q, res->field);
+ element_init(r0, res->field);
+ element_init(r1, res->field);
+ element_init(r2, res->field);
+ element_init(inv, poly_base_field(res));
+ element_set0(b0);
+ element_set1(b1);
+ element_set(r0, m);
+ element_set(r1, f);
+
+ for (;;) {
+ poly_div(q, r2, r0, r1);
+ if (element_is0(r2)) break;
+ element_mul(b2, b1, q);
+ element_sub(b2, b0, b2);
+ element_set(b0, b1);
+ element_set(b1, b2);
+ element_set(r0, r1);
+ element_set(r1, r2);
+ }
+ element_invert(inv, poly_coeff(r1, 0));
+ poly_const_mul(res, inv, b1);
+ element_clear(inv);
+ element_clear(q);
+ element_clear(r0);
+ element_clear(r1);
+ element_clear(r2);
+ element_clear(b0);
+ element_clear(b1);
+ element_clear(b2);
+}
+
+static void poly_to_polymod_truncate(element_ptr e, element_ptr f) {
+ mfptr p = e->field->data;
+ element_t *coeff = e->data;
+ int i;
+ int n;
+ n = poly_coeff_count(f);
+ if (n > p->n) n = p->n;
+
+ for (i=0; i<n; i++) {
+ element_set(coeff[i], poly_coeff(f, i));
+ }
+ for (; i<p->n; i++) {
+ element_set0(coeff[i]);
+ }
+}
+
+static void polymod_to_poly(element_ptr f, element_ptr e) {
+ mfptr p = e->field->data;
+ element_t *coeff = e->data;
+ int i, n = p->n;
+ poly_alloc(f, n);
+ for (i=0; i<n; i++) {
+ element_set(poly_coeff(f, i), coeff[i]);
+ }
+ poly_remove_leading_zeroes(f);
+}
+
+static void polymod_invert(element_ptr r, element_ptr e) {
+ mfptr p = r->field->data;
+ element_ptr minpoly = p->poly;
+ element_t f, r1;
+
+ element_init(f, minpoly->field);
+ element_init(r1, minpoly->field);
+ polymod_to_poly(f, e);
+
+ poly_invert(r1, f, p->poly);
+
+ poly_to_polymod_truncate(r, r1);
+
+ element_clear(f);
+ element_clear(r1);
+}
+
+static int poly_cmp(element_ptr f, element_ptr g) {
+ int i;
+ int n = poly_coeff_count(f);
+ int n1 = poly_coeff_count(g);
+ if (n != n1) return 1;
+ for (i=0; i<n; i++) {
+ if (element_cmp(poly_coeff(f, i), poly_coeff(g, i))) return 1;
+ }
+ return 0;
+}
+
+static void field_clear_poly(field_ptr f) {
+ pfptr p = f->data;
+ pbc_free(p);
+}
+
+// 2 bytes hold the number of terms, then the terms follow.
+// Bad for sparse polynomials.
+static int poly_length_in_bytes(element_t p) {
+ int count = poly_coeff_count(p);
+ int result = 2;
+ int i;
+ for (i=0; i<count; i++) {
+ result += element_length_in_bytes(poly_coeff(p, i));
+ }
+ return result;
+}
+
+static int poly_to_bytes(unsigned char *buf, element_t p) {
+ int count = poly_coeff_count(p);
+ int result = 2;
+ int i;
+ buf[0] = (unsigned char) count;
+ buf[1] = (unsigned char) (count >> 8);
+ for (i=0; i<count; i++) {
+ result += element_to_bytes(&buf[result], poly_coeff(p, i));
+ }
+ return result;
+}
+
+static int poly_from_bytes(element_t p, unsigned char *buf) {
+ int result = 2;
+ int count = buf[0] + buf[1] * 256;
+ int i;
+ poly_alloc(p, count);
+ for (i=0; i<count; i++) {
+ result += element_from_bytes(poly_coeff(p, i), &buf[result]);
+ }
+ return result;
+}
+
+// Is this useful? This returns to_mpz(constant term).
+static void poly_to_mpz(mpz_t z, element_ptr e) {
+ if (!poly_coeff_count(e)) {
+ mpz_set_ui(z, 0);
+ } else {
+ element_to_mpz(z, poly_coeff(e, 0));
+ }
+}
+
+static void poly_out_info(FILE *str, field_ptr f) {
+ pfptr p = f->data;
+ fprintf(str, "Polynomial ring over ");
+ field_out_info(str, p->field);
+}
+
+static void field_clear_polymod(field_ptr f) {
+ mfptr p = f->data;
+ int i, n = p->n;
+
+ for (i=0; i<n; i++) {
+ element_clear(p->xpwr[i]);
+ }
+ pbc_free(p->xpwr);
+
+ element_clear(p->poly);
+ pbc_free(f->data);
+}
+
+static int polymod_is_sqr(element_ptr e) {
+ int res;
+ mpz_t z;
+ element_t e0;
+
+ element_init(e0, e->field);
+ mpz_init(z);
+ mpz_sub_ui(z, e->field->order, 1);
+ mpz_divexact_ui(z, z, 2);
+
+ element_pow_mpz(e0, e, z);
+ res = element_is1(e0);
+ element_clear(e0);
+ mpz_clear(z);
+ return res;
+}
+
+// Find a square root in a polynomial modulo ring using Cantor-Zassenhaus aka
+// Legendre's method.
+static void polymod_sqrt(element_ptr res, element_ptr a) {
+ // TODO: Use a faster method? See Bernstein.
+ field_t kx;
+ element_t f;
+ element_t r, s;
+ element_t e0;
+ mpz_t z;
+
+ field_init_poly(kx, a->field);
+ mpz_init(z);
+ element_init(f, kx);
+ element_init(r, kx);
+ element_init(s, kx);
+ element_init(e0, a->field);
+
+ poly_alloc(f, 3);
+ element_set1(poly_coeff(f, 2));
+ element_neg(poly_coeff(f, 0), a);
+
+ mpz_sub_ui(z, a->field->order, 1);
+ mpz_divexact_ui(z, z, 2);
+ for (;;) {
+ int i;
+ element_ptr x;
+ element_ptr e1, e2;
+
+ poly_alloc(r, 2);
+ element_set1(poly_coeff(r, 1));
+ x = poly_coeff(r, 0);
+ element_random(x);
+ element_mul(e0, x, x);
+ if (!element_cmp(e0, a)) {
+ element_set(res, x);
+ break;
+ }
+ element_set1(s);
+ //TODO: this can be optimized greatly
+ //since we know r has the form ax + b
+ for (i = mpz_sizeinbase(z, 2) - 1; i >=0; i--) {
+ element_mul(s, s, s);
+ if (poly_degree(s) == 2) {
+ e1 = poly_coeff(s, 0);
+ e2 = poly_coeff(s, 2);
+ element_mul(e0, e2, a);
+ element_add(e1, e1, e0);
+ poly_alloc(s, 2);
+ poly_remove_leading_zeroes(s);
+ }
+ if (mpz_tstbit(z, i)) {
+ element_mul(s, s, r);
+ if (poly_degree(s) == 2) {
+ e1 = poly_coeff(s, 0);
+ e2 = poly_coeff(s, 2);
+ element_mul(e0, e2, a);
+ element_add(e1, e1, e0);
+ poly_alloc(s, 2);
+ poly_remove_leading_zeroes(s);
+ }
+ }
+ }
+ if (poly_degree(s) < 1) continue;
+ element_set1(e0);
+ e1 = poly_coeff(s, 0);
+ e2 = poly_coeff(s, 1);
+ element_add(e1, e1, e0);
+ element_invert(e0, e2);
+ element_mul(e0, e0, e1);
+ element_mul(e2, e0, e0);
+ if (!element_cmp(e2, a)) {
+ element_set(res, e0);
+ break;
+ }
+ }
+
+ mpz_clear(z);
+ element_clear(f);
+ element_clear(r);
+ element_clear(s);
+ element_clear(e0);
+ field_clear(kx);
+}
+
+static int polymod_to_bytes(unsigned char *data, element_t f) {
+ mfptr p = f->field->data;
+ element_t *coeff = f->data;
+ int i, n = p->n;
+ int len = 0;
+ for (i=0; i<n; i++) {
+ len += element_to_bytes(data + len, coeff[i]);
+ }
+ return len;
+}
+
+static int polymod_length_in_bytes(element_t f) {
+ mfptr p = f->field->data;
+ element_t *coeff = f->data;
+ int i, n = p->n;
+ int res = 0;
+
+ for (i=0; i<n; i++) {
+ res += element_length_in_bytes(coeff[i]);
+ }
+
+ return res;
+}
+
+static int polymod_from_bytes(element_t f, unsigned char *data) {
+ mfptr p = f->field->data;
+ element_t *coeff = f->data;
+ int i, n = p->n;
+ int len = 0;
+
+ for (i=0; i<n; i++) {
+ len += element_from_bytes(coeff[i], data + len);
+ }
+ return len;
+}
+
+static void polymod_init(element_t e) {
+ int i;
+ mfptr p = e->field->data;
+ int n = p->n;
+ element_t *coeff;
+ coeff = e->data = pbc_malloc(sizeof(element_t) * n);
+
+ for (i=0; i<n; i++) {
+ element_init(coeff[i], p->field);
+ }
+}
+
+static void polymod_clear(element_t e) {
+ mfptr p = e->field->data;
+ element_t *coeff = e->data;
+ int i, n = p->n;
+ for (i=0; i<n; i++) {
+ element_clear(coeff[i]);
+ }
+ pbc_free(e->data);
+}
+
+static void polymod_set_si(element_t e, signed long int x) {
+ mfptr p = e->field->data;
+ element_t *coeff = e->data;
+ int i, n = p->n;
+ element_set_si(coeff[0], x);
+ for (i=1; i<n; i++) {
+ element_set0(coeff[i]);
+ }
+}
+
+static void polymod_set_mpz(element_t e, mpz_t z) {
+ mfptr p = e->field->data;
+ element_t *coeff = e->data;
+ int i, n = p->n;
+ element_set_mpz(coeff[0], z);
+ for (i=1; i<n; i++) {
+ element_set0(coeff[i]);
+ }
+}
+
+static void polymod_set(element_t e, element_t f) {
+ mfptr p = e->field->data;
+ element_t *dst = e->data, *src = f->data;
+ int i, n = p->n;
+ for (i=0; i<n; i++) {
+ element_set(dst[i], src[i]);
+ }
+}
+
+static void polymod_neg(element_t e, element_t f) {
+ mfptr p = e->field->data;
+ element_t *dst = e->data, *src = f->data;
+ int i, n = p->n;
+ for (i=0; i<n; i++) {
+ element_neg(dst[i], src[i]);
+ }
+}
+
+static int polymod_cmp(element_ptr f, element_ptr g) {
+ mfptr p = f->field->data;
+ element_t *c1 = f->data, *c2 = g->data;
+ int i, n = p->n;
+ for (i=0; i<n; i++) {
+ if (element_cmp(c1[i], c2[i])) return 1;
+ }
+ return 0;
+}
+
+static void polymod_add(element_t r, element_t e, element_t f) {
+ mfptr p = r->field->data;
+ element_t *dst = r->data, *s1 = e->data, *s2 = f->data;
+ int i, n = p->n;
+ for (i=0; i<n; i++) {
+ element_add(dst[i], s1[i], s2[i]);
+ }
+}
+
+static void polymod_double(element_t r, element_t f) {
+ mfptr p = r->field->data;
+ element_t *dst = r->data, *s1 = f->data;
+ int i, n = p->n;
+ for (i=0; i<n; i++) {
+ element_double(dst[i], s1[i]);
+ }
+}
+
+static void polymod_sub(element_t r, element_t e, element_t f) {
+ mfptr p = r->field->data;
+ element_t *dst = r->data, *s1 = e->data, *s2 = f->data;
+ int i, n = p->n;
+ for (i=0; i<n; i++) {
+ element_sub(dst[i], s1[i], s2[i]);
+ }
+}
+
+static void polymod_mul_mpz(element_t e, element_t f, mpz_ptr z) {
+ mfptr p = e->field->data;
+ element_t *dst = e->data, *src = f->data;
+ int i, n = p->n;
+ for (i=0; i<n; i++) {
+ element_mul_mpz(dst[i], src[i], z);
+ }
+}
+
+static void polymod_mul_si(element_t e, element_t f, signed long int z) {
+ mfptr p = e->field->data;
+ element_t *dst = e->data, *src = f->data;
+ int i, n = p->n;
+ for (i=0; i<n; i++) {
+ element_mul_si(dst[i], src[i], z);
+ }
+}
+
+// Karatsuba multiplication for degree 2 polynomials.
+static void kar_poly_2(element_t *dst, element_t c3, element_t c4, element_t *s1, element_t *s2, element_t *scratch) {
+ element_ptr c01, c02, c12;
+
+ c12 = scratch[0];
+ c02 = scratch[1];
+ c01 = scratch[2];
+
+ element_add(c3, s1[0], s1[1]);
+ element_add(c4, s2[0], s2[1]);
+ element_mul(c01, c3, c4);
+ element_add(c3, s1[0], s1[2]);
+ element_add(c4, s2[0], s2[2]);
+ element_mul(c02, c3, c4);
+ element_add(c3, s1[1], s1[2]);
+ element_add(c4, s2[1], s2[2]);
+ element_mul(c12, c3, c4);
+
+ element_mul(dst[1], s1[1], s2[1]);
+
+ // Constant term.
+ element_mul(dst[0], s1[0], s2[0]);
+
+ // Coefficient of x^4.
+ element_mul(c4, s1[2], s2[2]);
+
+ // Coefficient of x^3.
+ element_add(c3, dst[1], c4);
+ element_sub(c3, c12, c3);
+
+ // Coefficient of x^2.
+ element_add(dst[2], c4, dst[0]);
+ element_sub(c02, c02, dst[2]);
+ element_add(dst[2], dst[1], c02);
+
+ // Coefficient of x.
+ element_sub(c01, c01, dst[0]);
+ element_sub(dst[1], c01, dst[1]);
+}
+
+// Degree 3, 6 polynomial moduli have dedicated routines for multiplication.
+static void polymod_mul_degree3(element_ptr res, element_ptr e, element_ptr f) {
+ mfptr p = res->field->data;
+ element_t *dst = res->data, *s1 = e->data, *s2 = f->data;
+ element_t c3, c4;
+ element_t p0;
+
+ element_init(p0, res->field);
+ element_init(c3, p->field);
+ element_init(c4, p->field);
+
+ kar_poly_2(dst, c3, c4, s1, s2, p0->data);
+
+ polymod_const_mul(p0, c3, p->xpwr[0]);
+ element_add(res, res, p0);
+ polymod_const_mul(p0, c4, p->xpwr[1]);
+ element_add(res, res, p0);
+
+ element_clear(p0);
+ element_clear(c3);
+ element_clear(c4);
+}
+
+static void polymod_mul_degree6(element_ptr res, element_ptr e, element_ptr f) {
+ mfptr p = res->field->data;
+ element_t *dst = res->data, *s0, *s1 = e->data, *s2 = f->data;
+ element_t *a0, *a1, *b0, *b1;
+ element_t p0, p1, p2, p3;
+
+ a0 = s1;
+ a1 = &s1[3];
+ b0 = s2;
+ b1 = &s2[3];
+
+ element_init(p0, res->field);
+ element_init(p1, res->field);
+ element_init(p2, res->field);
+ element_init(p3, res->field);
+
+ s0 = p0->data;
+ s1 = p1->data;
+ s2 = p2->data;
+ element_add(s0[0], a0[0], a1[0]);
+ element_add(s0[1], a0[1], a1[1]);
+ element_add(s0[2], a0[2], a1[2]);
+
+ element_add(s1[0], b0[0], b1[0]);
+ element_add(s1[1], b0[1], b1[1]);
+ element_add(s1[2], b0[2], b1[2]);
+
+ kar_poly_2(s2, s2[3], s2[4], s0, s1, p3->data);
+ kar_poly_2(s0, s0[3], s0[4], a0, b0, p3->data);
+ kar_poly_2(s1, s1[3], s1[4], a1, b1, p3->data);
+
+ element_set(dst[0], s0[0]);
+ element_set(dst[1], s0[1]);
+ element_set(dst[2], s0[2]);
+
+ element_sub(dst[3], s0[3], s0[0]);
+ element_sub(dst[3], dst[3], s1[0]);
+ element_add(dst[3], dst[3], s2[0]);
+
+ element_sub(dst[4], s0[4], s0[1]);
+ element_sub(dst[4], dst[4], s1[1]);
+ element_add(dst[4], dst[4], s2[1]);
+
+ element_sub(dst[5], s2[2], s0[2]);
+ element_sub(dst[5], dst[5], s1[2]);
+
+ // Start reusing part of s0 as scratch space(!)
+ element_sub(s0[0], s2[3], s0[3]);
+ element_sub(s0[0], s0[0], s1[3]);
+ element_add(s0[0], s0[0], s1[0]);
+
+ element_sub(s0[1], s2[4], s0[4]);
+ element_sub(s0[1], s0[1], s1[4]);
+ element_add(s0[1], s0[1], s1[1]);
+
+ polymod_const_mul(p3, s0[0], p->xpwr[0]);
+ element_add(res, res, p3);
+ polymod_const_mul(p3, s0[1], p->xpwr[1]);
+ element_add(res, res, p3);
+ polymod_const_mul(p3, s1[2], p->xpwr[2]);
+ element_add(res, res, p3);
+ polymod_const_mul(p3, s1[3], p->xpwr[3]);
+ element_add(res, res, p3);
+ polymod_const_mul(p3, s1[4], p->xpwr[4]);
+ element_add(res, res, p3);
+
+ element_clear(p0);
+ element_clear(p1);
+ element_clear(p2);
+ element_clear(p3);
+}
+
+// General polynomial modulo ring multiplication.
+static void polymod_mul(element_ptr res, element_ptr e, element_ptr f) {
+ mfptr p = res->field->data;
+ int n = p->n;
+ element_t *dst;
+ element_t *s1 = e->data, *s2 = f->data;
+ element_t prod, p0, c0;
+ int i, j;
+ element_t *high; // Coefficients of x^n, ..., x^{2n-2}.
+
+ high = pbc_malloc(sizeof(element_t) * (n - 1));
+ for (i=0; i<n-1; i++) {
+ element_init(high[i], p->field);
+ element_set0(high[i]);
+ }
+ element_init(prod, res->field);
+ dst = prod->data;
+ element_init(p0, res->field);
+ element_init(c0, p->field);
+
+ for (i=0; i<n; i++) {
+ int ni = n - i;
+ for (j=0; j<ni; j++) {
+ element_mul(c0, s1[i], s2[j]);
+ element_add(dst[i + j], dst[i + j], c0);
+ }
+ for (;j<n; j++) {
+ element_mul(c0, s1[i], s2[j]);
+ element_add(high[j - ni], high[j - ni], c0);
+ }
+ }
+
+ for (i=0; i<n-1; i++) {
+ polymod_const_mul(p0, high[i], p->xpwr[i]);
+ element_add(prod, prod, p0);
+ element_clear(high[i]);
+ }
+ pbc_free(high);
+
+ element_set(res, prod);
+ element_clear(prod);
+ element_clear(p0);
+ element_clear(c0);
+}
+
+static void polymod_square_degree3(element_ptr res, element_ptr e) {
+ // TODO: Investigate if squaring is significantly cheaper than
+ // multiplication. If so convert to Karatsuba.
+ element_t *dst = res->data;
+ element_t *src = e->data;
+ mfptr p = res->field->data;
+ element_t p0;
+ element_t c0, c2;
+ element_ptr c1, c3;
+
+ element_init(p0, res->field);
+ element_init(c0, p->field);
+ element_init(c2, p->field);
+
+ c3 = p0->data;
+ c1 = c3 + 1;
+
+ element_mul(c3, src[0], src[1]);
+ element_mul(c1, src[0], src[2]);
+ element_square(dst[0], src[0]);
+
+ element_mul(c2, src[1], src[2]);
+ element_square(c0, src[2]);
+ element_square(dst[2], src[1]);
+
+ element_add(dst[1], c3, c3);
+
+ element_add(c1, c1, c1);
+ element_add(dst[2], dst[2], c1);
+
+ polymod_const_mul(p0, c0, p->xpwr[1]);
+ element_add(res, res, p0);
+
+ element_add(c2, c2, c2);
+ polymod_const_mul(p0, c2, p->xpwr[0]);
+ element_add(res, res, p0);
+
+ element_clear(p0);
+ element_clear(c0);
+ element_clear(c2);
+}
+
+static void polymod_square(element_ptr res, element_ptr e) {
+ element_t *dst;
+ element_t *src = e->data;
+ mfptr p = res->field->data;
+ int n = p->n;
+ element_t prod, p0, c0;
+ int i, j;
+ element_t *high; // Coefficients of x^n,...,x^{2n-2}.
+
+ high = pbc_malloc(sizeof(element_t) * (n - 1));
+ for (i=0; i<n-1; i++) {
+ element_init(high[i], p->field);
+ element_set0(high[i]);
+ }
+
+ element_init(prod, res->field);
+ dst = prod->data;
+ element_init(p0, res->field);
+ element_init(c0, p->field);
+
+ for (i=0; i<n; i++) {
+ int twicei = 2 * i;
+ element_square(c0, src[i]);
+ if (twicei < n) {
+ element_add(dst[twicei], dst[twicei], c0);
+ } else {
+ element_add(high[twicei - n], high[twicei - n], c0);
+ }
+
+ for (j=i+1; j<n-i; j++) {
+ element_mul(c0, src[i], src[j]);
+ element_add(c0, c0, c0);
+ element_add(dst[i + j], dst[i + j], c0);
+ }
+ for (;j<n; j++) {
+ element_mul(c0, src[i], src[j]);
+ element_add(c0, c0, c0);
+ element_add(high[i + j - n], high[i + j - n], c0);
+ }
+ }
+
+ for (i=0; i<n-1; i++) {
+ polymod_const_mul(p0, high[i], p->xpwr[i]);
+ element_add(prod, prod, p0);
+ element_clear(high[i]);
+ }
+ pbc_free(high);
+
+ element_set(res, prod);
+ element_clear(prod);
+ element_clear(p0);
+ element_clear(c0);
+}
+
+static int polymod_is0(element_ptr e) {
+ mfptr p = e->field->data;
+ element_t *coeff = e->data;
+ int i, n = p->n;
+
+ for (i=0; i<n; i++) {
+ if (!element_is0(coeff[i])) return 0;
+ }
+ return 1;
+}
+
+static int polymod_is1(element_ptr e) {
+ mfptr p = e->field->data;
+ element_t *coeff = e->data;
+ int i, n = p->n;
+
+ if (!element_is1(coeff[0])) return 0;
+ for (i=1; i<n; i++) {
+ if (!element_is0(coeff[i])) return 0;
+ }
+ return 1;
+}
+
+static void polymod_set0(element_ptr e) {
+ mfptr p = e->field->data;
+ element_t *coeff = e->data;
+ int i, n = p->n;
+
+ for (i=0; i<n; i++) {
+ element_set0(coeff[i]);
+ }
+}
+
+static void polymod_set1(element_ptr e) {
+ mfptr p = e->field->data;
+ element_t *coeff = e->data;
+ int i, n = p->n;
+
+ element_set1(coeff[0]);
+ for (i=1; i<n; i++) {
+ element_set0(coeff[i]);
+ }
+}
+
+static int polymod_sgn(element_ptr e) {
+ mfptr p = e->field->data;
+ element_t *coeff = e->data;
+ int res = 0;
+ int i, n = p->n;
+ for (i=0; i<n; i++) {
+ res = element_sgn(coeff[i]);
+ if (res) break;
+ }
+ return res;
+}
+
+static size_t polymod_out_str(FILE *stream, int base, element_ptr e) {
+ size_t result = 2, status;
+ mfptr p = e->field->data;
+ element_t *coeff = e->data;
+ int i, n = p->n;
+
+ if (EOF == fputc('[', stream)) return 0;
+ for (i=0; i<n; i++) {
+ if (i) {
+ if (EOF == fputs(", ", stream)) return 0;
+ result += 2;
+ }
+ status = element_out_str(stream, base, coeff[i]);
+ if (!status) return 0;
+ result += status;
+ }
+ if (EOF == fputc(']', stream)) return 0;
+ return result;
+}
+
+static int polymod_snprint(char *s, size_t size, element_ptr e) {
+ mfptr p = e->field->data;
+ element_t *coeff = e->data;
+ int i, n = p->n;
+ size_t result = 0, left;
+ int status;
+
+ #define clip_sub(void) { \
+ result += status; \
+ left = result >= size ? 0 : size - result; \
+ }
+
+ status = snprintf(s, size, "[");
+ if (status < 0) return status;
+ clip_sub();
+
+ for (i=0; i<n; i++) {
+ if (i) {
+ status = snprintf(s + result, left, ", ");
+ if (status < 0) return status;
+ clip_sub();
+ }
+ status = element_snprint(s + result, left, coeff[i]);
+ if (status < 0) return status;
+ clip_sub();
+ }
+ status = snprintf(s + result, left, "]");
+ if (status < 0) return status;
+ return result + status;
+ #undef clip_sub
+}
+
+static void polymod_set_multiz(element_ptr e, multiz m) {
+ mfptr p = e->field->data;
+ element_t *coeff = e->data;
+ int i, n = p->n;
+ if (multiz_is_z(m)) {
+ element_set_multiz(coeff[0], m);
+ for (i = 1; i < n; i++) element_set0(coeff[i]);
+ return;
+ }
+ int max = multiz_count(m);
+ for (i = 0; i < n; i++) {
+ if (i >= max) element_set0(coeff[i]);
+ else element_set_multiz(coeff[i], multiz_at(m, i));
+ }
+}
+
+static int polymod_set_str(element_ptr e, const char *s, int base) {
+ mfptr p = e->field->data;
+ element_t *coeff = e->data;
+ int i, n = p->n;
+ const char *cp = s;
+ element_set0(e);
+ while (*cp && isspace(*cp)) cp++;
+ if (*cp++ != '[') return 0;
+ for (i=0; i<n; i++) {
+ cp += element_set_str(coeff[i], cp, base);
+ while (*cp && isspace(*cp)) cp++;
+ if (i<n-1 && *cp++ != ',') return 0;
+ }
+ if (*cp++ != ']') return 0;
+ return cp - s;
+}
+
+static int polymod_coeff_count(element_ptr e) {
+ UNUSED_VAR(e);
+ mfptr p = e->field->data;
+ return p->n;
+}
+
+static element_ptr polymod_coeff(element_ptr e, int i) {
+ element_t *coeff = e->data;
+ return coeff[i];
+}
+
+static void polymod_to_mpz(mpz_t z, element_ptr e) {
+ element_to_mpz(z, polymod_coeff(e, 0));
+}
+
+// Compute x^n,...,x^{2n-2} mod poly.
+static void compute_x_powers(field_ptr field, element_ptr poly) {
+ mfptr p = field->data;
+ element_t p0;
+ element_ptr pwrn;
+ element_t *coeff, *coeff1;
+ int i, j;
+ int n = p->n;
+ element_t *xpwr;
+
+ xpwr = p->xpwr;
+
+ element_init(p0, field);
+ for (i=0; i<n; i++) {
+ element_init(xpwr[i], field);
+ }
+ pwrn = xpwr[0];
+ poly_to_polymod_truncate(pwrn, poly);
+ element_neg(pwrn, pwrn);
+
+ for (i=1; i<n; i++) {
+ coeff = xpwr[i-1]->data;
+ coeff1 = xpwr[i]->data;
+
+ element_set0(coeff1[0]);
+ for (j=1; j<n; j++) {
+ element_set(coeff1[j], coeff[j - 1]);
+ }
+ polymod_const_mul(p0, coeff[n - 1], pwrn);
+ element_add(xpwr[i], xpwr[i], p0);
+ }
+ element_clear(p0);
+}
+
+static void polymod_out_info(FILE *str, field_ptr f) {
+ mfptr p = f->data;
+ element_fprintf(str, "Extension, poly = %B, base field = ", p->poly);
+ field_out_info(str, p->field);
+}
+
+// Sets d = gcd(f, g).
+static void poly_gcd(element_ptr d, element_ptr f, element_ptr g) {
+ element_t a, b, q, r;
+ element_init(a, d->field);
+ element_init(b, d->field);
+ element_init(q, d->field);
+ element_init(r, d->field);
+
+ element_set(a, f);
+ element_set(b, g);
+ for(;;) {
+ //TODO: don't care about q
+ poly_div(q, r, a, b);
+ if (element_is0(r)) break;
+ element_set(a, b);
+ element_set(b, r);
+ }
+ element_set(d, b);
+ element_clear(a);
+ element_clear(b);
+ element_clear(q);
+ element_clear(r);
+}
+
+// Sets f = c g where c is the inverse of the leading coefficient of g.
+static void poly_make_monic(element_t f, element_t g) {
+ int n = poly_coeff_count(g);
+ int i;
+ element_ptr e0;
+ poly_alloc(f, n);
+ if (!n) return;
+
+ e0 = poly_coeff(f, n - 1);
+ element_invert(e0, poly_coeff(g, n - 1));
+ for (i=0; i<n-1; i++) {
+ element_mul(poly_coeff(f, i), poly_coeff(g, i), e0);
+ }
+ element_set1(e0);
+}
+
+// The above should be static.
+
+void field_init_poly(field_ptr f, field_ptr base_field) {
+ field_init(f);
+ pfptr p = f->data = pbc_malloc(sizeof(*p));
+ p->field = base_field;
+ p->mapbase = element_field_to_poly;
+ f->field_clear = field_clear_poly;
+ f->init = poly_init;
+ f->clear = poly_clear;
+ f->set_si = poly_set_si;
+ f->set_multiz = poly_set_multiz;
+ f->set_mpz = poly_set_mpz;
+ f->to_mpz = poly_to_mpz;
+ f->out_str = poly_out_str;
+ f->snprint = poly_snprint;
+ f->set = poly_set;
+ f->sign = poly_sgn;
+ f->add = poly_add;
+ f->doub = poly_double;
+ f->is0 = poly_is0;
+ f->is1 = poly_is1;
+ f->set0 = poly_set0;
+ f->set1 = poly_set1;
+ f->sub = poly_sub;
+ f->neg = poly_neg;
+ f->mul = poly_mul;
+ f->mul_mpz = poly_mul_mpz;
+ f->mul_si = poly_mul_si;
+ f->cmp = poly_cmp;
+ f->out_info = poly_out_info;
+ f->item_count = poly_coeff_count;
+ f->item = poly_coeff;
+
+ f->to_bytes = poly_to_bytes;
+ f->from_bytes = poly_from_bytes;
+ f->fixed_length_in_bytes = -1;
+ f->length_in_bytes = poly_length_in_bytes;
+}
+
+void poly_set_coeff(element_ptr e, element_ptr a, int n) {
+ peptr p = e->data;
+ if (p->coeff->count < n + 1) {
+ poly_alloc(e, n + 1);
+ }
+ element_ptr e0 = p->coeff->item[n];
+ element_set(e0, a);
+ if (p->coeff->count == n + 1 && element_is0(a)) poly_remove_leading_zeroes(e);
+}
+
+void poly_set_coeff0(element_ptr e, int n) {
+ peptr p = e->data;
+ if (n < p->coeff->count) {
+ element_set0(p->coeff->item[n]);
+ if (n == p->coeff->count - 1) poly_remove_leading_zeroes(e);
+ }
+}
+
+void poly_set_coeff1(element_ptr e, int n) {
+ peptr p = e->data;
+ if (p->coeff->count < n + 1) {
+ poly_alloc(e, n + 1);
+ }
+ element_set1(p->coeff->item[n]);
+}
+
+void poly_setx(element_ptr f) {
+ poly_alloc(f, 2);
+ element_set1(poly_coeff(f, 1));
+ element_set0(poly_coeff(f, 0));
+}
+
+void poly_const_mul(element_ptr res, element_ptr a, element_ptr poly) {
+ int i, n = poly_coeff_count(poly);
+ poly_alloc(res, n);
+ for (i=0; i<n; i++) {
+ element_mul(poly_coeff(res, i), a, poly_coeff(poly, i));
+ }
+ poly_remove_leading_zeroes(res);
+}
+
+void poly_random_monic(element_ptr f, int deg) {
+ int i;
+ poly_alloc(f, deg + 1);
+ for (i=0; i<deg; i++) {
+ element_random(poly_coeff(f, i));
+ }
+ element_set1(poly_coeff(f, i));
+}
+
+int polymod_field_degree(field_t f) {
+ mfptr p = f->data;
+ return p->n;
+}
+
+void field_init_polymod(field_ptr f, element_ptr poly) {
+ pfptr pdp = poly->field->data;
+ field_init(f);
+ mfptr p = f->data = pbc_malloc(sizeof(*p));
+ p->field = pdp->field;
+ p->mapbase = element_field_to_poly;
+ element_init(p->poly, poly->field);
+ element_set(p->poly, poly);
+ int n = p->n = poly_degree(p->poly);
+ f->field_clear = field_clear_polymod;
+ f->init = polymod_init;
+ f->clear = polymod_clear;
+ f->set_si = polymod_set_si;
+ f->set_mpz = polymod_set_mpz;
+ f->out_str = polymod_out_str;
+ f->snprint = polymod_snprint;
+ f->set_multiz = polymod_set_multiz;
+ f->set_str = polymod_set_str;
+ f->set = polymod_set;
+ f->sign = polymod_sgn;
+ f->add = polymod_add;
+ f->doub = polymod_double;
+ f->sub = polymod_sub;
+ f->neg = polymod_neg;
+ f->is0 = polymod_is0;
+ f->is1 = polymod_is1;
+ f->set0 = polymod_set0;
+ f->set1 = polymod_set1;
+ f->cmp = polymod_cmp;
+ f->to_mpz = polymod_to_mpz;
+ f->item_count = polymod_coeff_count;
+ f->item = polymod_coeff;
+ switch(n) {
+ case 3:
+ f->mul = polymod_mul_degree3;
+ f->square = polymod_square_degree3;
+ break;
+ case 6:
+ f->mul = polymod_mul_degree6;
+ f->square = polymod_square;
+ break;
+ default:
+ f->mul = polymod_mul;
+ f->square = polymod_square;
+ break;
+ }
+
+ f->mul_mpz = polymod_mul_mpz;
+ f->mul_si = polymod_mul_si;
+ f->random = polymod_random;
+ f->from_hash = polymod_from_hash;
+ f->invert = polymod_invert;
+ f->is_sqr = polymod_is_sqr;
+ f->sqrt = polymod_sqrt;
+ f->to_bytes = polymod_to_bytes;
+ f->from_bytes = polymod_from_bytes;
+ f->out_info = polymod_out_info;
+
+ if (pdp->field->fixed_length_in_bytes < 0) {
+ f->fixed_length_in_bytes = -1;
+ f->length_in_bytes = polymod_length_in_bytes;
+ } else {
+ f->fixed_length_in_bytes = pdp->field->fixed_length_in_bytes * poly_degree(poly);
+ }
+ mpz_pow_ui(f->order, p->field->order, n);
+
+ p->xpwr = pbc_malloc(sizeof(element_t) * n);
+ compute_x_powers(f, poly);
+}
+
+field_ptr poly_base_field(element_t f) {
+ return ((pfptr) f->field->data)->field;
+}
+
+void polymod_const_mul(element_ptr res, element_ptr a, element_ptr e) {
+ // a lies in R, e in R[x].
+ element_t *coeff = e->data, *dst = res->data;
+ int i, n = polymod_field_degree(e->field);
+
+ for (i=0; i<n; i++) {
+ element_mul(dst[i], coeff[i], a);
+ }
+}
+
+struct checkgcd_scope_var {
+ mpz_ptr z, deg;
+ field_ptr basef;
+ element_ptr xpow, x, f, g;
+};
+
+// Returns 0 if gcd(x^q^{n/d} - x, f) = 1, 1 otherwise.
+static int checkgcd(mpz_ptr fac, unsigned int mul, struct checkgcd_scope_var *v) {
+ UNUSED_VAR(mul);
+ mpz_divexact(v->z, v->deg, fac);
+ mpz_pow_ui(v->z, v->basef->order, mpz_get_ui(v->z));
+ element_pow_mpz(v->xpow, v->x, v->z);
+ element_sub(v->xpow, v->xpow, v->x);
+ if (element_is0(v->xpow)) return 1;
+ polymod_to_poly(v->g, v->xpow);
+ poly_gcd(v->g, v->f, v->g);
+ return poly_degree(v->g) != 0;
+}
+
+// Returns 1 if polynomial is irreducible, 0 otherwise.
+// A polynomial f(x) is irreducible in F_q[x] if and only if:
+// (1) f(x) | x^{q^n} - x, and
+// (2) gcd(f(x), x^{q^{n/d}} - x) = 1 for all primes d | n.
+// (Recall GF(p) is the splitting field for x^p - x.)
+int poly_is_irred(element_ptr f) {
+ int res = 0;
+ element_t xpow, x, g;
+ field_ptr basef = poly_base_field(f);
+ field_t rxmod;
+
+ // 0, units are not irreducibles.
+ // Assume coefficients are from a field.
+ if (poly_degree(f) <= 0) return 0;
+ // Degree 1 polynomials are always irreducible.
+ if (poly_degree(f) == 1) return 1;
+
+ field_init_polymod(rxmod, f);
+ element_init(xpow, rxmod);
+ element_init(x, rxmod);
+ element_init(g, f->field);
+ element_set1(polymod_coeff(x, 1));
+
+ // The degree fits in an unsigned int but I'm lazy and want to use my
+ // mpz trial division code.
+ mpz_t deg, z;
+ mpz_init(deg);
+ mpz_init(z);
+ mpz_set_ui(deg, poly_degree(f));
+
+ struct checkgcd_scope_var v = {.z = z, .deg = deg, .basef = basef,
+ .xpow = xpow, .x = x, .f = f, .g = g};
+ if (!pbc_trial_divide((int(*)(mpz_t,unsigned,void*))checkgcd, &v, deg, NULL)) {
+ // By now condition (2) has been satisfied. Check (1).
+ mpz_pow_ui(z, basef->order, poly_degree(f));
+ element_pow_mpz(xpow, x, z);
+ element_sub(xpow, xpow, x);
+ if (element_is0(xpow)) res = 1;
+ }
+
+ mpz_clear(deg);
+ mpz_clear(z);
+ element_clear(g);
+ element_clear(xpow);
+ element_clear(x);
+ field_clear(rxmod);
+ return res;
+}
+
+void element_field_to_poly(element_ptr f, element_ptr g) {
+ poly_alloc(f, 1);
+ element_set(poly_coeff(f, 0), g);
+ poly_remove_leading_zeroes(f);
+}
+
+void element_field_to_polymod(element_ptr f, element_ptr g) {
+ mfptr p = f->field->data;
+ element_t *coeff = f->data;
+ int i, n = p->n;
+ element_set(coeff[0], g);
+ for (i=1; i<n; i++) {
+ element_set0(coeff[i]);
+ }
+}
+
+// Returns 0 when a root exists and sets root to one of the roots.
+int poly_findroot(element_ptr root, element_ptr poly) {
+ // Compute gcd(x^q - x, poly).
+ field_t fpxmod;
+ element_t p, x, r, fac, g;
+ mpz_t q;
+
+ mpz_init(q);
+ mpz_set(q, poly_base_field(poly)->order);
+
+ field_init_polymod(fpxmod, poly);
+ element_init(p, fpxmod);
+ element_init(x, fpxmod);
+ element_init(g, poly->field);
+ element_set1(((element_t *) x->data)[1]);
+pbc_info("findroot: degree %d...", poly_degree(poly));
+ element_pow_mpz(p, x, q);
+ element_sub(p, p, x);
+
+ polymod_to_poly(g, p);
+ element_clear(p);
+ poly_gcd(g, g, poly);
+ poly_make_monic(g, g);
+ element_clear(x);
+ field_clear(fpxmod);
+
+ if (!poly_degree(g)) {
+ printf("no roots!\n");
+ mpz_clear(q);
+ element_clear(g);
+ return -1;
+ }
+
+ // Cantor-Zassenhaus algorithm.
+ element_init(fac, g->field);
+ element_init(x, g->field);
+ element_set_si(x, 1);
+ mpz_sub_ui(q, q, 1);
+ mpz_divexact_ui(q, q, 2);
+ element_init(r, g->field);
+ for (;;) {
+ if (poly_degree(g) == 1) break; // Found a root!
+step_random:
+ poly_random_monic(r, 1);
+ // TODO: evaluate at g instead of bothering with gcd
+ poly_gcd(fac, r, g);
+
+ if (poly_degree(fac) > 0) {
+ poly_make_monic(g, fac);
+ } else {
+ field_init_polymod(fpxmod, g);
+ int n;
+ element_init(p, fpxmod);
+
+ poly_to_polymod_truncate(p, r);
+pbc_info("findroot: degree %d...", poly_degree(g));
+ element_pow_mpz(p, p, q);
+
+ polymod_to_poly(r, p);
+ element_clear(p);
+ field_clear(fpxmod);
+
+ element_add(r, r, x);
+ poly_gcd(fac, r, g);
+ n = poly_degree(fac);
+ if (n > 0 && n < poly_degree(g)) {
+ poly_make_monic(g, fac);
+ } else {
+ goto step_random;
+ }
+ }
+ }
+pbc_info("findroot: found root");
+ element_neg(root, poly_coeff(g, 0));
+ element_clear(r);
+ mpz_clear(q);
+ element_clear(x);
+ element_clear(g);
+ element_clear(fac);
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/arith/random.c b/moon-abe/pbc-0.5.14/arith/random.c
new file mode 100644
index 00000000..68228b3f
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/arith/random.c
@@ -0,0 +1,87 @@
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h>
+#include <gmp.h>
+#include "pbc_random.h"
+#include "pbc_utils.h"
+#include "pbc_memory.h"
+
+void pbc_init_random(void);
+
+// Must use pointer due to lack of gmp_randstate_ptr.
+static gmp_randstate_t *get_rs(void) {
+ static int rs_is_ready;
+ static gmp_randstate_t rs;
+ if (!rs_is_ready) {
+ gmp_randinit_default(rs);
+ rs_is_ready = 1;
+ }
+ return &rs;
+}
+
+static void deterministic_mpz_random(mpz_t z, mpz_t limit, void *data) {
+ UNUSED_VAR (data);
+ mpz_urandomm(z, *get_rs(), limit);
+}
+
+static void file_mpz_random(mpz_t r, mpz_t limit, void *data) {
+ char *filename = (char *) data;
+ FILE *fp;
+ int n, bytecount, leftover;
+ unsigned char *bytes;
+ mpz_t z;
+ mpz_init(z);
+ fp = fopen(filename, "rb");
+ if (!fp) return;
+ n = mpz_sizeinbase(limit, 2);
+ bytecount = (n + 7) / 8;
+ leftover = n % 8;
+ bytes = (unsigned char *) pbc_malloc(bytecount);
+ for (;;) {
+ if (!fread(bytes, 1, bytecount, fp)) {
+ pbc_warn("error reading source of random bits");
+ return;
+ }
+ if (leftover) {
+ *bytes = *bytes % (1 << leftover);
+ }
+ mpz_import(z, bytecount, 1, 1, 0, 0, bytes);
+ if (mpz_cmp(z, limit) < 0) break;
+ }
+ fclose(fp);
+ mpz_set(r, z);
+ mpz_clear(z);
+ pbc_free(bytes);
+}
+
+static void (*current_mpz_random)(mpz_t, mpz_t, void *);
+static void *current_random_data;
+static int random_function_ready = 0;
+
+void pbc_random_set_function(void (*fun)(mpz_t, mpz_t, void *), void *data) {
+ current_mpz_random = fun;
+ current_random_data = data;
+ random_function_ready = 1;
+}
+
+void pbc_mpz_random(mpz_t z, mpz_t limit) {
+ if (!random_function_ready) pbc_init_random();
+ current_mpz_random(z, limit, current_random_data);
+}
+
+void pbc_mpz_randomb(mpz_t z, unsigned int bits) {
+ mpz_t limit;
+ mpz_init(limit);
+ mpz_setbit(limit, bits);
+ pbc_mpz_random(z, limit);
+ mpz_clear(limit);
+}
+
+void pbc_random_set_deterministic(unsigned int seed) {
+ gmp_randseed_ui(*get_rs(), seed);
+ pbc_random_set_function(deterministic_mpz_random, NULL);
+}
+
+void pbc_random_set_file(char *filename) {
+ pbc_random_set_function(file_mpz_random, filename);
+}
diff --git a/moon-abe/pbc-0.5.14/arith/ternary_extension_field.c b/moon-abe/pbc-0.5.14/arith/ternary_extension_field.c
new file mode 100644
index 00000000..3c79e3bd
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/arith/ternary_extension_field.c
@@ -0,0 +1,950 @@
+/* $GF(3^m) = GF(3)[x]/(x^m + x^t + 2)$
+ $GF(3^{2*m}) = GF(3^m)[x]/(x^2 + 1)$
+ $GF(3^{3*m}) = GF(3^m)[x]/(x^3 - x -1)$
+ $GF(3^{6*m}) = GF(3^{2*m})[x]/(x^3 - x -1)$
+
+ The "gf3_*" functions are for $GF(3)$.
+ The "gf3m_*" functions are for $GF(3^m)$.
+ The "gf32m_*" functions are for $GF(3^{2*m})$.
+ The "gf33m_*" functions are for $GF(3^{3*m})$ and $GF(3^{6*m})$.
+
+ (gf3m field_t).data is a pointer of struct params
+ (gf3m element_t).data is a pointer of unsigned long
+ (gf32m element_t).data is gf32m_ptr
+ (gf33m element_t).data is gf33m_ptr */
+
+#include <stdlib.h>
+#include <string.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h>
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_memory.h"
+#include "pbc_field.h"
+
+typedef unsigned long gf3;
+
+typedef struct { /* private data of $GF(3^m)$ */
+ unsigned int len; /* the number of native machine integers required to represent one GF(3^m) element */
+ unsigned int m; /* the irreducible polynomial is $x^m + x^t + 2$ */
+ unsigned int t; /* the irreducible polynomial is $x^m + x^t + 2$ */
+ element_ptr p; /* $p$ is the irreducible polynomial. */
+} params;
+
+typedef struct {
+ element_t _0, _1;
+} gf32m_s;
+
+typedef gf32m_s *gf32m_ptr;
+
+typedef struct {
+ element_t _0, _1, _2;
+} gf33m_s;
+
+typedef gf33m_s *gf33m_ptr;
+
+#define W (sizeof(unsigned long)*8) /* number of GF(3) elements in one processor integer */
+#define PARAM(e) ((params *)e->field->data)
+#define LEN(e) (PARAM(e)->len)
+#define SIZE(e) (LEN(e) * 2 * sizeof(unsigned long))
+#define DATA1(e) ((unsigned long*)e->data)
+#define DATA2(e) ((unsigned long*)e->data + LEN(e))
+#define GF32M(e) ((gf32m_s *)e->data)
+#define GF33M(e) ((gf33m_s *)e->data)
+#define BASE(e) ((field_ptr)e->field->data)
+#define print(e) {printf(#e": "); element_out_str(stdout, 10, e); printf("\n");}
+
+static size_t gf3m_out_str(FILE *stream, int base, element_t e) {
+ if (base != 10 && base != 16)
+ pbc_die("only support base 10 and base 16");
+ size_t size = 0;
+ unsigned i;
+ unsigned long *d = DATA1(e);
+ for (i = 0; i < LEN(e) * 2; i++) {
+ if (base == 16)
+ size += fprintf(stream, "0x%lx,", d[i]);
+ else
+ size += fprintf(stream, "%lu,", d[i]);
+ }
+ return size;
+}
+
+/* $a <- 0$ */
+static void gf3m_zero(element_t a) {
+ memset(a->data, 0, SIZE(a));
+}
+
+static void gf3m_init(element_t e) {
+ e->data = pbc_malloc(SIZE(e));
+ gf3m_zero(e);
+}
+
+static void gf3m_clear(element_t e) {
+ pbc_free(e->data);
+}
+
+/* $e <- a$ */
+static void gf3m_assign(element_t e, element_t a) {
+ memcpy(e->data, a->data, SIZE(a));
+}
+
+/* $a <- a/x$. $len$ is the number of elements in $a$ */
+static void shift_down(unsigned int len, unsigned long a[]) {
+ unsigned long h = 0;
+ const unsigned long x = 1ul << (W - 1);
+ int i;
+ for (i = len - 1; i >= 0; i--) {
+ unsigned long l = a[i] & 1;
+ a[i] >>= 1;
+ if (h)
+ a[i] |= x;
+ h = l;
+ }
+}
+
+/* $e <- e/x$ */
+static void gf3m_shift_down(element_t e) {
+ shift_down(LEN(e), DATA1(e));
+ shift_down(LEN(e), DATA2(e));
+}
+
+/* $a <- a*x$. $len$ is the number of elements in $a$ */
+static void shift_up(unsigned int len, unsigned long a[]) {
+ unsigned long l = 0;
+ const unsigned long x = 1ul << (W - 1), y = x - 1;
+ unsigned i;
+ for (i = 0; i < len; i++) {
+ unsigned long h = a[i] & x;
+ a[i] = ((a[i] & y) << 1) | l;
+ l = h ? 1 : 0;
+ }
+}
+
+/* $e <- e*x$ */
+static void gf3m_shift_up(element_t e) {
+ shift_up(LEN(e), DATA1(e));
+ shift_up(LEN(e), DATA2(e));
+}
+
+/* return the coefficient of $x^pos$ in $e$ */
+static unsigned gf3m_get(element_t e, unsigned pos) {
+ unsigned long *a1 = DATA1(e), *a2 = DATA2(e);
+ unsigned x = pos / W;
+ unsigned long y = 1ul << (pos % W), v1 = a1[x] & y, v2 = a2[x] & y;
+ return v1 ? 1 : (v2 ? 2 : 0);
+}
+
+/* set the coefficient of $x^pos$ as 1 */
+static void gf3m_set(element_t e, unsigned pos, unsigned value) {
+ unsigned long *a = DATA1(e);
+ /* assert value == 0, 1 or 2 */
+ if (value == 2)
+ a = DATA2(e);
+ if (value)
+ a[pos / W] |= 1ul << (pos % W);
+}
+
+/* $e <- a+b$ */
+static void gf3m_add(element_t e, element_t a, element_t b) {
+ unsigned long *e1 = DATA1(e), *e2 = DATA2(e), *a1 = DATA1(a),
+ *a2 = DATA2(a), *b1 = DATA1(b), *b2 = DATA2(b);
+ unsigned i;
+ for (i = 0; i < LEN(e); i++, e1++, e2++, a1++, a2++, b1++, b2++) {
+ unsigned long t = (*a1 | *a2) & (*b1 | *b2), c1 = t ^ (*a1 | *b1), c2 =
+ t ^ (*a2 | *b2);
+ *e1 = c1;
+ *e2 = c2;
+ }
+}
+
+/* $e <- x-y$ */
+static void gf3m_sub(element_t e, element_t a, element_t b) {
+ unsigned long *e1 = DATA1(e), *e2 = DATA2(e), *a1 = DATA1(a),
+ *a2 = DATA2(a), *b1 = DATA2(b), *b2 = DATA1(b);
+ unsigned i;
+ for (i = 0; i < LEN(e); i++, e1++, e2++, a1++, a2++, b1++, b2++) {
+ unsigned long t = (*a1 | *a2) & (*b1 | *b2), c1 = t ^ (*a1 | *b1), c2 =
+ t ^ (*a2 | *b2);
+ *e1 = c1;
+ *e2 = c2;
+ }
+}
+
+/* return 0 if $a == b$ in $GF(3^m)$, 1 otherwise. */
+static int gf3m_cmp(element_t a, element_t b) {
+ unsigned long *pa = DATA1(a), *pb = DATA1(b);
+ unsigned i;
+ for (i = 0; i < LEN(a) * 2; i++, pa++, pb++)
+ if (*pa != *pb)
+ return 1;
+ return 0;
+}
+
+/* $a <- 1$ */
+static void gf3m_one(element_t a) {
+ gf3m_zero(a);
+ *DATA1(a) = 1;
+}
+
+static int gf3m_is0(element_t e) {
+ unsigned i;
+ for (i = 0; i < LEN(e) * 2; i++)
+ if (DATA1(e)[i])
+ return 0;
+ return 1;
+}
+
+static int gf3m_is1(element_t e) {
+ unsigned i;
+ if (DATA1(e)[0] != 1)
+ return 0;
+ for (i = 1; i < LEN(e) * 2; i++)
+ if (DATA1(e)[i])
+ return 0;
+ return 1;
+}
+
+/* set $a$ to be a random element in $GF(3^m)$ */
+static void gf3m_random(element_t a) {
+ /* TODO: use uniform distribution? */
+ params *c = PARAM(a);
+ unsigned rm = c->m % W;
+ const unsigned long i1 = ~0ul;
+ unsigned long i2 = (1ul << rm) - 1;
+ unsigned long *a1 = DATA1(a), *a2 = DATA2(a);
+ unsigned i;
+ for (i = 0; i < c->len - 1; i++, a1++, a2++) { /* TODO: if $RAND_MAX < i1$ ? */
+ *a1 = rand() & i1;
+ *a2 = rand() & i1 & ~(*a1); /* assuring there is no bit that a1[x] & a2[x] == 1 */
+ }
+ unsigned long x = rm ? i2 : i1;
+ *a1 = rand() & x;
+ *a2 = rand() & x & ~(*a1);
+}
+
+static void swap(unsigned long *a, unsigned long *b) {
+ *a ^= *b;
+ *b ^= *a;
+ *a ^= *b;
+}
+
+/* $y <- (-x)$ */
+static void gf3m_neg(element_t y, element_t x) {
+ unsigned long *a1 = DATA1(x), *a2 = DATA2(x), *c1 = DATA1(y),
+ *c2 = DATA2(y);
+ if (a1 == c1) {
+ unsigned i;
+ for (i = 0; i < LEN(y); i++, a1++, a2++)
+ swap(a1, a2);
+ } else {
+ memcpy(c1, a2, SIZE(y) / 2);
+ memcpy(c2, a1, SIZE(y) / 2);
+ }
+}
+
+/* doing reduction
+ * The function returns the value of $a$ modulo $the irreducible trinomial$.
+ * $degree$ equals the degree of $a$.
+ * $2*len$ is the number of elements in $a$ */
+static void gf3m_reduct(element_t e, unsigned len, unsigned degree) {
+ // the $len$ argument exists because sometimes $len != p->len$
+ params *p = PARAM(e);
+ unsigned old = p->len;
+ p->len = len;
+ element_t px;
+ element_init(px, e->field);
+ gf3m_set(px, degree, 1);
+ gf3m_set(px, degree - p->m + p->t, 1);
+ gf3m_set(px, degree - p->m, 2);
+ while (degree >= p->m) {
+ unsigned v = gf3m_get(e, degree);
+ if (v == 1)
+ gf3m_sub(e, e, px);
+ else if (v == 2)
+ gf3m_add(e, e, px);
+ degree--;
+ gf3m_shift_down(px);
+ }
+ element_clear(px);
+ p->len = old;
+}
+
+/* doing multiplication of $n \in \{0,1,2\}$ and $a$ in $GF(3^m)$
+ * The function sets $e <- n * a$. */
+static void gf3m_f1(element_t e, unsigned n, element_t a) {
+ /* assert $e$ is not $a$ */
+ if (n == 0)
+ memset(DATA1(e), 0, SIZE(e));
+ else if (n == 1)
+ memcpy(DATA1(e), DATA1(a), SIZE(e));
+ else {
+ memcpy(DATA1(e), DATA2(a), SIZE(e) / 2);
+ memcpy(DATA2(e), DATA1(a), SIZE(e) / 2);
+ }
+}
+
+/* $e <- e*x mod p(x)$ */
+static void gf3m_f2(element_t e) {
+ params *p = PARAM(e);
+ gf3m_shift_up(e);
+ unsigned v = gf3m_get(e, p->m);
+ if (v == 1)
+ gf3m_sub(e, e, p->p);
+ else if (v == 2)
+ gf3m_add(e, e, p->p);
+}
+
+/* doing multiplication in GF(3^m)
+ * The function sets $e == a*b \in GF(3^m)$ */
+static void gf3m_mult(element_t e, element_ptr a, element_t b) {
+ params *p = PARAM(a);
+ element_t aa, t, c;
+ element_init(aa, a->field);
+ element_set(aa, a);
+ a = aa; // clone $a$
+ element_init(t, a->field);
+ element_init(c, a->field);
+ unsigned i;
+ for (i = 0; i < p->m; i++) {
+ unsigned v = gf3m_get(b, i);
+ gf3m_f1(t, v, a); /* t == b[i]*a in GF(3^m) */
+ gf3m_add(c, c, t); /* c += b[i]*a in GF(3^m) */
+ gf3m_f2(a); /* a == a*x in GF(3^m) */
+ }
+ element_set(e, c);
+ element_clear(t);
+ element_clear(c);
+ element_clear(aa);
+}
+
+/* $e <- x^3$ */
+static void gf3m_cubic(element_t e, element_t x) {
+ /* TODO: faster algorithm */
+ params *p = PARAM(x);
+ unsigned old = p->len;
+ unsigned len = (3 * p->m - 2 + W - 1) / W; /* length of $b1 */
+ p->len = len;
+ element_t a;
+ element_init(a, x->field);
+ unsigned i;
+ for (i = 0; i < p->m; i++) {
+ p->len = old;
+ unsigned v = gf3m_get(x, i);
+ p->len = len;
+ gf3m_set(a, 3 * i, v);
+ }
+ gf3m_reduct(a, len, 3 * p->m - 3);
+ p->len = old;
+ memcpy(DATA1(e), DATA1(a), SIZE(e) / 2);
+ memcpy(DATA2(e), DATA1(a) + len, SIZE(e) / 2);
+ element_clear(a);
+}
+
+/* multiplication modulo 3 of two elements in GF(3)
+ * for example, $mult(2,2) == 1$, and $mult(1,2) == 2$ */
+static unsigned gf3_mult(unsigned a, unsigned b) {
+ static const unsigned l[] = { 0, 1, 2, 0, 1 };
+ return l[a * b];
+}
+
+static void gf3m_swap(element_t a, element_t b) {
+ unsigned long *p = DATA1(a);
+ a->data = b->data;
+ b->data = p;
+}
+
+/* computing the inversion of an element $a$ in GF(3^m), i.e., $e <- a^{-1}$
+ The algorithm is by Tim Kerins, Emanuel Popovici and William Marnane
+ in the paper of "Algorithms and Architectures for use in FPGA",
+ Lecture Notes in Computer Science, 2004, Volume 3203/2004, 74-83.
+ Note that $U$ must have an extra bit, i.e, (_m + W - 1) // W == (_m + W) // W */
+static void gf3m_invert(element_t e, element_t a) {
+ struct field_s *f = a->field;
+ params *p = PARAM(a);
+ unsigned lenA = p->len;
+ unsigned lenS = (3 * p->m + W - 1) / W;
+ p->len = lenS;
+ element_t S, R, t, U, V, t2;
+ element_init(S, f);
+ element_init(R, f);
+ element_init(t, f);
+ memcpy(DATA1(S), DATA1(p->p), lenA * sizeof(unsigned long)); /* S = p(x) */
+ memcpy(DATA1(S) + lenS, DATA1(p->p) + lenA, lenA * sizeof(unsigned long));
+ memcpy(DATA1(R), DATA1(a), lenA * sizeof(unsigned long)); /* R = _clone(a) */
+ memcpy(DATA1(R) + lenS, DATA1(a) + lenA, lenA * sizeof(unsigned long));
+ p->len = lenA;
+ element_init(U, f);
+ gf3m_one(U);
+ element_init(V, f);
+ element_init(t2, f);
+ unsigned d = 0, i, r_m, s_m, q, x;
+ for (i = 0; i < p->m * 2; i++) {
+ p->len = lenS;
+ r_m = gf3m_get(R, p->m), s_m = gf3m_get(S, p->m);
+ if (r_m == 0) {
+ gf3m_shift_up(R); /* R = xR */
+ p->len = lenA;
+ gf3m_f2(U); /* U = xU mod p */
+ d++;
+ } else {
+ q = gf3_mult(r_m, s_m);
+ gf3m_f1(t, q, R);
+ gf3m_sub(S, S, t); /* S = S-qR */
+ gf3m_shift_up(S); /* S = xS */
+ p->len = lenA;
+ gf3m_f1(t2, q, U);
+ gf3m_sub(V, V, t2); /* V = V-qU */
+ if (d == 0) {
+ gf3m_swap(S, R);
+ gf3m_swap(U, V);
+ gf3m_f2(U); /* U = xU mod p*/
+ d++;
+ } else {
+ x = gf3m_get(U, 0);
+ if (x == 1) /* assuring x|U */
+ gf3m_add(U, U, p->p);
+ else if (x == 2)
+ gf3m_sub(U, U, p->p);
+ gf3m_shift_down(U); /* divide U by $x$ */
+ d--;
+ }
+ }
+ }
+ p->len = lenS;
+ r_m = gf3m_get(R, p->m); /* assume r_m is not zero */
+ p->len = lenA;
+ if (r_m == 2)
+ gf3m_neg(U, U);
+ memcpy(e->data, U->data, lenA * 2 * sizeof(unsigned long));
+ element_clear(S);
+ element_clear(R);
+ element_clear(U);
+ element_clear(V);
+ element_clear(t);
+ element_clear(t2);
+}
+
+static void gf3m_sqrt(element_t e, element_t a) {
+ field_ptr f = e->field;
+ mpz_t t;
+ mpz_init(t); // t == (field_order + 1) / 4
+ mpz_set(t, f->order);
+ mpz_add_ui(t, t, 1);
+ mpz_tdiv_q_2exp(t, t, 2);
+ element_pow_mpz(e, a, t);
+ mpz_clear(t);
+}
+
+int gf3m_to_bytes(unsigned char *d, element_ptr e) {
+ unsigned long *a = DATA1(e), *b = DATA2(e);
+ unsigned long i, j;
+ for (i = 0; i < LEN(e); i++, a++, b++) {
+ for (j = 0; j < sizeof(unsigned long) * 8; j += 8) {
+ *(d++) = (unsigned char) ((*a) >> j);
+ *(d++) = (unsigned char) ((*b) >> j);
+ }
+ }
+ return SIZE(e);
+}
+
+int gf3m_from_bytes(element_ptr e, unsigned char *d) {
+ unsigned long *a = DATA1(e), *b = DATA2(e);
+ unsigned i;
+ int j;
+ for (i = 0; i < LEN(e); i++, a++, b++, d += sizeof(unsigned long) * 2) {
+ *a = 0, *b = 0;
+ j = 2 * sizeof(unsigned long) - 2;
+ while (j >= 0) {
+ *a <<= 8, *b <<= 8;
+ *a += d[j];
+ *b += d[j + 1];
+ j -= 2;
+ }
+ }
+ return SIZE(e);
+}
+
+static void field_clear_gf3m(field_t f) {
+ params *p = f->data;
+ gf3m_clear(p->p);
+ pbc_free(p->p);
+ pbc_free(p);
+}
+
+/* initialize the finite field as $GF(3^m)$, whose irreducible polynomial is with the degree of $m$ */
+void field_init_gf3m(field_t f, unsigned m, unsigned t) {
+ params *p = pbc_malloc(sizeof(*p));
+ p->len = (m + (W - 1) + 1) / W; /* extra one bit for $_p$ */
+ p->m = m;
+ p->t = t;
+ p->p = pbc_malloc(sizeof(*(p->p)));
+ p->p->field = f;
+ p->p->data = pbc_malloc(2 * sizeof(unsigned long) * p->len);
+ memset(p->p->data, 0, 2 * sizeof(unsigned long) * p->len);
+ unsigned long *p1 = p->p->data, *p2 = p1 + p->len;
+ p2[0] = 1; /* _p == x^m+x^t+2 */
+ unsigned int p_t = p->t;
+ p1[p_t / W] |= 1ul << (p_t % W);
+ p1[m / W] |= 1ul << (m % W);
+
+ field_init(f);
+ f->field_clear = field_clear_gf3m;
+ f->init = gf3m_init;
+ f->clear = gf3m_clear;
+ f->set = gf3m_assign;
+ f->set0 = gf3m_zero;
+ f->set1 = gf3m_one;
+ f->is0 = gf3m_is0;
+ f->is1 = gf3m_is1;
+ f->add = gf3m_add;
+ f->sub = gf3m_sub;
+ f->mul = gf3m_mult;
+ f->cubic = gf3m_cubic;
+ f->invert = gf3m_invert;
+ f->neg = gf3m_neg;
+ f->random = gf3m_random;
+ f->cmp = gf3m_cmp;
+ f->sqrt = gf3m_sqrt;
+ f->from_bytes = gf3m_from_bytes;
+ f->to_bytes = gf3m_to_bytes;
+ f->out_str = gf3m_out_str;
+ f->fixed_length_in_bytes = 2 * sizeof(unsigned long) * p->len;
+ f->data = p;
+ f->name = "GF(3^m)";
+
+ mpz_set_ui(f->order, 3);
+ mpz_pow_ui(f->order, f->order, p->m);
+}
+
+static size_t gf32m_out_str(FILE *stream, int base, element_t e) {
+ UNUSED_VAR(base);
+ element_ptr e0 = GF32M(e)->_0, e1 = GF32M(e)->_1;
+ size_t size = 0;
+ size += element_out_str(stream, base, e0);
+ size += element_out_str(stream, base, e1);
+ return size;
+}
+
+static void gf32m_init(element_t e) {
+ e->data = pbc_malloc(sizeof(gf32m_s));
+ gf32m_ptr p = (gf32m_ptr) e->data;
+ field_ptr base = BASE(e);
+ element_init(p->_0, base);
+ element_init(p->_1, base);
+}
+
+static void gf32m_clear(element_t e) {
+ gf32m_ptr p = (gf32m_ptr) e->data;
+ element_clear(p->_0);
+ element_clear(p->_1);
+ pbc_free(e->data);
+}
+
+static void gf32m_set0(element_t e) {
+ element_ptr e0 = GF32M(e)->_0, e1 = GF32M(e)->_1;
+ element_set0(e0);
+ element_set0(e1);
+}
+
+static void gf32m_set1(element_t e) {
+ element_ptr e0 = GF32M(e)->_0, e1 = GF32M(e)->_1;
+ element_set1(e0);
+ element_set0(e1);
+}
+
+static int gf32m_item_count(element_t e) {
+ UNUSED_VAR(e);
+ return 2;
+}
+
+static element_ptr gf32m_item(element_t a, int i) {
+ element_ptr a0 = GF32M(a)->_0, a1 = GF32M(a)->_1;
+ return i == 0 ? a0 : a1;
+}
+
+static void gf32m_assign(element_t e, element_t a) {
+ element_ptr a0 = GF32M(a)->_0, a1 = GF32M(a)->_1, e0 = GF32M(e)->_0, e1 =
+ GF32M(e)->_1;
+ element_set(e0, a0);
+ element_set(e1, a1);
+}
+
+static void gf32m_random(element_t e) {
+ element_ptr e0 = GF32M(e)->_0, e1 = GF32M(e)->_1;
+ element_random(e0);
+ element_random(e1);
+}
+
+/* return 0 if $a == b$, 1 otherwise */
+static int gf32m_cmp(element_t a, element_t b) {
+ element_ptr a0 = GF32M(a)->_0, a1 = GF32M(a)->_1, b0 = GF32M(b)->_0, b1 =
+ GF32M(b)->_1;
+ return element_cmp(a0, b0) || element_cmp(a1, b1);
+}
+
+/* $c <- a+b$ */
+static void gf32m_add(element_t c, element_t a, element_t b) {
+ element_ptr a0 = GF32M(a)->_0, a1 = GF32M(a)->_1, b0 = GF32M(b)->_0, b1 =
+ GF32M(b)->_1, c0 = GF32M(c)->_0, c1 = GF32M(c)->_1;
+ element_add(c0, a0, b0);
+ element_add(c1, a1, b1);
+}
+
+/* $c <- a-b$ */
+static void gf32m_sub(element_t c, element_t a, element_t b) {
+ element_ptr a0 = GF32M(a)->_0, a1 = GF32M(a)->_1, b0 = GF32M(b)->_0, b1 =
+ GF32M(b)->_1, c0 = GF32M(c)->_0, c1 = GF32M(c)->_1;
+ element_sub(c0, a0, b0);
+ element_sub(c1, a1, b1);
+}
+
+/* $c <- (-a)$ */
+static void gf32m_neg(element_t c, element_t a) {
+ element_ptr a0 = GF32M(a)->_0, a1 = GF32M(a)->_1, c0 = GF32M(c)->_0, c1 =
+ GF32M(c)->_1;
+ element_neg(c0, a0);
+ element_neg(c1, a1);
+}
+
+/* $e<- a*b$ */
+static void gf32m_mult(element_t e, element_t a, element_t b) {
+ element_ptr a0 = GF32M(a)->_0, a1 = GF32M(a)->_1, b0 = GF32M(b)->_0, b1 =
+ GF32M(b)->_1, e0 = GF32M(e)->_0, e1 = GF32M(e)->_1;
+ field_ptr base = BASE(a);
+ element_t a0b0, a1b1, t0, t1, c1;
+ element_init(a0b0, base);
+ element_init(a1b1, base);
+ element_init(t0, base);
+ element_init(t1, base);
+ element_init(c1, base);
+ element_mul(a0b0, a0, b0);
+ element_mul(a1b1, a1, b1);
+ element_add(t0, a1, a0);
+ element_add(t1, b1, b0);
+ element_mul(c1, t0, t1); // c1 == (a1+a0)*(b1+b0)
+ element_sub(c1, c1, a1b1);
+ element_sub(c1, c1, a0b0);
+ element_ptr c0 = a0b0;
+ element_sub(c0, c0, a1b1); // c0 == a0*b0 - a1*b1
+ element_set(e0, c0);
+ element_set(e1, c1);
+ element_clear(a0b0);
+ element_clear(a1b1);
+ element_clear(t0);
+ element_clear(t1);
+ element_clear(c1);
+}
+
+/* $e <- a^3$ */
+static void gf32m_cubic(element_t e, element_t a) {
+ element_ptr a0 = GF32M(a)->_0, a1 = GF32M(a)->_1, e0 = GF32M(e)->_0, e1 =
+ GF32M(e)->_1;
+ field_ptr base = BASE(a);
+ element_t c0, c1;
+ element_init(c0, base);
+ element_init(c1, base);
+ element_cubic(c0, a0);
+ element_cubic(c1, a1);
+ element_neg(c1, c1); // c1 == -(a1^3)
+ element_set(e0, c0);
+ element_set(e1, c1);
+ element_clear(c0);
+ element_clear(c1);
+}
+
+void field_clear_gf32m(field_t f) {
+ UNUSED_VAR(f);
+}
+
+/* initialize the finite field as $base_field[x]/(x^2 + 1)$, whose base field is $b$ */
+void field_init_gf32m(field_t f, field_t b) {
+ field_init(f);
+ f->data = b;
+ f->field_clear = field_clear_gf32m;
+ f->init = gf32m_init;
+ f->clear = gf32m_clear;
+ f->set = gf32m_assign;
+ f->set0 = gf32m_set0;
+ f->set1 = gf32m_set1;
+ f->random = gf32m_random;
+ f->cmp = gf32m_cmp;
+ f->add = gf32m_add;
+ f->sub = gf32m_sub;
+ f->neg = gf32m_neg;
+ f->mul = gf32m_mult;
+ f->cubic = gf32m_cubic;
+ f->item_count = gf32m_item_count;
+ f->item = gf32m_item;
+ f->out_str = gf32m_out_str;
+ mpz_pow_ui(f->order, b->order, 2);
+ f->name = "GF(3^{2*m})";
+}
+
+static size_t gf33m_out_str(FILE *stream, int base, element_t e) {
+ UNUSED_VAR(base);
+ element_ptr e0 = GF33M(e)->_0, e1 = GF33M(e)->_1, e2 = GF33M(e)->_2;
+ size_t size = 0;
+ size += element_out_str(stream, base, e0);
+ size += element_out_str(stream, base, e1);
+ size += element_out_str(stream, base, e2);
+ return size;
+}
+
+static void gf33m_init(element_t e) {
+ e->data = pbc_malloc(sizeof(gf33m_s));
+ gf33m_ptr p = (gf33m_ptr) e->data;
+ field_ptr base = BASE(e);
+ element_init(p->_0, base);
+ element_init(p->_1, base);
+ element_init(p->_2, base);
+}
+
+static void gf33m_clear(element_t e) {
+ gf33m_ptr p = (gf33m_ptr) e->data;
+ element_clear(p->_0);
+ element_clear(p->_1);
+ element_clear(p->_2);
+ pbc_free(e->data);
+}
+
+static void gf33m_set0(element_t e) {
+ element_ptr e0 = GF33M(e)->_0, e1 = GF33M(e)->_1, e2 = GF33M(e)->_2;
+ element_set0(e0);
+ element_set0(e1);
+ element_set0(e2);
+}
+
+static void gf33m_set1(element_t e) {
+ element_ptr e0 = GF33M(e)->_0, e1 = GF33M(e)->_1, e2 = GF33M(e)->_2;
+ element_set1(e0);
+ element_set0(e1);
+ element_set0(e2);
+}
+
+static int gf33m_item_count(element_t e) {
+ UNUSED_VAR(e);
+ return 3;
+}
+
+static element_ptr gf33m_item(element_t a, int i) {
+ element_ptr a0 = GF33M(a)->_0, a1 = GF33M(a)->_1, a2 = GF33M(a)->_2;
+ return i == 0 ? a0 : (i == 1 ? a1 : a2);
+}
+
+static void gf33m_assign(element_t e, element_t a) {
+ element_ptr a0 = GF33M(a)->_0, a1 = GF33M(a)->_1, a2 = GF33M(a)->_2, e0 =
+ GF33M(e)->_0, e1 = GF33M(e)->_1, e2 = GF33M(e)->_2;
+ element_set(e0, a0);
+ element_set(e1, a1);
+ element_set(e2, a2);
+}
+
+static void gf33m_random(element_t e) {
+ element_ptr e0 = GF33M(e)->_0, e1 = GF33M(e)->_1, e2 = GF33M(e)->_2;
+ element_random(e0);
+ element_random(e1);
+ element_random(e2);
+}
+
+/* return 0 if $a == b$, 1 otherwise */
+static int gf33m_cmp(element_t a, element_t b) {
+ element_ptr a0 = GF33M(a)->_0, a1 = GF33M(a)->_1, a2 = GF33M(a)->_2, b0 =
+ GF33M(b)->_0, b1 = GF33M(b)->_1, b2 = GF33M(b)->_2;
+ return element_cmp(a0, b0) || element_cmp(a1, b1) || element_cmp(a2, b2);
+}
+
+/* $c <- a+b$ */
+static void gf33m_add(element_t c, element_t a, element_t b) {
+ element_ptr a0 = GF33M(a)->_0, a1 = GF33M(a)->_1, a2 = GF33M(a)->_2, b0 =
+ GF33M(b)->_0, b1 = GF33M(b)->_1, b2 = GF33M(b)->_2, c0 =
+ GF33M(c)->_0, c1 = GF33M(c)->_1, c2 = GF33M(c)->_2;
+ element_add(c0, a0, b0);
+ element_add(c1, a1, b1);
+ element_add(c2, a2, b2);
+}
+
+/* $c <- a-b$ */
+static void gf33m_sub(element_t c, element_t a, element_t b) {
+ element_ptr a0 = GF33M(a)->_0, a1 = GF33M(a)->_1, a2 = GF33M(a)->_2, b0 =
+ GF33M(b)->_0, b1 = GF33M(b)->_1, b2 = GF33M(b)->_2, c0 =
+ GF33M(c)->_0, c1 = GF33M(c)->_1, c2 = GF33M(c)->_2;
+ element_sub(c0, a0, b0);
+ element_sub(c1, a1, b1);
+ element_sub(c2, a2, b2);
+}
+
+/* $c <- a*b$ */
+static void gf33m_mult(element_t e, element_t a, element_t b) {
+ element_ptr a0 = GF33M(a)->_0, a1 = GF33M(a)->_1, a2 = GF33M(a)->_2, b0 =
+ GF33M(b)->_0, b1 = GF33M(b)->_1, b2 = GF33M(b)->_2, e0 =
+ GF33M(e)->_0, e1 = GF33M(e)->_1, e2 = GF33M(e)->_2;
+ field_ptr base = BASE(e);
+ element_t t0, t1, c1, a0b0, a1b1, a2b2;
+ element_init(t0, base);
+ element_init(t1, base);
+ element_init(c1, base);
+ element_init(a0b0, base);
+ element_init(a1b1, base);
+ element_init(a2b2, base);
+ element_mul(a0b0, a0, b0);
+ element_mul(a1b1, a1, b1);
+ element_mul(a2b2, a2, b2);
+ element_ptr d0 = a0b0;
+ element_add(t0, a1, a0);
+ element_add(t1, b1, b0);
+ element_t d1;
+ element_init(d1, base);
+ element_mul(d1, t0, t1);
+ element_sub(d1, d1, a1b1);
+ element_sub(d1, d1, a0b0);
+ element_add(t0, a2, a0);
+ element_add(t1, b2, b0);
+ element_t d2;
+ element_init(d2, base);
+ element_mul(d2, t0, t1);
+ element_add(d2, d2, a1b1);
+ element_sub(d2, d2, a2b2);
+ element_sub(d2, d2, a0b0);
+ element_add(t0, a2, a1);
+ element_add(t1, b2, b1);
+ element_t d3;
+ element_init(d3, base);
+ element_mul(d3, t0, t1);
+ element_sub(d3, d3, a2b2);
+ element_sub(d3, d3, a1b1);
+ element_ptr d4 = a2b2;
+ element_add(t0, d0, d3);
+ element_ptr c0 = t0;
+ element_add(c1, d1, d3);
+ element_add(c1, c1, d4);
+ element_add(t1, d2, d4);
+ element_ptr c2 = t1;
+ element_set(e0, c0);
+ element_set(e1, c1);
+ element_set(e2, c2);
+ element_clear(t0);
+ element_clear(t1);
+ element_clear(c1);
+ element_clear(a0b0);
+ element_clear(a1b1);
+ element_clear(a2b2);
+ element_clear(d1);
+ element_clear(d2);
+ element_clear(d3);
+}
+
+/* $e <- a^3$ */
+static void gf33m_cubic(element_t e, element_t a) {
+ field_ptr base = BASE(a);
+ element_ptr a0 = GF33M(a)->_0, a1 = GF33M(a)->_1, a2 = GF33M(a)->_2, e0 =
+ GF33M(e)->_0, e1 = GF33M(e)->_1, e2 = GF33M(e)->_2;
+ element_t a03, a13, a23;
+ element_init(a03, base);
+ element_init(a13, base);
+ element_init(a23, base);
+ element_cubic(a03, a0);
+ element_cubic(a13, a1);
+ element_cubic(a23, a2);
+ element_add(a03, a03, a13);
+ element_add(a03, a03, a23);
+ element_ptr c0 = a03;
+ element_sub(a13, a13, a23);
+ element_ptr c1 = a13;
+ element_ptr c2 = a23;
+ element_set(e0, c0);
+ element_set(e1, c1);
+ element_set(e2, c2);
+ element_clear(a03);
+ element_clear(a13);
+ element_clear(a23);
+}
+
+/* $e <- a^{-1}$ */
+static void gf33m_invert(element_t e, element_t a) {
+ element_ptr a0 = GF33M(a)->_0, a1 = GF33M(a)->_1, a2 = GF33M(a)->_2, e0 =
+ GF33M(e)->_0, e1 = GF33M(e)->_1, e2 = GF33M(e)->_2;
+ field_ptr base = BASE(e);
+ element_t a02, a12, a22;
+ element_init(a02, base);
+ element_init(a12, base);
+ element_init(a22, base);
+ element_mul(a02, a0, a0);
+ element_mul(a12, a1, a1);
+ element_mul(a22, a2, a2);
+ element_t v0;
+ element_init(v0, base);
+ element_sub(v0, a0, a2); // v0 == a0-a2
+ element_t delta;
+ element_init(delta, base);
+ element_mul(delta, v0, a02); // delta = (a0-a2)*(a0^2), free
+ element_sub(v0, a1, a0); // v0 == a1-a0
+ element_t c0;
+ element_init(c0, base);
+ element_mul(c0, v0, a12); // c0 == (a1-a0)*(a1^2)
+ element_add(delta, delta, c0); // delta = (a0-a2)*(a0^2) + (a1-a0)*(a1^2)
+ element_sub(v0, a2, v0); // v0 == a2-(a1-a0) = a0-a1+a2
+ element_t c1;
+ element_init(c1, base);
+ element_mul(c1, v0, a22); // c1 == (a0-a1+a2)*(a2^2)
+ element_add(delta, delta, c1); // delta = (a0-a2)*(a0^2) + (a1-a0)*(a1^2) + (a0-a1+a2)*(a2^2)
+ element_invert(delta, delta); // delta = [(a0-a2)*(a0^2) + (a1-a0)*(a1^2) + (a0-a1+a2)*(a2^2)] ^ {-1}
+ element_add(v0, a02, a22); // v0 == a0^2+a2^2
+ element_t c2;
+ element_init(c2, base);
+ element_mul(c2, a0, a2); // c2 == a0*a2
+ element_sub(c0, v0, c2); // c0 == a0^2+a2^2-a0*a2
+ element_add(v0, a1, a2); // v0 == a1+a2
+ element_t c3;
+ element_init(c3, base);
+ element_mul(c3, a1, v0); // c3 == a1*(a1+a2)
+ element_sub(c0, c0, c3); // c0 == a0^2+a2^2-a0*a2-a1*(a1+a2)
+ element_mul(c0, c0, delta); // c0 *= delta
+ element_mul(c1, a0, a1); // c1 == a0*a1
+ element_sub(c1, a22, c1); // c1 == a2^2-a0*a1
+ element_mul(c1, c1, delta); // c1 *= delta
+ element_sub(c2, a12, c2); // c2 == a1^2-a0*a2
+ element_sub(c2, c2, a22); // c2 == a1^2-a0*a2-a2^2
+ element_mul(c2, c2, delta); // c2 *= delta
+ element_set(e0, c0);
+ element_set(e1, c1);
+ element_set(e2, c2);
+ element_clear(a02);
+ element_clear(a12);
+ element_clear(a22);
+ element_clear(v0);
+ element_clear(delta);
+ element_clear(c0);
+ element_clear(c1);
+ element_clear(c2);
+ element_clear(c3);
+}
+
+void field_clear_gf33m(field_t f) {
+ UNUSED_VAR(f);
+}
+
+/* initialize the finite field as $base_field[x]/(x^3 - x - 1)$, whose base field is $b$ */
+void field_init_gf33m(field_t f, field_t b) {
+ field_init(f);
+ f->data = b;
+ f->field_clear = field_clear_gf33m;
+ f->init = gf33m_init;
+ f->clear = gf33m_clear;
+ f->set = gf33m_assign;
+ f->set0 = gf33m_set0;
+ f->set1 = gf33m_set1;
+ f->random = gf33m_random;
+ f->cmp = gf33m_cmp;
+ f->add = gf33m_add;
+ f->sub = gf33m_sub;
+ f->mul = gf33m_mult;
+ f->cubic = gf33m_cubic;
+ f->invert = gf33m_invert;
+ f->item_count = gf33m_item_count;
+ f->item = gf33m_item;
+ f->out_str = gf33m_out_str;
+ mpz_pow_ui(f->order, b->order, 3);
+ f->name = "GF(3^{3*m})";
+}
+
diff --git a/moon-abe/pbc-0.5.14/arith/tinyfp.c b/moon-abe/pbc-0.5.14/arith/tinyfp.c
new file mode 100644
index 00000000..50e883e1
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/arith/tinyfp.c
@@ -0,0 +1,304 @@
+// F_p for small p, i.e. at most sizeof(long) bytes long.
+// Assumes long long is at least twice long.
+
+// TODO: Fix outstanding bugs and use in PBC.
+
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h>
+#include <string.h>
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_random.h"
+#include "pbc_fp.h"
+#include "pbc_memory.h"
+
+// Mostly wrappers. We use GMP routines for pow_mpz and invert.
+
+static void fp_init(element_ptr e) {
+ unsigned long *p = e->data = pbc_malloc(sizeof(unsigned long));
+ *p = 0;
+}
+
+static void fp_clear(element_ptr e) {
+ pbc_free(e->data);
+}
+
+static void fp_set_mpz(element_ptr e, mpz_ptr z) {
+ mpz_t r;
+ mpz_init(r);
+ unsigned long *p = e->field->data;
+ unsigned long *l = e->data;
+ mpz_fdiv_r_ui(r, z, *p);
+ *l = mpz_get_ui(r);
+ mpz_clear(r);
+}
+
+static void fp_set_si(element_ptr e, signed long int op) {
+ unsigned long int *d = e->data;
+ unsigned long *p = e->field->data;
+ if (op < 0) {
+ *d = (-op) % *p;
+ *d = *p - *d;
+ } else {
+ *d = op % *p;
+ }
+}
+
+static void fp_to_mpz(mpz_ptr z, element_ptr e) {
+ unsigned long int *l = e->data;
+ mpz_set_ui(z, *l);
+}
+
+static void fp_set0(element_ptr e) {
+ unsigned long int *l = e->data;
+ *l = 0;
+}
+
+static void fp_set1(element_ptr e) {
+ unsigned long int *l = e->data;
+ *l = 1;
+}
+
+static int fp_is1(element_ptr e) {
+ unsigned long int *l = e->data;
+ return *l == 1;
+}
+
+static int fp_is0(element_ptr e) {
+ unsigned long int *l = e->data;
+ return *l == 0;
+}
+
+static size_t fp_out_str(FILE *stream, int base, element_ptr e) {
+ size_t result;
+ mpz_t z;
+ mpz_init(z);
+ fp_to_mpz(z, e);
+ result = mpz_out_str(stream, base, z);
+ mpz_clear(z);
+ return result;
+}
+
+static void fp_add(element_ptr c, element_ptr a, element_ptr b) {
+ unsigned long *prime = a->field->data;
+ unsigned long *p = a->data;
+ unsigned long *q = b->data;
+ unsigned long *r = c->data;
+ unsigned long l0;
+ l0 = *p + *q;
+ if (l0 < *p) {
+ //overflow
+ l0 -= *prime;
+ }
+ *r = l0 % *prime;
+}
+
+static void fp_double(element_ptr c, element_ptr a) {
+ unsigned long *prime = a->field->data;
+ unsigned long *p = a->data;
+ unsigned long *r = c->data;
+ *r = 2 * *p;
+ if (*r < *p) {
+ //overflow
+ *r -= *prime;
+ }
+ *r = *r % *prime;
+}
+
+static void fp_sub(element_ptr c, element_ptr a, element_ptr b) {
+ unsigned long *prime = a->field->data;
+ unsigned long *p = a->data;
+ unsigned long *q = b->data;
+ unsigned long *r = c->data;
+
+ if (*p >= *q) {
+ *r = *p - *q;
+ } else {
+ *r = *prime - *q + *p;
+ }
+}
+
+static void fp_mul(element_ptr c, element_ptr a, element_ptr b) {
+ unsigned long *prime = a->field->data;
+ unsigned long *p = a->data;
+ unsigned long *q = b->data;
+ unsigned long long ll;
+ unsigned long *r = c->data;
+
+ ll = *p * *q;
+ *r = ll % *prime;
+}
+
+static void fp_square(element_ptr c, element_ptr a) {
+ fp_mul(c, a, a);
+}
+
+static void fp_neg(element_ptr c, element_ptr a) {
+ unsigned long *prime = a->field->data;
+ unsigned long *r = c->data;
+ unsigned long *p = a->data;
+ if (*p) {
+ *r = *prime - *p;
+ } else {
+ *r = 0;
+ }
+}
+
+static void fp_mul_si(element_ptr c, element_ptr a, signed long int op) {
+ unsigned long *prime = a->field->data;
+ unsigned long *p = a->data;
+ unsigned long long ll;
+ unsigned long *r = c->data;
+
+ ll = *p * op;
+ *r = ll % *prime;
+}
+
+static void fp_pow_mpz(element_ptr c, element_ptr a, mpz_ptr op) {
+ unsigned long *r = c->data;
+ mpz_t z;
+ mpz_init(z);
+ fp_to_mpz(z, a);
+ mpz_powm(z, z, op, a->field->order);
+ *r = mpz_get_ui(z);
+ mpz_clear(z);
+}
+
+static void fp_set(element_ptr c, element_ptr a) {
+ unsigned long *p = a->data;
+ unsigned long *r = c->data;
+ *r = *p;
+}
+
+static void fp_invert(element_ptr c, element_ptr a) {
+ unsigned long *r = c->data;
+ mpz_t z;
+ mpz_init(z);
+ fp_to_mpz(z, a);
+ mpz_invert(z, z, a->field->order);
+ *r = mpz_get_ui(z);
+ mpz_clear(z);
+}
+
+static void fp_random(element_ptr c) {
+ unsigned long *r = c->data;
+ mpz_t z;
+ mpz_init(z);
+ pbc_mpz_random(z, c->field->order);
+ *r = mpz_get_ui(z);
+ mpz_clear(z);
+}
+
+static void fp_from_hash(element_ptr n, void *data, int len) {
+ mpz_t z;
+
+ mpz_init(z);
+ mpz_import(z, len, -1, 1, -1, 0, data);
+ fp_set_mpz(n, z);
+ mpz_clear(z);
+}
+
+static int fp_cmp(element_ptr a, element_ptr b) {
+ unsigned long *p = a->data;
+ unsigned long *q = b->data;
+ return *p != *q;
+}
+
+static int fp_sgn_odd(element_ptr a) {
+ unsigned long *p = a->data;
+ if (!*p) return 0;
+ return *p & 1 ? 1 : -1;
+}
+
+static int fp_is_sqr(element_ptr a) {
+ int res;
+ mpz_t z;
+ mpz_init(z);
+ //0 is a square
+ if (fp_is0(a)) return 1;
+ fp_to_mpz(z, a);
+ res = mpz_legendre(z, a->field->order) == 1;
+ mpz_clear(z);
+ return res;
+}
+
+static int fp_to_bytes(unsigned char *data, element_t e) {
+ unsigned long *p = e->data;
+ unsigned long l = *p;
+ int i, n = e->field->fixed_length_in_bytes;
+ for (i = 0; i < n; i++) {
+ data[n - i - 1] = (unsigned char) l;
+ l >>= 8;
+ }
+ return n;
+}
+
+static int fp_from_bytes(element_t e, unsigned char *data) {
+ unsigned char *ptr = data;
+ unsigned long *p = e->data;
+ int i, n = e->field->fixed_length_in_bytes;
+ *p = 0;
+ for (i=0; i<n; i++) {
+ *p <<= 8;
+ *p += *ptr;
+ ptr++;
+ }
+ return n;
+}
+
+static void fp_field_clear(field_t f) {
+ pbc_free(f->data);
+}
+
+void field_init_tiny_fp(field_ptr f, mpz_t prime) {
+ unsigned long *p;
+
+ PBC_ASSERT(mpz_fits_ulong_p(prime), "modulus too big");
+
+ field_init(f);
+ f->init = fp_init;
+ f->clear = fp_clear;
+ f->set_si = fp_set_si;
+ f->set_mpz = fp_set_mpz;
+ f->out_str = fp_out_str;
+ f->add = fp_add;
+ f->sub = fp_sub;
+ f->set = fp_set;
+ f->mul = fp_mul;
+ f->mul_si = fp_mul_si;
+ f->square = fp_square;
+ f->doub = fp_double;
+ f->pow_mpz = fp_pow_mpz;
+ f->neg = fp_neg;
+ f->cmp = fp_cmp;
+ f->sign = fp_sgn_odd;
+ f->invert = fp_invert;
+ f->random = fp_random;
+ f->from_hash = fp_from_hash;
+ f->is1 = fp_is1;
+ f->is0 = fp_is0;
+ f->set0 = fp_set0;
+ f->set1 = fp_set1;
+ f->is_sqr = fp_is_sqr;
+ f->sqrt = element_tonelli;
+ f->field_clear = fp_field_clear;
+ f->to_bytes = fp_to_bytes;
+ f->from_bytes = fp_from_bytes;
+ f->to_mpz = fp_to_mpz;
+
+ p = f->data = pbc_malloc(sizeof(long));
+ *p = mpz_get_ui(prime);
+ {
+ unsigned long int l = 255;
+ f->fixed_length_in_bytes = 1;
+ while (l < *p) {
+ f->fixed_length_in_bytes++;
+ l <<= 8;
+ l += 255;
+ }
+ }
+ mpz_set(f->order, prime);
+}
diff --git a/moon-abe/pbc-0.5.14/arith/z.c b/moon-abe/pbc-0.5.14/arith/z.c
new file mode 100644
index 00000000..ff5a4a97
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/arith/z.c
@@ -0,0 +1,263 @@
+// The ring Z.
+//
+// Wrappers around GMP mpz functions.
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h>
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_z.h"
+#include "pbc_random.h"
+#include "pbc_fp.h"
+#include "pbc_memory.h"
+
+static void z_init(element_ptr e) {
+ e->data = pbc_malloc(sizeof(mpz_t));
+ mpz_init(e->data);
+}
+
+static void z_clear(element_ptr e) {
+ mpz_clear(e->data);
+ pbc_free(e->data);
+}
+
+static void z_set_si(element_ptr e, signed long int op) {
+ mpz_set_si(e->data, op);
+}
+
+static void z_set_mpz(element_ptr e, mpz_ptr z) {
+ mpz_set(e->data, z);
+}
+
+static void z_set0(element_ptr e) {
+ mpz_set_ui(e->data, 0);
+}
+
+static void z_set1(element_ptr e) {
+ mpz_set_ui(e->data, 1);
+}
+
+static size_t z_out_str(FILE *stream, int base, element_ptr e) {
+ return mpz_out_str(stream, base, e->data);
+}
+
+static int z_sgn(element_ptr a) {
+ mpz_ptr z = a->data;
+ return mpz_sgn(z);
+}
+
+static void z_add(element_ptr n, element_ptr a, element_ptr b) {
+ mpz_add(n->data, a->data, b->data);
+}
+
+static void z_sub(element_ptr n, element_ptr a, element_ptr b) {
+ mpz_sub(n->data, a->data, b->data);
+}
+
+static void z_square(element_ptr c, element_ptr a) {
+ mpz_mul(c->data, a->data, a->data);
+}
+
+static void z_double(element_ptr n, element_ptr a) {
+ mpz_mul_2exp(n->data, a->data, 1);
+}
+
+static void z_halve(element_ptr n, element_ptr a) {
+ mpz_tdiv_q_2exp(n->data, a->data, -1);
+}
+
+static void z_mul(element_ptr n, element_ptr a, element_ptr b) {
+ mpz_mul(n->data, a->data, b->data);
+}
+
+static void z_mul_mpz(element_ptr n, element_ptr a, mpz_ptr z) {
+ mpz_mul(n->data, a->data, z);
+}
+
+static void z_mul_si(element_ptr n, element_ptr a, signed long int z) {
+ mpz_mul_si(n->data, a->data, z);
+}
+
+static void z_pow_mpz(element_ptr n, element_ptr a, mpz_ptr z) {
+ mpz_pow_ui(n->data, a->data, mpz_get_ui(z));
+}
+
+static void z_set(element_ptr n, element_ptr a) {
+ mpz_set(n->data, a->data);
+}
+
+static void z_neg(element_ptr n, element_ptr a) {
+ mpz_neg(n->data, a->data);
+}
+
+static void z_invert(element_ptr n, element_ptr a) {
+ if (!mpz_cmpabs_ui(a->data, 1)) {
+ mpz_set(n->data, a->data);
+ } else mpz_set_ui(n->data, 0);
+}
+
+static void z_div(element_ptr c, element_ptr a, element_ptr b) {
+ mpz_tdiv_q(c->data, a->data, b->data);
+}
+
+//(doesn't make sense if order is infinite)
+static void z_random(element_ptr n) {
+ mpz_set_ui(n->data, 0);
+}
+
+static void z_from_hash(element_ptr n, void *data, int len) {
+ mpz_import(n->data, len, -1, 1, -1, 0, data);
+}
+
+static int z_is1(element_ptr n) {
+ return !mpz_cmp_ui((mpz_ptr) n->data, 1);
+}
+
+static int z_is0(element_ptr n) {
+ return mpz_is0(n->data);
+}
+
+static int z_cmp(element_ptr a, element_ptr b) {
+ return mpz_cmp((mpz_ptr) a->data, (mpz_ptr) b->data);
+}
+
+static int z_is_sqr(element_ptr a) {
+ return mpz_perfect_power_p(a->data);
+}
+
+static void z_sqrt(element_ptr c, element_ptr a) {
+ mpz_sqrt(c->data, a->data);
+}
+
+static void z_field_clear(field_t f) {
+ UNUSED_VAR (f);
+}
+
+// OpenSSL convention:
+// 4 bytes containing length
+// followed by number in big-endian, most-significant bit set if negative
+// (prepending null byte if necessary)
+// Positive numbers also the same as mpz_out_raw.
+static int z_to_bytes(unsigned char *data, element_t e) {
+ mpz_ptr z = e->data;
+ size_t msb = mpz_sizeinbase(z, 2);
+ size_t n = 4;
+ size_t i;
+
+ if (!(msb % 8)) {
+ data[4] = 0;
+ n++;
+ }
+ if (mpz_sgn(z) < 0) {
+ mpz_export(data + n, NULL, 1, 1, 1, 0, z);
+ data[4] |= 128;
+ } else {
+ mpz_export(data + n, NULL, 1, 1, 1, 0, z);
+ }
+ n += (msb + 7) / 8 - 4;
+ for (i=0; i<4; i++) {
+ data[i] = (n >> 8 * (3 - i));
+ }
+ n += 4;
+
+ return n;
+}
+
+static int z_from_bytes(element_t e, unsigned char *data) {
+ unsigned char *ptr;
+ size_t i, n;
+ mpz_ptr z = e->data;
+ mpz_t z1;
+ int neg = 0;
+
+ mpz_init(z1);
+ mpz_set_ui(z, 0);
+
+ ptr = data;
+ n = 0;
+ for (i=0; i<4; i++) {
+ n += ((unsigned int) *ptr) << 8 * (3 - i);
+ ptr++;
+ }
+ if (data[4] & 128) {
+ neg = 1;
+ data[4] &= 127;
+ }
+ for (i=0; i<n; i++) {
+ mpz_set_ui(z1, *ptr);
+ mpz_mul_2exp(z1, z1, 8 * (n - 1 - i));
+ ptr++;
+ mpz_add(z, z, z1);
+ }
+ mpz_clear(z1);
+ if (neg) mpz_neg(z, z);
+ return n;
+}
+
+static void z_to_mpz(mpz_ptr z, element_ptr a) {
+ mpz_set(z, a->data);
+}
+
+static int z_length_in_bytes(element_ptr a) {
+ return (mpz_sizeinbase(a->data, 2) + 7) / 8 + 4;
+}
+
+static void z_out_info(FILE *out, field_ptr f) {
+ UNUSED_VAR(f);
+ fprintf(out, "Z: wrapped GMP");
+}
+
+static int z_set_str(element_ptr e, const char *s, int base) {
+ mpz_t z;
+ mpz_init(z);
+ int result = pbc_mpz_set_str(z, s, base);
+ z_set_mpz(e, z);
+ mpz_clear(z);
+ return result;
+}
+
+void field_init_z(field_ptr f) {
+ field_init(f);
+ f->init = z_init;
+ f->clear = z_clear;
+ f->set_si = z_set_si;
+ f->set_mpz = z_set_mpz;
+ f->set_str = z_set_str;
+ f->out_str = z_out_str;
+ f->sign = z_sgn;
+ f->add = z_add;
+ f->sub = z_sub;
+ f->set = z_set;
+ f->square = z_square;
+ f->doub = z_double;
+ f->halve = z_halve;
+ f->mul = z_mul;
+ f->mul_mpz = z_mul_mpz;
+ f->mul_si = z_mul_si;
+ f->pow_mpz = z_pow_mpz;
+ f->neg = z_neg;
+ f->cmp = z_cmp;
+ f->invert = z_invert;
+ f->div = z_div;
+ f->random = z_random;
+ f->from_hash = z_from_hash;
+ f->is1 = z_is1;
+ f->is0 = z_is0;
+ f->set0 = z_set0;
+ f->set1 = z_set1;
+ f->is_sqr = z_is_sqr;
+ f->sqrt = z_sqrt;
+ f->field_clear = z_field_clear;
+ f->to_bytes = z_to_bytes;
+ f->from_bytes = z_from_bytes;
+ f->to_mpz = z_to_mpz;
+ f->length_in_bytes = z_length_in_bytes;
+
+ f->out_info = z_out_info;
+
+ mpz_set_ui(f->order, 0);
+ f->data = NULL;
+ f->fixed_length_in_bytes = -1;
+}
diff --git a/moon-abe/pbc-0.5.14/benchmark/REPORT.BAT b/moon-abe/pbc-0.5.14/benchmark/REPORT.BAT
new file mode 100644
index 00000000..c617b436
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/benchmark/REPORT.BAT
@@ -0,0 +1,18 @@
+@echo off
+rem Batch file for timing various pairings
+echo A
+benchmark < a.param | find "average"
+echo D159
+benchmark < d159.param | find "average"
+echo D201
+benchmark < d201.param | find "average"
+echo D224
+benchmark < d224.param | find "average"
+echo E
+benchmark < e.param | find "average"
+echo F
+benchmark < f.param | find "average"
+echo G
+benchmark < g149.param | find "average"
+echo A1
+benchmark < a1.param | find "average"
diff --git a/moon-abe/pbc-0.5.14/benchmark/benchmark.c b/moon-abe/pbc-0.5.14/benchmark/benchmark.c
new file mode 100644
index 00000000..b80c1554
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/benchmark/benchmark.c
@@ -0,0 +1,109 @@
+#include <stdint.h> // for intptr_t
+#include "pbc.h"
+#include "pbc_test.h"
+
+/* I've heard that sometimes automatic garbage collection can outperform
+ * manual collection, so I briefly tried using the Boehm-Demers-Weiser GC
+ * library. Both GMP and PBC support custom memory allocation routines so
+ * incorporating the GC library is trivial.
+ *
+ * Automatic garbage collection appears to slow this program down a little,
+ * even if only PBC collects automatically. (The case where PBC collects
+ * manually but GMP collects automatically cannot be achieved with the GC
+ * library because PBC objects point at GMP objects.)
+ *
+ * Perhaps specially-tailored memory allocation routines could shave off
+ * some time, but one would have to thoroughly analyze PBC and GMP memory usage
+ * patterns.
+ *
+ * Below is the commented-out code that collects garbage for PBC. Of course,
+ * if you want to use it you must also tell the build system where to find
+ * gc.h and to link with the GC library.
+ *
+ * Also, you may wish to write similar code for GMP (which I unfortunately
+ * deleted before thinking that it might be useful for others).
+ * Note GC_MALLOC_ATOMIC may be used for GMP since the mpz_t type does not
+ * store pointers in the memory it allocates.
+ *
+ * The malloc and realloc functions should exit on failure but I didn't
+ * bother since I was only seeing if GC could speed up this program.
+
+#include <gc.h>
+#include <pbc_utils.h>
+
+void *gc_alloc(size_t size) {
+ return GC_MALLOC(size);
+}
+
+void *gc_realloc(void *ptr, size_t size) {
+ return GC_REALLOC(ptr, size);
+}
+
+void gc_free(void *ptr) {
+ UNUSED_VAR(ptr);
+}
+
+ * The following should be the first two statements in main()
+
+GC_INIT();
+pbc_set_memory_functions(gc_alloc, gc_realloc, gc_free);
+
+ */
+
+int main(int argc, char **argv) {
+ pairing_t pairing;
+ element_t x, y, r, r2;
+ int i, n;
+ double t0, t1, ttotal, ttotalpp;
+ pairing_pp_t pp;
+
+ // Cheat for slightly faster times:
+ // pbc_set_memory_functions(malloc, realloc, free);
+
+ pbc_demo_pairing_init(pairing, argc, argv);
+
+ element_init_G1(x, pairing);
+ element_init_G2(y, pairing);
+ element_init_GT(r, pairing);
+ element_init_GT(r2, pairing);
+
+ n = 10;
+ ttotal = 0.0;
+ ttotalpp = 0.0;
+ for (i=0; i<n; i++) {
+ element_random(x);
+ element_random(y);
+
+ pairing_pp_init(pp, x, pairing);
+ t0 = pbc_get_time();
+ pairing_pp_apply(r, y, pp);
+ t1 = pbc_get_time();
+ ttotalpp += t1 - t0;
+ pairing_pp_clear(pp);
+
+ t0 = pbc_get_time();
+
+ element_pairing(r2, x, y);
+ t1 = pbc_get_time();
+ ttotal += t1 - t0;
+
+ element_printf("x = %B\n", x);
+ element_printf("y = %B\n", y);
+ element_printf("e(x,y) = %B\n", r);
+ if (element_cmp(r, r2)) {
+ printf("BUG!\n");
+ exit(1);
+ }
+ }
+ printf("average pairing time = %f\n", ttotal / n);
+ printf("average pairing time (preprocessed) = %f\n", ttotalpp / n);
+
+ element_clear(x);
+ element_clear(y);
+ element_clear(r);
+ element_clear(r2);
+
+ pairing_clear(pairing);
+
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/benchmark/ellnet.c b/moon-abe/pbc-0.5.14/benchmark/ellnet.c
new file mode 100644
index 00000000..8a866a65
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/benchmark/ellnet.c
@@ -0,0 +1,65 @@
+#include <pbc.h>
+#include "pbc_test.h"
+
+void time_pairing(pairing_ptr pairing) {
+ int i, n;
+ double t0, t1, ttotal, ttotalpp;
+ pairing_pp_t pp;
+ element_t x, y, r, r2;
+ element_init_G1(x, pairing);
+ element_init_G2(y, pairing);
+ element_init_GT(r, pairing);
+ element_init_GT(r2, pairing);
+
+ n = 10;
+ ttotal = 0.0;
+ ttotalpp = 0.0;
+ for (i=0; i<n; i++) {
+ element_random(x);
+ element_random(y);
+
+ pairing_pp_init(pp, x, pairing);
+ t0 = pbc_get_time();
+ pairing_pp_apply(r, y, pp);
+ t1 = pbc_get_time();
+ ttotalpp += t1 - t0;
+ pairing_pp_clear(pp);
+
+ t0 = pbc_get_time();
+ element_pairing(r2, x, y);
+ t1 = pbc_get_time();
+ ttotal += t1 - t0;
+
+ //element_printf("x = %B\n", x);
+ //element_printf("y = %B\n", y);
+ //element_printf("e(x,y) = %B\n", r);
+ if (element_cmp(r, r2)) {
+ printf("BUG!\n");
+ exit(1);
+ }
+ }
+ printf("average pairing time = %f\n", ttotal / n);
+ printf("average pairing time (preprocessed) = %f\n", ttotalpp / n);
+
+ element_clear(x);
+ element_clear(y);
+ element_clear(r);
+ element_clear(r2);
+}
+
+int main(int argc, char **argv) {
+ pairing_t pairing;
+
+ pbc_demo_pairing_init(pairing, argc, argv);
+
+ printf("Miller's algorithm\n");
+ time_pairing(pairing);
+
+ pairing_option_set(pairing, "method", "shipsey-stange");
+ printf("Shipsey-Stange algorithm\n");
+ time_pairing(pairing);
+
+ pairing_clear(pairing);
+
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/benchmark/multipairing.c b/moon-abe/pbc-0.5.14/benchmark/multipairing.c
new file mode 100644
index 00000000..39c9ce77
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/benchmark/multipairing.c
@@ -0,0 +1,62 @@
+// Compares dedicated multipairing (product of pairings) routine with naive
+// method.
+#include <pbc.h>
+#include "pbc_test.h"
+
+int main(int argc, char **argv) {
+ enum { K = 5 };
+ pairing_t pairing;
+ element_t x[K], y[K], r, r2, tmp;
+ int i, n;
+ double t0, t1, ttotal, ttotalm;
+
+ pbc_demo_pairing_init(pairing, argc, argv);
+
+ for(i = 0; i < K; i++) {
+ element_init_G1(x[i], pairing);
+ element_init_G2(y[i], pairing);
+ }
+ element_init_GT(r, pairing);
+ element_init_GT(r2, pairing);
+ element_init_GT(tmp, pairing);
+
+ n = 10;
+ ttotal = 0.0;
+ ttotalm = 0.0;
+ for (i=0; i<n; i++) {
+ int j;
+ for(j = 0; j < K; j++) {
+ element_random(x[j]);
+ element_random(y[j]);
+ }
+
+ t0 = pbc_get_time();
+ element_prod_pairing(r, x, y, K);
+ t1 = pbc_get_time();
+ ttotalm += t1 - t0;
+
+ t0 = pbc_get_time();
+ element_pairing(r2, x[0], y[0]);
+ for(j = 1; j < K; j++) {
+ element_pairing(tmp, x[j], y[j]);
+ element_mul(r2, r2, tmp);
+ }
+ t1 = pbc_get_time();
+ ttotal += t1 - t0;
+
+ element_printf("e(x,y) = %B\n", r);
+ EXPECT(!element_cmp(r, r2));
+ }
+ printf("average pairing time = %f\n", ttotal / n);
+ printf("average multi-pairing time = %f\n", ttotalm / n);
+
+ for(i = 0; i < K; i++) {
+ element_clear(x[i]);
+ element_clear(y[i]);
+ }
+ element_clear(r);
+ element_clear(r2);
+
+ pairing_clear(pairing);
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/benchmark/report_times b/moon-abe/pbc-0.5.14/benchmark/report_times
new file mode 100644
index 00000000..d296efd4
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/benchmark/report_times
@@ -0,0 +1,7 @@
+#!/bin/bash
+#report pairing times for each type of parameter
+for p in a d159 d201 d224 e f g149 a1
+do
+ echo -en $p'\t'
+ benchmark/benchmark < param/$p.param | awk '/time =/ {printf "%s", $5 "\t" } /prepro/ {print $6}'
+done
diff --git a/moon-abe/pbc-0.5.14/benchmark/timersa.c b/moon-abe/pbc-0.5.14/benchmark/timersa.c
new file mode 100644
index 00000000..53a64cfb
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/benchmark/timersa.c
@@ -0,0 +1,83 @@
+#include <pbc.h>
+#include "pbc_fp.h"
+#include "pbc_test.h"
+
+int main(void) {
+ mpz_t p, q, N, d;
+ mpz_t dmp1, dmq1;
+ mpz_t ipmq, iqmp;
+ mpz_t adq, adp;
+
+ field_t f;
+ element_t a, b;
+ double t0, t1, tnaive = 0, tcrt=0;
+ int i, n;
+
+ mpz_init(p);
+ mpz_init(q);
+ mpz_init(N);
+ mpz_init(d);
+ mpz_init(dmp1);
+ mpz_init(dmq1);
+ mpz_init(ipmq);
+ mpz_init(iqmp);
+ mpz_init(adp);
+ mpz_init(adq);
+ pbc_mpz_randomb(p, 512);
+ pbc_mpz_randomb(q, 512);
+ mpz_nextprime(p, p);
+ mpz_nextprime(q, q);
+ mpz_mul(N, p, q);
+ mpz_invert(ipmq, p, q);
+ mpz_invert(iqmp, q, p);
+
+ field_init_fp(f, N);
+ element_init(a, f);
+ element_init(b, f);
+ n = 10;
+ for (i=0; i<n; i++) {
+ pbc_mpz_random(d, N);
+ element_random(a);
+ t0 = pbc_get_time();
+ element_pow_mpz(b, a, d);
+ t1 = pbc_get_time();
+ tnaive += t1 - t0;
+
+ mpz_sub_ui(p, p, 1);
+ mpz_sub_ui(q, q, 1);
+
+ mpz_mod(dmp1, d, p);
+ mpz_mod(dmq1, d, q);
+
+ mpz_add_ui(p, p, 1);
+ mpz_add_ui(q, q, 1);
+
+ element_to_mpz(adq, a);
+ element_to_mpz(adp, a);
+
+ t0 = pbc_get_time();
+ mpz_powm(adp, adp, d, p);
+ mpz_powm(adq, adq, d, q);
+
+ /* textbook CRT
+ mpz_mul(adp, adp, q);
+ mpz_mul(adp, adp, iqmp);
+ mpz_mul(adq, adq, p);
+ mpz_mul(adq, adq, ipmq);
+ mpz_add(adp, adp, adq);
+ */
+ // Garner's algorithm
+ mpz_sub(adq, adq, adp);
+ mpz_mul(adq, adq, ipmq);
+ mpz_mod(adq, adq, q);
+ mpz_mul(adq, adq, p);
+ mpz_add(adp, adp, adq);
+
+ t1 = pbc_get_time();
+ tcrt += t1 - t0;
+ element_set_mpz(b, adp);
+ }
+ printf("average RSA exp time = %lf\n", tnaive / n);
+ printf("average RSA exp time (CRT) = %lf\n", tcrt / n);
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/configure.ac b/moon-abe/pbc-0.5.14/configure.ac
new file mode 100644
index 00000000..79f564a1
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/configure.ac
@@ -0,0 +1,191 @@
+#-*- Autoconf -*-
+# Process this file with autoconf to produce a configure script.
+
+AC_PREREQ(2.59)
+AC_INIT([pbc], [0.5.14], [blynn@cs.stanford.edu])
+AM_INIT_AUTOMAKE
+AC_CONFIG_HEADERS(config.h)
+AC_CONFIG_MACRO_DIR([m4])
+AC_CONFIG_SRCDIR([./])
+LT_INIT
+#AC_CANONICAL_HOST
+
+CFLAGS=
+default_fink_path=/sw
+case $host_os in
+ darwin*)
+ dnl fink installation
+ AC_MSG_CHECKING([for a fink installation at $default_fink_path])
+ if test -d $default_fink_path; then
+ AC_MSG_RESULT([found it!])
+ AC_MSG_NOTICE([Adding -I$default_fink_path/include to CPPFLAGS])
+ CPPFLAGS="-I$default_fink_path/include $CPPFLAGS"
+ AC_MSG_NOTICE([Adding -L$default_fink_path/lib to LDFLAGS])
+ LDFLAGS="-L$default_fink_path/lib $LDFLAGS"
+ else
+ AC_MSG_RESULT(none)
+ AC_MSG_NOTICE([You may need to add set CPPFLAGS and LDFLAGS for gmp, etc.])
+ fi
+ ;;
+esac
+
+############################
+# Configs for Windows DLLs.
+# Framework for the below was extracted and
+# modeled after the libgmp configure script.
+
+AC_LIBTOOL_WIN32_DLL
+AC_SUBST(LIBPBC_DLL,0)
+
+case $host in
+ *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2*)
+ if test -z "$enable_shared"; then
+ enable_shared=no
+ fi
+ # Don't allow both static and DLL.
+ if test "$enable_shared" != no && test "$enable_static" != no; then
+ AC_MSG_ERROR([cannot build both static and DLL, since gmp.h is different for each.
+Use "--disable-static --enable-shared" to build just a DLL.])
+ fi
+
+ # "-no-undefined" is required when building a DLL, see documentation on
+ # AC_LIBTOOL_WIN32_DLL. Also, -no-undefined needs a version number
+ # or it will complain about not having a nonnegative integer.
+ if test "$enable_shared" = yes; then
+ PBC_LDFLAGS="$PBC_LDFLAGS -no-undefined 0 -Wl,--export-all-symbols"
+ LIBPBC_LDFLAGS="$LIBPBC_LDFLAGS -Wl,--output-def,.libs/libpbc.dll.def"
+ LIBPBC_DLL=1
+ fi
+ ;;
+esac
+case $host in
+ *-*-mingw*)
+ gcc_cflags_optlist="$gcc_cflags_optlist nocygwin"
+ gcc_cflags_nocygwin="-mno-cygwin"
+ ;;
+esac
+
+AC_SUBST(PBC_LDFLAGS)
+AC_SUBST(LIBPBC_LDFLAGS)
+############################
+
+# Checks for programs.
+AC_PROG_CC
+AM_PROG_CC_C_O
+AC_PROG_CPP
+AC_PROG_INSTALL
+AC_PROG_LN_S
+AC_PROG_MAKE_SET
+
+AC_PROG_LEX
+if test "x$LEX" != xflex; then
+ echo "************************"
+ echo "flex not found"
+ echo "************************"
+ exit -1
+fi
+
+AC_PROG_YACC
+if test "x$YACC" != "xbison -y"; then
+ echo "************************"
+ echo "bison not found"
+ echo "************************"
+ exit -1
+fi
+
+# Checks for libraries.
+lib_err_msg="add its path to LDFLAGS\nsee ./configure --help"
+AC_CHECK_LIB( [m], [pow], [],[
+ echo "************************"
+ echo "m library not found"
+ echo -e $lib_err_msg
+ echo "************************"
+ exit -1
+ ])
+AC_CHECK_LIB( [gmp], [__gmpz_init], [],[
+ echo "************************"
+ echo "gmp library not found"
+ echo -e $lib_err_msg
+ echo "************************"
+ exit -1
+ ])
+dnl Reset libs because most programs do not need to link against all of these libs.
+LIBS=
+
+# Checks for header files.
+AC_FUNC_ALLOCA
+AC_HEADER_STDC
+AC_CHECK_HEADERS([stdlib.h string.h sys/time.h])
+
+# Checks for typedefs, structures, and compiler characteristics.
+AC_C_CONST
+AC_C_INLINE
+AC_TYPE_SIZE_T
+AC_HEADER_TIME
+
+dnl setup CFLAGS
+with_enable_optimized="no"
+AC_ARG_ENABLE( optimized,
+ [AS_HELP_STRING([--enable-optimized],
+ [Enable optimized build])],
+ [with_enable_optimized="$withval"],
+ [with_enable_optimized="no"])
+
+
+with_safe_clean=n
+AC_ARG_ENABLE( safe-clean,
+ [AS_HELP_STRING([--enable-safe-clean],
+ [When free any PBC element or GMP mpz_t, fill internal memory inside the element by zero])],
+ [with_safe_clean=y],
+ [with_safe_clean=n])
+
+with_debug=n
+AC_ARG_ENABLE( debug,
+ [AS_HELP_STRING([--enable-debug],
+ [Add extra debugging information. Forbid compiling optimization.])],
+ [with_debug=y],
+ [with_debug=n])
+
+CFLAGS="$CFLAGS -Wall -W -Wfloat-equal -Wpointer-arith -Wcast-align -Wstrict-prototypes -Wredundant-decls \
+-Wendif-labels -Wshadow -pipe -ffast-math -U__STRICT_ANSI__ -std=gnu99"
+if test "$with_debug" == "y"; then
+ CFLAGS="$CFLAGS -g3 -O0"
+elif test "$with_enable_optimized" != "no"; then
+ CFLAGS="$CFLAGS -g -O2"
+else
+ CFLAGS="$CFLAGS -fomit-frame-pointer -O3"
+fi
+
+if test "$with_safe_clean" != "n"; then
+ CFLAGS="$CFLAGS -DSAFE_CLEAN"
+fi
+
+# Checks for library functions.
+AC_FUNC_MALLOC
+AC_FUNC_REALLOC
+AC_CHECK_FUNCS([floor gettimeofday memmove memset pow sqrt strchr strdup])
+
+AC_CONFIG_FILES([Makefile example/Makefile gen/Makefile])
+AC_OUTPUT
+
+echo -ne "\n"
+echo "global build variables"
+echo "-----------------------------------------"
+echo `date`
+echo "host info: $host"
+echo "optimized build: $with_enable_optimized"
+echo "compiler (CC): $CC"
+echo "LDFLAGS: $LDFLAGS"
+echo "CPPFLAGS: $CPPFLAGS"
+echo "CFLAGS: $CFLAGS"
+echo "LEX: $LEX"
+echo "AM_LFLAGS: $AM_LFLAGS"
+echo "LFLAGS: $LFLAGS"
+echo "YACC: $YACC"
+echo "AM_YFLAGS: $AM_YFLAGS"
+echo "YFLAGS: $YFLAGS"
+echo "-----------------------------------------"
+echo -ne "\n"
+
+syscmd(bison -d -b pbc/parser pbc/parser.y)
+syscmd(flex -o pbc/lex.yy.c --header-file=pbc/lex.yy.h pbc/parser.lex)
diff --git a/moon-abe/pbc-0.5.14/configure.lineno b/moon-abe/pbc-0.5.14/configure.lineno
new file mode 100755
index 00000000..de63e655
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/configure.lineno
@@ -0,0 +1,16097 @@
+#! /bin/sh
+# Guess values for system-dependent variables and create Makefiles.
+# Generated by GNU Autoconf 2.68 for pbc 0.5.14.
+#
+# Report bugs to <blynn@cs.stanford.edu>.
+#
+#
+# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
+# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software
+# Foundation, Inc.
+#
+#
+# This configure script is free software; the Free Software Foundation
+# gives unlimited permission to copy, distribute and modify it.
+## -------------------- ##
+## M4sh Initialization. ##
+## -------------------- ##
+
+# Be more Bourne compatible
+DUALCASE=1; export DUALCASE # for MKS sh
+if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then :
+ emulate sh
+ NULLCMD=:
+ # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
+ # is contrary to our usage. Disable this feature.
+ alias -g '${1+"$@"}'='"$@"'
+ setopt NO_GLOB_SUBST
+else
+ case `(set -o) 2>/dev/null` in #(
+ *posix*) :
+ set -o posix ;; #(
+ *) :
+ ;;
+esac
+fi
+
+
+as_nl='
+'
+export as_nl
+# Printing a long string crashes Solaris 7 /usr/bin/printf.
+as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo
+as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo
+# Prefer a ksh shell builtin over an external printf program on Solaris,
+# but without wasting forks for bash or zsh.
+if test -z "$BASH_VERSION$ZSH_VERSION" \
+ && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then
+ as_echo='print -r --'
+ as_echo_n='print -rn --'
+elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then
+ as_echo='printf %s\n'
+ as_echo_n='printf %s'
+else
+ if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then
+ as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"'
+ as_echo_n='/usr/ucb/echo -n'
+ else
+ as_echo_body='eval expr "X$1" : "X\\(.*\\)"'
+ as_echo_n_body='eval
+ arg=$1;
+ case $arg in #(
+ *"$as_nl"*)
+ expr "X$arg" : "X\\(.*\\)$as_nl";
+ arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;;
+ esac;
+ expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl"
+ '
+ export as_echo_n_body
+ as_echo_n='sh -c $as_echo_n_body as_echo'
+ fi
+ export as_echo_body
+ as_echo='sh -c $as_echo_body as_echo'
+fi
+
+# The user is always right.
+if test "${PATH_SEPARATOR+set}" != set; then
+ PATH_SEPARATOR=:
+ (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
+ (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
+ PATH_SEPARATOR=';'
+ }
+fi
+
+
+# IFS
+# We need space, tab and new line, in precisely that order. Quoting is
+# there to prevent editors from complaining about space-tab.
+# (If _AS_PATH_WALK were called with IFS unset, it would disable word
+# splitting by setting IFS to empty value.)
+IFS=" "" $as_nl"
+
+# Find who we are. Look in the path if we contain no directory separator.
+as_myself=
+case $0 in #((
+ *[\\/]* ) as_myself=$0 ;;
+ *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
+ done
+IFS=$as_save_IFS
+
+ ;;
+esac
+# We did not find ourselves, most probably we were run as `sh COMMAND'
+# in which case we are not to be found in the path.
+if test "x$as_myself" = x; then
+ as_myself=$0
+fi
+if test ! -f "$as_myself"; then
+ $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
+ exit 1
+fi
+
+# Unset variables that we do not need and which cause bugs (e.g. in
+# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1"
+# suppresses any "Segmentation fault" message there. '((' could
+# trigger a bug in pdksh 5.2.14.
+for as_var in BASH_ENV ENV MAIL MAILPATH
+do eval test x\${$as_var+set} = xset \
+ && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || :
+done
+PS1='$ '
+PS2='> '
+PS4='+ '
+
+# NLS nuisances.
+LC_ALL=C
+export LC_ALL
+LANGUAGE=C
+export LANGUAGE
+
+# CDPATH.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+if test "x$CONFIG_SHELL" = x; then
+ as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then :
+ emulate sh
+ NULLCMD=:
+ # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which
+ # is contrary to our usage. Disable this feature.
+ alias -g '\${1+\"\$@\"}'='\"\$@\"'
+ setopt NO_GLOB_SUBST
+else
+ case \`(set -o) 2>/dev/null\` in #(
+ *posix*) :
+ set -o posix ;; #(
+ *) :
+ ;;
+esac
+fi
+"
+ as_required="as_fn_return () { (exit \$1); }
+as_fn_success () { as_fn_return 0; }
+as_fn_failure () { as_fn_return 1; }
+as_fn_ret_success () { return 0; }
+as_fn_ret_failure () { return 1; }
+
+exitcode=0
+as_fn_success || { exitcode=1; echo as_fn_success failed.; }
+as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; }
+as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; }
+as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; }
+if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then :
+
+else
+ exitcode=1; echo positional parameters were not saved.
+fi
+test x\$exitcode = x0 || exit 1"
+ as_suggested=" as_lineno_1=";as_suggested=$as_suggested173;as_suggested=$as_suggested" as_lineno_1a=\173
+ as_lineno_2=";as_suggested=$as_suggested174;as_suggested=$as_suggested" as_lineno_2a=\174
+ eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" &&
+ test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1
+
+ test -n \"\${ZSH_VERSION+set}\${BASH_VERSION+set}\" || (
+ ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+ ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO
+ ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO
+ PATH=/empty FPATH=/empty; export PATH FPATH
+ test \"X\`printf %s \$ECHO\`\" = \"X\$ECHO\" \\
+ || test \"X\`print -r -- \$ECHO\`\" = \"X\$ECHO\" ) || exit 1
+test \$(( 1 + 1 )) = 2 || exit 1"
+ if (eval "$as_required") 2>/dev/null; then :
+ as_have_required=yes
+else
+ as_have_required=no
+fi
+ if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then :
+
+else
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+as_found=false
+for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ as_found=:
+ case $as_dir in #(
+ /*)
+ for as_base in sh bash ksh sh5; do
+ # Try only shells that exist, to save several forks.
+ as_shell=$as_dir/$as_base
+ if { test -f "$as_shell" || test -f "$as_shell.exe"; } &&
+ { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then :
+ CONFIG_SHELL=$as_shell as_have_required=yes
+ if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then :
+ break 2
+fi
+fi
+ done;;
+ esac
+ as_found=false
+done
+$as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } &&
+ { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then :
+ CONFIG_SHELL=$SHELL as_have_required=yes
+fi; }
+IFS=$as_save_IFS
+
+
+ if test "x$CONFIG_SHELL" != x; then :
+ # We cannot yet assume a decent shell, so we have to provide a
+ # neutralization value for shells without unset; and this also
+ # works around shells that cannot unset nonexistent variables.
+ # Preserve -v and -x to the replacement shell.
+ BASH_ENV=/dev/null
+ ENV=/dev/null
+ (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV
+ export CONFIG_SHELL
+ case $- in # ((((
+ *v*x* | *x*v* ) as_opts=-vx ;;
+ *v* ) as_opts=-v ;;
+ *x* ) as_opts=-x ;;
+ * ) as_opts= ;;
+ esac
+ exec "$CONFIG_SHELL" $as_opts "$as_myself" ${1+"$@"}
+fi
+
+ if test x$as_have_required = xno; then :
+ $as_echo "$0: This script requires a shell more modern than all"
+ $as_echo "$0: the shells that I found on your system."
+ if test x${ZSH_VERSION+set} = xset ; then
+ $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should"
+ $as_echo "$0: be upgraded to zsh 4.3.4 or later."
+ else
+ $as_echo "$0: Please tell bug-autoconf@gnu.org and
+$0: blynn@cs.stanford.edu about your system, including any
+$0: error possibly output before this message. Then install
+$0: a modern shell, or manually run the script under such a
+$0: shell if you do have one."
+ fi
+ exit 1
+fi
+fi
+fi
+SHELL=${CONFIG_SHELL-/bin/sh}
+export SHELL
+# Unset more variables known to interfere with behavior of common tools.
+CLICOLOR_FORCE= GREP_OPTIONS=
+unset CLICOLOR_FORCE GREP_OPTIONS
+
+## --------------------- ##
+## M4sh Shell Functions. ##
+## --------------------- ##
+# as_fn_unset VAR
+# ---------------
+# Portably unset VAR.
+as_fn_unset ()
+{
+ { eval $1=; unset $1;}
+}
+as_unset=as_fn_unset
+
+# as_fn_set_status STATUS
+# -----------------------
+# Set $? to STATUS, without forking.
+as_fn_set_status ()
+{
+ return $1
+} # as_fn_set_status
+
+# as_fn_exit STATUS
+# -----------------
+# Exit the shell with STATUS, even in a "trap 0" or "set -e" context.
+as_fn_exit ()
+{
+ set +e
+ as_fn_set_status $1
+ exit $1
+} # as_fn_exit
+
+# as_fn_mkdir_p
+# -------------
+# Create "$as_dir" as a directory, including parents if necessary.
+as_fn_mkdir_p ()
+{
+
+ case $as_dir in #(
+ -*) as_dir=./$as_dir;;
+ esac
+ test -d "$as_dir" || eval $as_mkdir_p || {
+ as_dirs=
+ while :; do
+ case $as_dir in #(
+ *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'(
+ *) as_qdir=$as_dir;;
+ esac
+ as_dirs="'$as_qdir' $as_dirs"
+ as_dir=`$as_dirname -- "$as_dir" ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$as_dir" : 'X\(//\)[^/]' \| \
+ X"$as_dir" : 'X\(//\)$' \| \
+ X"$as_dir" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$as_dir" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)[^/].*/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
+ test -d "$as_dir" && break
+ done
+ test -z "$as_dirs" || eval "mkdir $as_dirs"
+ } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir"
+
+
+} # as_fn_mkdir_p
+# as_fn_append VAR VALUE
+# ----------------------
+# Append the text in VALUE to the end of the definition contained in VAR. Take
+# advantage of any shell optimizations that allow amortized linear growth over
+# repeated appends, instead of the typical quadratic growth present in naive
+# implementations.
+if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then :
+ eval 'as_fn_append ()
+ {
+ eval $1+=\$2
+ }'
+else
+ as_fn_append ()
+ {
+ eval $1=\$$1\$2
+ }
+fi # as_fn_append
+
+# as_fn_arith ARG...
+# ------------------
+# Perform arithmetic evaluation on the ARGs, and store the result in the
+# global $as_val. Take advantage of shells that can avoid forks. The arguments
+# must be portable across $(()) and expr.
+if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then :
+ eval 'as_fn_arith ()
+ {
+ as_val=$(( $* ))
+ }'
+else
+ as_fn_arith ()
+ {
+ as_val=`expr "$@" || test $? -eq 1`
+ }
+fi # as_fn_arith
+
+
+# as_fn_error STATUS ERROR [LINENO LOG_FD]
+# ----------------------------------------
+# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are
+# provided, also output the error to LOG_FD, referencing LINENO. Then exit the
+# script with STATUS, using 1 if that was 0.
+as_fn_error ()
+{
+ as_status=$1; test $as_status -eq 0 && as_status=1
+ if test "$4"; then
+ as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ $as_echo "$as_me:${as_lineno-388}: error: $2" >&$4
+ fi
+ $as_echo "$as_me: error: $2" >&2
+ as_fn_exit $as_status
+} # as_fn_error
+
+if expr a : '\(a\)' >/dev/null 2>&1 &&
+ test "X`expr 00001 : '.*\(...\)'`" = X001; then
+ as_expr=expr
+else
+ as_expr=false
+fi
+
+if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then
+ as_basename=basename
+else
+ as_basename=false
+fi
+
+if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then
+ as_dirname=dirname
+else
+ as_dirname=false
+fi
+
+as_me=`$as_basename -- "$0" ||
+$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
+ X"$0" : 'X\(//\)$' \| \
+ X"$0" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X/"$0" |
+ sed '/^.*\/\([^/][^/]*\)\/*$/{
+ s//\1/
+ q
+ }
+ /^X\/\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\/\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
+
+# Avoid depending upon Character Ranges.
+as_cr_letters='abcdefghijklmnopqrstuvwxyz'
+as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
+as_cr_Letters=$as_cr_letters$as_cr_LETTERS
+as_cr_digits='0123456789'
+as_cr_alnum=$as_cr_Letters$as_cr_digits
+
+
+ as_lineno_1=440 as_lineno_1a=440
+ as_lineno_2=441 as_lineno_2a=441
+ eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" &&
+ test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || {
+ # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-)
+ sed -n '
+ p
+ /[$]LINENO/=
+ ' <$as_myself |
+ sed '
+ s/[$]LINENO.*/&-/
+ t lineno
+ b
+ :lineno
+ N
+ :loop
+ s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/
+ t loop
+ s/-\n.*//
+ ' >$as_me.lineno &&
+ chmod +x "$as_me.lineno" ||
+ { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; }
+
+ # Don't try to exec as it changes $[0], causing all sort of problems
+ # (the dirname of $[0] is not the place where we might find the
+ # original and so on. Autoconf is especially sensitive to this).
+ . "./$as_me.lineno"
+ # Exit status is that of the last command.
+ exit
+}
+
+ECHO_C= ECHO_N= ECHO_T=
+case `echo -n x` in #(((((
+-n*)
+ case `echo 'xy\c'` in
+ *c*) ECHO_T=' ';; # ECHO_T is single tab character.
+ xy) ECHO_C='\c';;
+ *) echo `echo ksh88 bug on AIX 6.1` > /dev/null
+ ECHO_T=' ';;
+ esac;;
+*)
+ ECHO_N='-n';;
+esac
+
+rm -f conf$$ conf$$.exe conf$$.file
+if test -d conf$$.dir; then
+ rm -f conf$$.dir/conf$$.file
+else
+ rm -f conf$$.dir
+ mkdir conf$$.dir 2>/dev/null
+fi
+if (echo >conf$$.file) 2>/dev/null; then
+ if ln -s conf$$.file conf$$ 2>/dev/null; then
+ as_ln_s='ln -s'
+ # ... but there are two gotchas:
+ # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
+ # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
+ # In both cases, we have to default to `cp -p'.
+ ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
+ as_ln_s='cp -p'
+ elif ln conf$$.file conf$$ 2>/dev/null; then
+ as_ln_s=ln
+ else
+ as_ln_s='cp -p'
+ fi
+else
+ as_ln_s='cp -p'
+fi
+rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
+rmdir conf$$.dir 2>/dev/null
+
+if mkdir -p . 2>/dev/null; then
+ as_mkdir_p='mkdir -p "$as_dir"'
+else
+ test -d ./-p && rmdir ./-p
+ as_mkdir_p=false
+fi
+
+if test -x / >/dev/null 2>&1; then
+ as_test_x='test -x'
+else
+ if ls -dL / >/dev/null 2>&1; then
+ as_ls_L_option=L
+ else
+ as_ls_L_option=
+ fi
+ as_test_x='
+ eval sh -c '\''
+ if test -d "$1"; then
+ test -d "$1/.";
+ else
+ case $1 in #(
+ -*)set "./$1";;
+ esac;
+ case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #((
+ ???[sx]*):;;*)false;;esac;fi
+ '\'' sh
+ '
+fi
+as_executable_p=$as_test_x
+
+# Sed expression to map a string onto a valid CPP name.
+as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
+
+# Sed expression to map a string onto a valid variable name.
+as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
+
+SHELL=${CONFIG_SHELL-/bin/sh}
+
+
+test -n "$DJDIR" || exec 7<&0 </dev/null
+exec 6>&1
+
+# Name of the host.
+# hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status,
+# so uname gets run too.
+ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q`
+
+#
+# Initializations.
+#
+ac_default_prefix=/usr/local
+ac_clean_files=
+ac_config_libobj_dir=.
+LIBOBJS=
+cross_compiling=no
+subdirs=
+MFLAGS=
+MAKEFLAGS=
+
+# Identity of this package.
+PACKAGE_NAME='pbc'
+PACKAGE_TARNAME='pbc'
+PACKAGE_VERSION='0.5.14'
+PACKAGE_STRING='pbc 0.5.14'
+PACKAGE_BUGREPORT='blynn@cs.stanford.edu'
+PACKAGE_URL=''
+
+ac_unique_file="./"
+# Factoring default headers for most tests.
+ac_includes_default="\
+#include <stdio.h>
+#ifdef HAVE_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_STAT_H
+# include <sys/stat.h>
+#endif
+#ifdef STDC_HEADERS
+# include <stdlib.h>
+# include <stddef.h>
+#else
+# ifdef HAVE_STDLIB_H
+# include <stdlib.h>
+# endif
+#endif
+#ifdef HAVE_STRING_H
+# if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+# include <memory.h>
+# endif
+# include <string.h>
+#endif
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif
+#ifdef HAVE_INTTYPES_H
+# include <inttypes.h>
+#endif
+#ifdef HAVE_STDINT_H
+# include <stdint.h>
+#endif
+#ifdef HAVE_UNISTD_H
+# include <unistd.h>
+#endif"
+
+ac_subst_vars='am__EXEEXT_FALSE
+am__EXEEXT_TRUE
+LTLIBOBJS
+LIBOBJS
+ALLOCA
+YFLAGS
+YACC
+LEXLIB
+LEX_OUTPUT_ROOT
+LEX
+LIBPBC_LDFLAGS
+PBC_LDFLAGS
+LIBPBC_DLL
+AS
+CPP
+OTOOL64
+OTOOL
+LIPO
+NMEDIT
+DSYMUTIL
+MANIFEST_TOOL
+RANLIB
+ac_ct_AR
+AR
+DLLTOOL
+OBJDUMP
+LN_S
+NM
+ac_ct_DUMPBIN
+DUMPBIN
+LD
+FGREP
+EGREP
+GREP
+SED
+am__fastdepCC_FALSE
+am__fastdepCC_TRUE
+CCDEPMODE
+am__nodep
+AMDEPBACKSLASH
+AMDEP_FALSE
+AMDEP_TRUE
+am__quote
+am__include
+DEPDIR
+OBJEXT
+EXEEXT
+ac_ct_CC
+CPPFLAGS
+LDFLAGS
+CFLAGS
+CC
+host_os
+host_vendor
+host_cpu
+host
+build_os
+build_vendor
+build_cpu
+build
+LIBTOOL
+am__untar
+am__tar
+AMTAR
+am__leading_dot
+SET_MAKE
+AWK
+mkdir_p
+MKDIR_P
+INSTALL_STRIP_PROGRAM
+STRIP
+install_sh
+MAKEINFO
+AUTOHEADER
+AUTOMAKE
+AUTOCONF
+ACLOCAL
+VERSION
+PACKAGE
+CYGPATH_W
+am__isrc
+INSTALL_DATA
+INSTALL_SCRIPT
+INSTALL_PROGRAM
+target_alias
+host_alias
+build_alias
+LIBS
+ECHO_T
+ECHO_N
+ECHO_C
+DEFS
+mandir
+localedir
+libdir
+psdir
+pdfdir
+dvidir
+htmldir
+infodir
+docdir
+oldincludedir
+includedir
+localstatedir
+sharedstatedir
+sysconfdir
+datadir
+datarootdir
+libexecdir
+sbindir
+bindir
+program_transform_name
+prefix
+exec_prefix
+PACKAGE_URL
+PACKAGE_BUGREPORT
+PACKAGE_STRING
+PACKAGE_VERSION
+PACKAGE_TARNAME
+PACKAGE_NAME
+PATH_SEPARATOR
+SHELL'
+ac_subst_files=''
+ac_user_opts='
+enable_option_checking
+enable_shared
+enable_static
+with_pic
+enable_fast_install
+enable_dependency_tracking
+with_gnu_ld
+with_sysroot
+enable_libtool_lock
+enable_optimized
+enable_safe_clean
+enable_debug
+'
+ ac_precious_vars='build_alias
+host_alias
+target_alias
+CC
+CFLAGS
+LDFLAGS
+LIBS
+CPPFLAGS
+CPP
+YACC
+YFLAGS'
+
+
+# Initialize some variables set by options.
+ac_init_help=
+ac_init_version=false
+ac_unrecognized_opts=
+ac_unrecognized_sep=
+# The variables have the same names as the options, with
+# dashes changed to underlines.
+cache_file=/dev/null
+exec_prefix=NONE
+no_create=
+no_recursion=
+prefix=NONE
+program_prefix=NONE
+program_suffix=NONE
+program_transform_name=s,x,x,
+silent=
+site=
+srcdir=
+verbose=
+x_includes=NONE
+x_libraries=NONE
+
+# Installation directory options.
+# These are left unexpanded so users can "make install exec_prefix=/foo"
+# and all the variables that are supposed to be based on exec_prefix
+# by default will actually change.
+# Use braces instead of parens because sh, perl, etc. also accept them.
+# (The list follows the same order as the GNU Coding Standards.)
+bindir='${exec_prefix}/bin'
+sbindir='${exec_prefix}/sbin'
+libexecdir='${exec_prefix}/libexec'
+datarootdir='${prefix}/share'
+datadir='${datarootdir}'
+sysconfdir='${prefix}/etc'
+sharedstatedir='${prefix}/com'
+localstatedir='${prefix}/var'
+includedir='${prefix}/include'
+oldincludedir='/usr/include'
+docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
+infodir='${datarootdir}/info'
+htmldir='${docdir}'
+dvidir='${docdir}'
+pdfdir='${docdir}'
+psdir='${docdir}'
+libdir='${exec_prefix}/lib'
+localedir='${datarootdir}/locale'
+mandir='${datarootdir}/man'
+
+ac_prev=
+ac_dashdash=
+for ac_option
+do
+ # If the previous option needs an argument, assign it.
+ if test -n "$ac_prev"; then
+ eval $ac_prev=\$ac_option
+ ac_prev=
+ continue
+ fi
+
+ case $ac_option in
+ *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;;
+ *=) ac_optarg= ;;
+ *) ac_optarg=yes ;;
+ esac
+
+ # Accept the important Cygnus configure options, so we can diagnose typos.
+
+ case $ac_dashdash$ac_option in
+ --)
+ ac_dashdash=yes ;;
+
+ -bindir | --bindir | --bindi | --bind | --bin | --bi)
+ ac_prev=bindir ;;
+ -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*)
+ bindir=$ac_optarg ;;
+
+ -build | --build | --buil | --bui | --bu)
+ ac_prev=build_alias ;;
+ -build=* | --build=* | --buil=* | --bui=* | --bu=*)
+ build_alias=$ac_optarg ;;
+
+ -cache-file | --cache-file | --cache-fil | --cache-fi \
+ | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c)
+ ac_prev=cache_file ;;
+ -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \
+ | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*)
+ cache_file=$ac_optarg ;;
+
+ --config-cache | -C)
+ cache_file=config.cache ;;
+
+ -datadir | --datadir | --datadi | --datad)
+ ac_prev=datadir ;;
+ -datadir=* | --datadir=* | --datadi=* | --datad=*)
+ datadir=$ac_optarg ;;
+
+ -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \
+ | --dataroo | --dataro | --datar)
+ ac_prev=datarootdir ;;
+ -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \
+ | --dataroot=* | --dataroo=* | --dataro=* | --datar=*)
+ datarootdir=$ac_optarg ;;
+
+ -disable-* | --disable-*)
+ ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'`
+ # Reject names that are not valid shell variable names.
+ expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
+ as_fn_error $? "invalid feature name: $ac_useropt"
+ ac_useropt_orig=$ac_useropt
+ ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
+ case $ac_user_opts in
+ *"
+"enable_$ac_useropt"
+"*) ;;
+ *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig"
+ ac_unrecognized_sep=', ';;
+ esac
+ eval enable_$ac_useropt=no ;;
+
+ -docdir | --docdir | --docdi | --doc | --do)
+ ac_prev=docdir ;;
+ -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*)
+ docdir=$ac_optarg ;;
+
+ -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv)
+ ac_prev=dvidir ;;
+ -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*)
+ dvidir=$ac_optarg ;;
+
+ -enable-* | --enable-*)
+ ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'`
+ # Reject names that are not valid shell variable names.
+ expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
+ as_fn_error $? "invalid feature name: $ac_useropt"
+ ac_useropt_orig=$ac_useropt
+ ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
+ case $ac_user_opts in
+ *"
+"enable_$ac_useropt"
+"*) ;;
+ *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig"
+ ac_unrecognized_sep=', ';;
+ esac
+ eval enable_$ac_useropt=\$ac_optarg ;;
+
+ -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \
+ | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \
+ | --exec | --exe | --ex)
+ ac_prev=exec_prefix ;;
+ -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \
+ | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \
+ | --exec=* | --exe=* | --ex=*)
+ exec_prefix=$ac_optarg ;;
+
+ -gas | --gas | --ga | --g)
+ # Obsolete; use --with-gas.
+ with_gas=yes ;;
+
+ -help | --help | --hel | --he | -h)
+ ac_init_help=long ;;
+ -help=r* | --help=r* | --hel=r* | --he=r* | -hr*)
+ ac_init_help=recursive ;;
+ -help=s* | --help=s* | --hel=s* | --he=s* | -hs*)
+ ac_init_help=short ;;
+
+ -host | --host | --hos | --ho)
+ ac_prev=host_alias ;;
+ -host=* | --host=* | --hos=* | --ho=*)
+ host_alias=$ac_optarg ;;
+
+ -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht)
+ ac_prev=htmldir ;;
+ -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \
+ | --ht=*)
+ htmldir=$ac_optarg ;;
+
+ -includedir | --includedir | --includedi | --included | --include \
+ | --includ | --inclu | --incl | --inc)
+ ac_prev=includedir ;;
+ -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \
+ | --includ=* | --inclu=* | --incl=* | --inc=*)
+ includedir=$ac_optarg ;;
+
+ -infodir | --infodir | --infodi | --infod | --info | --inf)
+ ac_prev=infodir ;;
+ -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*)
+ infodir=$ac_optarg ;;
+
+ -libdir | --libdir | --libdi | --libd)
+ ac_prev=libdir ;;
+ -libdir=* | --libdir=* | --libdi=* | --libd=*)
+ libdir=$ac_optarg ;;
+
+ -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \
+ | --libexe | --libex | --libe)
+ ac_prev=libexecdir ;;
+ -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \
+ | --libexe=* | --libex=* | --libe=*)
+ libexecdir=$ac_optarg ;;
+
+ -localedir | --localedir | --localedi | --localed | --locale)
+ ac_prev=localedir ;;
+ -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*)
+ localedir=$ac_optarg ;;
+
+ -localstatedir | --localstatedir | --localstatedi | --localstated \
+ | --localstate | --localstat | --localsta | --localst | --locals)
+ ac_prev=localstatedir ;;
+ -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \
+ | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*)
+ localstatedir=$ac_optarg ;;
+
+ -mandir | --mandir | --mandi | --mand | --man | --ma | --m)
+ ac_prev=mandir ;;
+ -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*)
+ mandir=$ac_optarg ;;
+
+ -nfp | --nfp | --nf)
+ # Obsolete; use --without-fp.
+ with_fp=no ;;
+
+ -no-create | --no-create | --no-creat | --no-crea | --no-cre \
+ | --no-cr | --no-c | -n)
+ no_create=yes ;;
+
+ -no-recursion | --no-recursion | --no-recursio | --no-recursi \
+ | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r)
+ no_recursion=yes ;;
+
+ -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \
+ | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \
+ | --oldin | --oldi | --old | --ol | --o)
+ ac_prev=oldincludedir ;;
+ -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \
+ | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \
+ | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*)
+ oldincludedir=$ac_optarg ;;
+
+ -prefix | --prefix | --prefi | --pref | --pre | --pr | --p)
+ ac_prev=prefix ;;
+ -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*)
+ prefix=$ac_optarg ;;
+
+ -program-prefix | --program-prefix | --program-prefi | --program-pref \
+ | --program-pre | --program-pr | --program-p)
+ ac_prev=program_prefix ;;
+ -program-prefix=* | --program-prefix=* | --program-prefi=* \
+ | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*)
+ program_prefix=$ac_optarg ;;
+
+ -program-suffix | --program-suffix | --program-suffi | --program-suff \
+ | --program-suf | --program-su | --program-s)
+ ac_prev=program_suffix ;;
+ -program-suffix=* | --program-suffix=* | --program-suffi=* \
+ | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*)
+ program_suffix=$ac_optarg ;;
+
+ -program-transform-name | --program-transform-name \
+ | --program-transform-nam | --program-transform-na \
+ | --program-transform-n | --program-transform- \
+ | --program-transform | --program-transfor \
+ | --program-transfo | --program-transf \
+ | --program-trans | --program-tran \
+ | --progr-tra | --program-tr | --program-t)
+ ac_prev=program_transform_name ;;
+ -program-transform-name=* | --program-transform-name=* \
+ | --program-transform-nam=* | --program-transform-na=* \
+ | --program-transform-n=* | --program-transform-=* \
+ | --program-transform=* | --program-transfor=* \
+ | --program-transfo=* | --program-transf=* \
+ | --program-trans=* | --program-tran=* \
+ | --progr-tra=* | --program-tr=* | --program-t=*)
+ program_transform_name=$ac_optarg ;;
+
+ -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd)
+ ac_prev=pdfdir ;;
+ -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*)
+ pdfdir=$ac_optarg ;;
+
+ -psdir | --psdir | --psdi | --psd | --ps)
+ ac_prev=psdir ;;
+ -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*)
+ psdir=$ac_optarg ;;
+
+ -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+ | -silent | --silent | --silen | --sile | --sil)
+ silent=yes ;;
+
+ -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
+ ac_prev=sbindir ;;
+ -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
+ | --sbi=* | --sb=*)
+ sbindir=$ac_optarg ;;
+
+ -sharedstatedir | --sharedstatedir | --sharedstatedi \
+ | --sharedstated | --sharedstate | --sharedstat | --sharedsta \
+ | --sharedst | --shareds | --shared | --share | --shar \
+ | --sha | --sh)
+ ac_prev=sharedstatedir ;;
+ -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \
+ | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \
+ | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \
+ | --sha=* | --sh=*)
+ sharedstatedir=$ac_optarg ;;
+
+ -site | --site | --sit)
+ ac_prev=site ;;
+ -site=* | --site=* | --sit=*)
+ site=$ac_optarg ;;
+
+ -srcdir | --srcdir | --srcdi | --srcd | --src | --sr)
+ ac_prev=srcdir ;;
+ -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*)
+ srcdir=$ac_optarg ;;
+
+ -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \
+ | --syscon | --sysco | --sysc | --sys | --sy)
+ ac_prev=sysconfdir ;;
+ -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \
+ | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*)
+ sysconfdir=$ac_optarg ;;
+
+ -target | --target | --targe | --targ | --tar | --ta | --t)
+ ac_prev=target_alias ;;
+ -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*)
+ target_alias=$ac_optarg ;;
+
+ -v | -verbose | --verbose | --verbos | --verbo | --verb)
+ verbose=yes ;;
+
+ -version | --version | --versio | --versi | --vers | -V)
+ ac_init_version=: ;;
+
+ -with-* | --with-*)
+ ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'`
+ # Reject names that are not valid shell variable names.
+ expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
+ as_fn_error $? "invalid package name: $ac_useropt"
+ ac_useropt_orig=$ac_useropt
+ ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
+ case $ac_user_opts in
+ *"
+"with_$ac_useropt"
+"*) ;;
+ *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig"
+ ac_unrecognized_sep=', ';;
+ esac
+ eval with_$ac_useropt=\$ac_optarg ;;
+
+ -without-* | --without-*)
+ ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'`
+ # Reject names that are not valid shell variable names.
+ expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
+ as_fn_error $? "invalid package name: $ac_useropt"
+ ac_useropt_orig=$ac_useropt
+ ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
+ case $ac_user_opts in
+ *"
+"with_$ac_useropt"
+"*) ;;
+ *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig"
+ ac_unrecognized_sep=', ';;
+ esac
+ eval with_$ac_useropt=no ;;
+
+ --x)
+ # Obsolete; use --with-x.
+ with_x=yes ;;
+
+ -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \
+ | --x-incl | --x-inc | --x-in | --x-i)
+ ac_prev=x_includes ;;
+ -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \
+ | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*)
+ x_includes=$ac_optarg ;;
+
+ -x-libraries | --x-libraries | --x-librarie | --x-librari \
+ | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l)
+ ac_prev=x_libraries ;;
+ -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \
+ | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*)
+ x_libraries=$ac_optarg ;;
+
+ -*) as_fn_error $? "unrecognized option: \`$ac_option'
+Try \`$0 --help' for more information"
+ ;;
+
+ *=*)
+ ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='`
+ # Reject names that are not valid shell variable names.
+ case $ac_envvar in #(
+ '' | [0-9]* | *[!_$as_cr_alnum]* )
+ as_fn_error $? "invalid variable name: \`$ac_envvar'" ;;
+ esac
+ eval $ac_envvar=\$ac_optarg
+ export $ac_envvar ;;
+
+ *)
+ # FIXME: should be removed in autoconf 3.0.
+ $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2
+ expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null &&
+ $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2
+ : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}"
+ ;;
+
+ esac
+done
+
+if test -n "$ac_prev"; then
+ ac_option=--`echo $ac_prev | sed 's/_/-/g'`
+ as_fn_error $? "missing argument to $ac_option"
+fi
+
+if test -n "$ac_unrecognized_opts"; then
+ case $enable_option_checking in
+ no) ;;
+ fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;;
+ *) $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;;
+ esac
+fi
+
+# Check all directory arguments for consistency.
+for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
+ datadir sysconfdir sharedstatedir localstatedir includedir \
+ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
+ libdir localedir mandir
+do
+ eval ac_val=\$$ac_var
+ # Remove trailing slashes.
+ case $ac_val in
+ */ )
+ ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'`
+ eval $ac_var=\$ac_val;;
+ esac
+ # Be sure to have absolute directory names.
+ case $ac_val in
+ [\\/$]* | ?:[\\/]* ) continue;;
+ NONE | '' ) case $ac_var in *prefix ) continue;; esac;;
+ esac
+ as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val"
+done
+
+# There might be people who depend on the old broken behavior: `$host'
+# used to hold the argument of --host etc.
+# FIXME: To remove some day.
+build=$build_alias
+host=$host_alias
+target=$target_alias
+
+# FIXME: To remove some day.
+if test "x$host_alias" != x; then
+ if test "x$build_alias" = x; then
+ cross_compiling=maybe
+ $as_echo "$as_me: WARNING: if you wanted to set the --build type, don't use --host.
+ If a cross compiler is detected then cross compile mode will be used" >&2
+ elif test "x$build_alias" != "x$host_alias"; then
+ cross_compiling=yes
+ fi
+fi
+
+ac_tool_prefix=
+test -n "$host_alias" && ac_tool_prefix=$host_alias-
+
+test "$silent" = yes && exec 6>/dev/null
+
+
+ac_pwd=`pwd` && test -n "$ac_pwd" &&
+ac_ls_di=`ls -di .` &&
+ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` ||
+ as_fn_error $? "working directory cannot be determined"
+test "X$ac_ls_di" = "X$ac_pwd_ls_di" ||
+ as_fn_error $? "pwd does not report name of working directory"
+
+
+# Find the source files, if location was not specified.
+if test -z "$srcdir"; then
+ ac_srcdir_defaulted=yes
+ # Try the directory containing this script, then the parent directory.
+ ac_confdir=`$as_dirname -- "$as_myself" ||
+$as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$as_myself" : 'X\(//\)[^/]' \| \
+ X"$as_myself" : 'X\(//\)$' \| \
+ X"$as_myself" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$as_myself" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)[^/].*/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
+ srcdir=$ac_confdir
+ if test ! -r "$srcdir/$ac_unique_file"; then
+ srcdir=..
+ fi
+else
+ ac_srcdir_defaulted=no
+fi
+if test ! -r "$srcdir/$ac_unique_file"; then
+ test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .."
+ as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir"
+fi
+ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work"
+ac_abs_confdir=`(
+ cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg"
+ pwd)`
+# When building in place, set srcdir=.
+if test "$ac_abs_confdir" = "$ac_pwd"; then
+ srcdir=.
+fi
+# Remove unnecessary trailing slashes from srcdir.
+# Double slashes in file names in object file debugging info
+# mess up M-x gdb in Emacs.
+case $srcdir in
+*/) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;;
+esac
+for ac_var in $ac_precious_vars; do
+ eval ac_env_${ac_var}_set=\${${ac_var}+set}
+ eval ac_env_${ac_var}_value=\$${ac_var}
+ eval ac_cv_env_${ac_var}_set=\${${ac_var}+set}
+ eval ac_cv_env_${ac_var}_value=\$${ac_var}
+done
+
+#
+# Report the --help message.
+#
+if test "$ac_init_help" = "long"; then
+ # Omit some internal or obsolete options to make the list less imposing.
+ # This message is too long to be a string in the A/UX 3.1 sh.
+ cat <<_ACEOF
+\`configure' configures pbc 0.5.14 to adapt to many kinds of systems.
+
+Usage: $0 [OPTION]... [VAR=VALUE]...
+
+To assign environment variables (e.g., CC, CFLAGS...), specify them as
+VAR=VALUE. See below for descriptions of some of the useful variables.
+
+Defaults for the options are specified in brackets.
+
+Configuration:
+ -h, --help display this help and exit
+ --help=short display options specific to this package
+ --help=recursive display the short help of all the included packages
+ -V, --version display version information and exit
+ -q, --quiet, --silent do not print \`checking ...' messages
+ --cache-file=FILE cache test results in FILE [disabled]
+ -C, --config-cache alias for \`--cache-file=config.cache'
+ -n, --no-create do not create output files
+ --srcdir=DIR find the sources in DIR [configure dir or \`..']
+
+Installation directories:
+ --prefix=PREFIX install architecture-independent files in PREFIX
+ [$ac_default_prefix]
+ --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX
+ [PREFIX]
+
+By default, \`make install' will install all the files in
+\`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify
+an installation prefix other than \`$ac_default_prefix' using \`--prefix',
+for instance \`--prefix=\$HOME'.
+
+For better control, use the options below.
+
+Fine tuning of the installation directories:
+ --bindir=DIR user executables [EPREFIX/bin]
+ --sbindir=DIR system admin executables [EPREFIX/sbin]
+ --libexecdir=DIR program executables [EPREFIX/libexec]
+ --sysconfdir=DIR read-only single-machine data [PREFIX/etc]
+ --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
+ --localstatedir=DIR modifiable single-machine data [PREFIX/var]
+ --libdir=DIR object code libraries [EPREFIX/lib]
+ --includedir=DIR C header files [PREFIX/include]
+ --oldincludedir=DIR C header files for non-gcc [/usr/include]
+ --datarootdir=DIR read-only arch.-independent data root [PREFIX/share]
+ --datadir=DIR read-only architecture-independent data [DATAROOTDIR]
+ --infodir=DIR info documentation [DATAROOTDIR/info]
+ --localedir=DIR locale-dependent data [DATAROOTDIR/locale]
+ --mandir=DIR man documentation [DATAROOTDIR/man]
+ --docdir=DIR documentation root [DATAROOTDIR/doc/pbc]
+ --htmldir=DIR html documentation [DOCDIR]
+ --dvidir=DIR dvi documentation [DOCDIR]
+ --pdfdir=DIR pdf documentation [DOCDIR]
+ --psdir=DIR ps documentation [DOCDIR]
+_ACEOF
+
+ cat <<\_ACEOF
+
+Program names:
+ --program-prefix=PREFIX prepend PREFIX to installed program names
+ --program-suffix=SUFFIX append SUFFIX to installed program names
+ --program-transform-name=PROGRAM run sed PROGRAM on installed program names
+
+System types:
+ --build=BUILD configure for building on BUILD [guessed]
+ --host=HOST cross-compile to build programs to run on HOST [BUILD]
+_ACEOF
+fi
+
+if test -n "$ac_init_help"; then
+ case $ac_init_help in
+ short | recursive ) echo "Configuration of pbc 0.5.14:";;
+ esac
+ cat <<\_ACEOF
+
+Optional Features:
+ --disable-option-checking ignore unrecognized --enable/--with options
+ --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no)
+ --enable-FEATURE[=ARG] include FEATURE [ARG=yes]
+ --enable-shared[=PKGS] build shared libraries [default=yes]
+ --enable-static[=PKGS] build static libraries [default=yes]
+ --enable-fast-install[=PKGS]
+ optimize for fast installation [default=yes]
+ --disable-dependency-tracking speeds up one-time build
+ --enable-dependency-tracking do not reject slow dependency extractors
+ --disable-libtool-lock avoid locking (might break parallel builds)
+ --enable-optimized Enable optimized build
+ --enable-safe-clean When free any PBC element or GMP mpz_t, fill
+ internal memory inside the element by zero
+ --enable-debug Add extra debugging information. Forbid compiling
+ optimization.
+
+Optional Packages:
+ --with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
+ --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)
+ --with-pic[=PKGS] try to use only PIC/non-PIC objects [default=use
+ both]
+ --with-gnu-ld assume the C compiler uses GNU ld [default=no]
+ --with-sysroot=DIR Search for dependent libraries within DIR
+ (or the compiler's sysroot if not specified).
+
+Some influential environment variables:
+ CC C compiler command
+ CFLAGS C compiler flags
+ LDFLAGS linker flags, e.g. -L<lib dir> if you have libraries in a
+ nonstandard directory <lib dir>
+ LIBS libraries to pass to the linker, e.g. -l<library>
+ CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I<include dir> if
+ you have headers in a nonstandard directory <include dir>
+ CPP C preprocessor
+ YACC The `Yet Another Compiler Compiler' implementation to use.
+ Defaults to the first program found out of: `bison -y', `byacc',
+ `yacc'.
+ YFLAGS The list of arguments that will be passed by default to $YACC.
+ This script will default YFLAGS to the empty string to avoid a
+ default value of `-d' given by some make applications.
+
+Use these variables to override the choices made by `configure' or to help
+it to find libraries and programs with nonstandard names/locations.
+
+Report bugs to <blynn@cs.stanford.edu>.
+_ACEOF
+ac_status=$?
+fi
+
+if test "$ac_init_help" = "recursive"; then
+ # If there are subdirs, report their specific --help.
+ for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue
+ test -d "$ac_dir" ||
+ { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } ||
+ continue
+ ac_builddir=.
+
+case "$ac_dir" in
+.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
+*)
+ ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'`
+ # A ".." for each directory in $ac_dir_suffix.
+ ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'`
+ case $ac_top_builddir_sub in
+ "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
+ *) ac_top_build_prefix=$ac_top_builddir_sub/ ;;
+ esac ;;
+esac
+ac_abs_top_builddir=$ac_pwd
+ac_abs_builddir=$ac_pwd$ac_dir_suffix
+# for backward compatibility:
+ac_top_builddir=$ac_top_build_prefix
+
+case $srcdir in
+ .) # We are building in place.
+ ac_srcdir=.
+ ac_top_srcdir=$ac_top_builddir_sub
+ ac_abs_top_srcdir=$ac_pwd ;;
+ [\\/]* | ?:[\\/]* ) # Absolute name.
+ ac_srcdir=$srcdir$ac_dir_suffix;
+ ac_top_srcdir=$srcdir
+ ac_abs_top_srcdir=$srcdir ;;
+ *) # Relative name.
+ ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix
+ ac_top_srcdir=$ac_top_build_prefix$srcdir
+ ac_abs_top_srcdir=$ac_pwd/$srcdir ;;
+esac
+ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix
+
+ cd "$ac_dir" || { ac_status=$?; continue; }
+ # Check for guested configure.
+ if test -f "$ac_srcdir/configure.gnu"; then
+ echo &&
+ $SHELL "$ac_srcdir/configure.gnu" --help=recursive
+ elif test -f "$ac_srcdir/configure"; then
+ echo &&
+ $SHELL "$ac_srcdir/configure" --help=recursive
+ else
+ $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2
+ fi || ac_status=$?
+ cd "$ac_pwd" || { ac_status=$?; break; }
+ done
+fi
+
+test -n "$ac_init_help" && exit $ac_status
+if $ac_init_version; then
+ cat <<\_ACEOF
+pbc configure 0.5.14
+generated by GNU Autoconf 2.68
+
+Copyright (C) 2010 Free Software Foundation, Inc.
+This configure script is free software; the Free Software Foundation
+gives unlimited permission to copy, distribute and modify it.
+_ACEOF
+ exit
+fi
+
+## ------------------------ ##
+## Autoconf initialization. ##
+## ------------------------ ##
+
+# ac_fn_c_try_compile LINENO
+# --------------------------
+# Try to compile conftest.$ac_ext, and return whether this succeeded.
+ac_fn_c_try_compile ()
+{
+ as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ rm -f conftest.$ac_objext
+ if { { ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-1513}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+ (eval "$ac_compile") 2>conftest.err
+ ac_status=$?
+ if test -s conftest.err; then
+ grep -v '^ *+' conftest.err >conftest.er1
+ cat conftest.er1 >&5
+ mv -f conftest.er1 conftest.err
+ fi
+ $as_echo "$as_me:${as_lineno-1522}: \$? = $ac_status" >&5
+ test $ac_status = 0; } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then :
+ ac_retval=0
+else
+ $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_retval=1
+fi
+ eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+ as_fn_set_status $ac_retval
+
+} # ac_fn_c_try_compile
+
+# ac_fn_c_try_link LINENO
+# -----------------------
+# Try to link conftest.$ac_ext, and return whether this succeeded.
+ac_fn_c_try_link ()
+{
+ as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ rm -f conftest.$ac_objext conftest$ac_exeext
+ if { { ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-1551}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+ (eval "$ac_link") 2>conftest.err
+ ac_status=$?
+ if test -s conftest.err; then
+ grep -v '^ *+' conftest.err >conftest.er1
+ cat conftest.er1 >&5
+ mv -f conftest.er1 conftest.err
+ fi
+ $as_echo "$as_me:${as_lineno-1560}: \$? = $ac_status" >&5
+ test $ac_status = 0; } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext && {
+ test "$cross_compiling" = yes ||
+ $as_test_x conftest$ac_exeext
+ }; then :
+ ac_retval=0
+else
+ $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_retval=1
+fi
+ # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information
+ # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would
+ # interfere with the next link command; also delete a directory that is
+ # left behind by Apple's compiler. We do this before executing the actions.
+ rm -rf conftest.dSYM conftest_ipa8_conftest.oo
+ eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+ as_fn_set_status $ac_retval
+
+} # ac_fn_c_try_link
+
+# ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES
+# -------------------------------------------------------
+# Tests whether HEADER exists and can be compiled using the include files in
+# INCLUDES, setting the cache variable VAR accordingly.
+ac_fn_c_check_header_compile ()
+{
+ as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ { $as_echo "$as_me:${as_lineno-1592}: checking for $2" >&5
+$as_echo_n "checking for $2... " >&6; }
+if eval \${$3+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+#include <$2>
+_ACEOF
+if ac_fn_c_try_compile "1602"; then :
+ eval "$3=yes"
+else
+ eval "$3=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+eval ac_res=\$$3
+ { $as_echo "$as_me:${as_lineno-1610}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+ eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+
+} # ac_fn_c_check_header_compile
+
+# ac_fn_c_try_cpp LINENO
+# ----------------------
+# Try to preprocess conftest.$ac_ext, and return whether this succeeded.
+ac_fn_c_try_cpp ()
+{
+ as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ if { { ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-1627}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err
+ ac_status=$?
+ if test -s conftest.err; then
+ grep -v '^ *+' conftest.err >conftest.er1
+ cat conftest.er1 >&5
+ mv -f conftest.er1 conftest.err
+ fi
+ $as_echo "$as_me:${as_lineno-1636}: \$? = $ac_status" >&5
+ test $ac_status = 0; } > conftest.i && {
+ test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ }; then :
+ ac_retval=0
+else
+ $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_retval=1
+fi
+ eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+ as_fn_set_status $ac_retval
+
+} # ac_fn_c_try_cpp
+
+# ac_fn_c_try_run LINENO
+# ----------------------
+# Try to link conftest.$ac_ext, and return whether this succeeded. Assumes
+# that executables *can* be run.
+ac_fn_c_try_run ()
+{
+ as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ if { { ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-1665}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+ (eval "$ac_link") 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-1669}: \$? = $ac_status" >&5
+ test $ac_status = 0; } && { ac_try='./conftest$ac_exeext'
+ { { case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-1675}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+ (eval "$ac_try") 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-1679}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; }; then :
+ ac_retval=0
+else
+ $as_echo "$as_me: program exited with status $ac_status" >&5
+ $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_retval=$ac_status
+fi
+ rm -rf conftest.dSYM conftest_ipa8_conftest.oo
+ eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+ as_fn_set_status $ac_retval
+
+} # ac_fn_c_try_run
+
+# ac_fn_c_check_func LINENO FUNC VAR
+# ----------------------------------
+# Tests whether FUNC exists, setting the cache variable VAR accordingly
+ac_fn_c_check_func ()
+{
+ as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ { $as_echo "$as_me:${as_lineno-1701}: checking for $2" >&5
+$as_echo_n "checking for $2... " >&6; }
+if eval \${$3+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+/* Define $2 to an innocuous variant, in case <limits.h> declares $2.
+ For example, HP-UX 11i <limits.h> declares gettimeofday. */
+#define $2 innocuous_$2
+
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $2 (); below.
+ Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+ <limits.h> exists even on freestanding compilers. */
+
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+
+#undef $2
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char $2 ();
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined __stub_$2 || defined __stub___$2
+choke me
+#endif
+
+int
+main ()
+{
+return $2 ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "1747"; then :
+ eval "$3=yes"
+else
+ eval "$3=no"
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+fi
+eval ac_res=\$$3
+ { $as_echo "$as_me:${as_lineno-1756}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+ eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+
+} # ac_fn_c_check_func
+
+# ac_fn_c_check_type LINENO TYPE VAR INCLUDES
+# -------------------------------------------
+# Tests whether TYPE exists after having included INCLUDES, setting cache
+# variable VAR accordingly.
+ac_fn_c_check_type ()
+{
+ as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ { $as_echo "$as_me:${as_lineno-1769}: checking for $2" >&5
+$as_echo_n "checking for $2... " >&6; }
+if eval \${$3+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ eval "$3=no"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+int
+main ()
+{
+if (sizeof ($2))
+ return 0;
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "1787"; then :
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+int
+main ()
+{
+if (sizeof (($2)))
+ return 0;
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "1800"; then :
+
+else
+ eval "$3=yes"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+eval ac_res=\$$3
+ { $as_echo "$as_me:${as_lineno-1810}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+ eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+
+} # ac_fn_c_check_type
+
+# ac_fn_c_check_header_mongrel LINENO HEADER VAR INCLUDES
+# -------------------------------------------------------
+# Tests whether HEADER exists, giving a warning if it cannot be compiled using
+# the include files in INCLUDES and setting the cache variable VAR
+# accordingly.
+ac_fn_c_check_header_mongrel ()
+{
+ as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ if eval \${$3+:} false; then :
+ { $as_echo "$as_me:${as_lineno-1825}: checking for $2" >&5
+$as_echo_n "checking for $2... " >&6; }
+if eval \${$3+:} false; then :
+ $as_echo_n "(cached) " >&6
+fi
+eval ac_res=\$$3
+ { $as_echo "$as_me:${as_lineno-1831}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+else
+ # Is the header compilable?
+{ $as_echo "$as_me:${as_lineno-1835}: checking $2 usability" >&5
+$as_echo_n "checking $2 usability... " >&6; }
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+#include <$2>
+_ACEOF
+if ac_fn_c_try_compile "1842"; then :
+ ac_header_compiler=yes
+else
+ ac_header_compiler=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+{ $as_echo "$as_me:${as_lineno-1848}: result: $ac_header_compiler" >&5
+$as_echo "$ac_header_compiler" >&6; }
+
+# Is the header present?
+{ $as_echo "$as_me:${as_lineno-1852}: checking $2 presence" >&5
+$as_echo_n "checking $2 presence... " >&6; }
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <$2>
+_ACEOF
+if ac_fn_c_try_cpp "1858"; then :
+ ac_header_preproc=yes
+else
+ ac_header_preproc=no
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+{ $as_echo "$as_me:${as_lineno-1864}: result: $ac_header_preproc" >&5
+$as_echo "$ac_header_preproc" >&6; }
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in #((
+ yes:no: )
+ { $as_echo "$as_me:${as_lineno-1870}: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&5
+$as_echo "$as_me: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { $as_echo "$as_me:${as_lineno-1872}: WARNING: $2: proceeding with the compiler's result" >&5
+$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;}
+ ;;
+ no:yes:* )
+ { $as_echo "$as_me:${as_lineno-1876}: WARNING: $2: present but cannot be compiled" >&5
+$as_echo "$as_me: WARNING: $2: present but cannot be compiled" >&2;}
+ { $as_echo "$as_me:${as_lineno-1878}: WARNING: $2: check for missing prerequisite headers?" >&5
+$as_echo "$as_me: WARNING: $2: check for missing prerequisite headers?" >&2;}
+ { $as_echo "$as_me:${as_lineno-1880}: WARNING: $2: see the Autoconf documentation" >&5
+$as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;}
+ { $as_echo "$as_me:${as_lineno-1882}: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&5
+$as_echo "$as_me: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&2;}
+ { $as_echo "$as_me:${as_lineno-1884}: WARNING: $2: proceeding with the compiler's result" >&5
+$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;}
+( $as_echo "## ------------------------------------ ##
+## Report this to blynn@cs.stanford.edu ##
+## ------------------------------------ ##"
+ ) | sed "s/^/$as_me: WARNING: /" >&2
+ ;;
+esac
+ { $as_echo "$as_me:${as_lineno-1892}: checking for $2" >&5
+$as_echo_n "checking for $2... " >&6; }
+if eval \${$3+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ eval "$3=\$ac_header_compiler"
+fi
+eval ac_res=\$$3
+ { $as_echo "$as_me:${as_lineno-1900}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+fi
+ eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+
+} # ac_fn_c_check_header_mongrel
+cat >config.log <<_ACEOF
+This file contains any messages produced by compilers while
+running configure, to aid debugging if configure makes a mistake.
+
+It was created by pbc $as_me 0.5.14, which was
+generated by GNU Autoconf 2.68. Invocation command line was
+
+ $ $0 $@
+
+_ACEOF
+exec 5>>config.log
+{
+cat <<_ASUNAME
+## --------- ##
+## Platform. ##
+## --------- ##
+
+hostname = `(hostname || uname -n) 2>/dev/null | sed 1q`
+uname -m = `(uname -m) 2>/dev/null || echo unknown`
+uname -r = `(uname -r) 2>/dev/null || echo unknown`
+uname -s = `(uname -s) 2>/dev/null || echo unknown`
+uname -v = `(uname -v) 2>/dev/null || echo unknown`
+
+/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown`
+/bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown`
+
+/bin/arch = `(/bin/arch) 2>/dev/null || echo unknown`
+/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown`
+/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown`
+/usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown`
+/bin/machine = `(/bin/machine) 2>/dev/null || echo unknown`
+/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown`
+/bin/universe = `(/bin/universe) 2>/dev/null || echo unknown`
+
+_ASUNAME
+
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ $as_echo "PATH: $as_dir"
+ done
+IFS=$as_save_IFS
+
+} >&5
+
+cat >&5 <<_ACEOF
+
+
+## ----------- ##
+## Core tests. ##
+## ----------- ##
+
+_ACEOF
+
+
+# Keep a trace of the command line.
+# Strip out --no-create and --no-recursion so they do not pile up.
+# Strip out --silent because we don't want to record it for future runs.
+# Also quote any args containing shell meta-characters.
+# Make two passes to allow for proper duplicate-argument suppression.
+ac_configure_args=
+ac_configure_args0=
+ac_configure_args1=
+ac_must_keep_next=false
+for ac_pass in 1 2
+do
+ for ac_arg
+ do
+ case $ac_arg in
+ -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;;
+ -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+ | -silent | --silent | --silen | --sile | --sil)
+ continue ;;
+ *\'*)
+ ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;;
+ esac
+ case $ac_pass in
+ 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;;
+ 2)
+ as_fn_append ac_configure_args1 " '$ac_arg'"
+ if test $ac_must_keep_next = true; then
+ ac_must_keep_next=false # Got value, back to normal.
+ else
+ case $ac_arg in
+ *=* | --config-cache | -C | -disable-* | --disable-* \
+ | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \
+ | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \
+ | -with-* | --with-* | -without-* | --without-* | --x)
+ case "$ac_configure_args0 " in
+ "$ac_configure_args1"*" '$ac_arg' "* ) continue ;;
+ esac
+ ;;
+ -* ) ac_must_keep_next=true ;;
+ esac
+ fi
+ as_fn_append ac_configure_args " '$ac_arg'"
+ ;;
+ esac
+ done
+done
+{ ac_configure_args0=; unset ac_configure_args0;}
+{ ac_configure_args1=; unset ac_configure_args1;}
+
+# When interrupted or exit'd, cleanup temporary files, and complete
+# config.log. We remove comments because anyway the quotes in there
+# would cause problems or look ugly.
+# WARNING: Use '\'' to represent an apostrophe within the trap.
+# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug.
+trap 'exit_status=$?
+ # Save into config.log some information that might help in debugging.
+ {
+ echo
+
+ $as_echo "## ---------------- ##
+## Cache variables. ##
+## ---------------- ##"
+ echo
+ # The following way of writing the cache mishandles newlines in values,
+(
+ for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do
+ eval ac_val=\$$ac_var
+ case $ac_val in #(
+ *${as_nl}*)
+ case $ac_var in #(
+ *_cv_*) { $as_echo "$as_me:${as_lineno-2032}: WARNING: cache variable $ac_var contains a newline" >&5
+$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;;
+ esac
+ case $ac_var in #(
+ _ | IFS | as_nl) ;; #(
+ BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #(
+ *) { eval $ac_var=; unset $ac_var;} ;;
+ esac ;;
+ esac
+ done
+ (set) 2>&1 |
+ case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #(
+ *${as_nl}ac_space=\ *)
+ sed -n \
+ "s/'\''/'\''\\\\'\'''\''/g;
+ s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p"
+ ;; #(
+ *)
+ sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p"
+ ;;
+ esac |
+ sort
+)
+ echo
+
+ $as_echo "## ----------------- ##
+## Output variables. ##
+## ----------------- ##"
+ echo
+ for ac_var in $ac_subst_vars
+ do
+ eval ac_val=\$$ac_var
+ case $ac_val in
+ *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
+ esac
+ $as_echo "$ac_var='\''$ac_val'\''"
+ done | sort
+ echo
+
+ if test -n "$ac_subst_files"; then
+ $as_echo "## ------------------- ##
+## File substitutions. ##
+## ------------------- ##"
+ echo
+ for ac_var in $ac_subst_files
+ do
+ eval ac_val=\$$ac_var
+ case $ac_val in
+ *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
+ esac
+ $as_echo "$ac_var='\''$ac_val'\''"
+ done | sort
+ echo
+ fi
+
+ if test -s confdefs.h; then
+ $as_echo "## ----------- ##
+## confdefs.h. ##
+## ----------- ##"
+ echo
+ cat confdefs.h
+ echo
+ fi
+ test "$ac_signal" != 0 &&
+ $as_echo "$as_me: caught signal $ac_signal"
+ $as_echo "$as_me: exit $exit_status"
+ } >&5
+ rm -f core *.core core.conftest.* &&
+ rm -f -r conftest* confdefs* conf$$* $ac_clean_files &&
+ exit $exit_status
+' 0
+for ac_signal in 1 2 13 15; do
+ trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal
+done
+ac_signal=0
+
+# confdefs.h avoids OS command line length limits that DEFS can exceed.
+rm -f -r conftest* confdefs.h
+
+$as_echo "/* confdefs.h */" > confdefs.h
+
+# Predefined preprocessor variables.
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_NAME "$PACKAGE_NAME"
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_TARNAME "$PACKAGE_TARNAME"
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_VERSION "$PACKAGE_VERSION"
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_STRING "$PACKAGE_STRING"
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT"
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_URL "$PACKAGE_URL"
+_ACEOF
+
+
+# Let the site file select an alternate cache file if it wants to.
+# Prefer an explicitly selected file to automatically selected ones.
+ac_site_file1=NONE
+ac_site_file2=NONE
+if test -n "$CONFIG_SITE"; then
+ # We do not want a PATH search for config.site.
+ case $CONFIG_SITE in #((
+ -*) ac_site_file1=./$CONFIG_SITE;;
+ */*) ac_site_file1=$CONFIG_SITE;;
+ *) ac_site_file1=./$CONFIG_SITE;;
+ esac
+elif test "x$prefix" != xNONE; then
+ ac_site_file1=$prefix/share/config.site
+ ac_site_file2=$prefix/etc/config.site
+else
+ ac_site_file1=$ac_default_prefix/share/config.site
+ ac_site_file2=$ac_default_prefix/etc/config.site
+fi
+for ac_site_file in "$ac_site_file1" "$ac_site_file2"
+do
+ test "x$ac_site_file" = xNONE && continue
+ if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then
+ { $as_echo "$as_me:${as_lineno-2162}: loading site script $ac_site_file" >&5
+$as_echo "$as_me: loading site script $ac_site_file" >&6;}
+ sed 's/^/| /' "$ac_site_file" >&5
+ . "$ac_site_file" \
+ || { { $as_echo "$as_me:${as_lineno-2166}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "failed to load site script $ac_site_file
+See \`config.log' for more details" "2169" 5; }
+ fi
+done
+
+if test -r "$cache_file"; then
+ # Some versions of bash will fail to source /dev/null (special files
+ # actually), so we avoid doing that. DJGPP emulates it as a regular file.
+ if test /dev/null != "$cache_file" && test -f "$cache_file"; then
+ { $as_echo "$as_me:${as_lineno-2177}: loading cache $cache_file" >&5
+$as_echo "$as_me: loading cache $cache_file" >&6;}
+ case $cache_file in
+ [\\/]* | ?:[\\/]* ) . "$cache_file";;
+ *) . "./$cache_file";;
+ esac
+ fi
+else
+ { $as_echo "$as_me:${as_lineno-2185}: creating cache $cache_file" >&5
+$as_echo "$as_me: creating cache $cache_file" >&6;}
+ >$cache_file
+fi
+
+# Check that the precious variables saved in the cache have kept the same
+# value.
+ac_cache_corrupted=false
+for ac_var in $ac_precious_vars; do
+ eval ac_old_set=\$ac_cv_env_${ac_var}_set
+ eval ac_new_set=\$ac_env_${ac_var}_set
+ eval ac_old_val=\$ac_cv_env_${ac_var}_value
+ eval ac_new_val=\$ac_env_${ac_var}_value
+ case $ac_old_set,$ac_new_set in
+ set,)
+ { $as_echo "$as_me:${as_lineno-2200}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5
+$as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;}
+ ac_cache_corrupted=: ;;
+ ,set)
+ { $as_echo "$as_me:${as_lineno-2204}: error: \`$ac_var' was not set in the previous run" >&5
+$as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;}
+ ac_cache_corrupted=: ;;
+ ,);;
+ *)
+ if test "x$ac_old_val" != "x$ac_new_val"; then
+ # differences in whitespace do not lead to failure.
+ ac_old_val_w=`echo x $ac_old_val`
+ ac_new_val_w=`echo x $ac_new_val`
+ if test "$ac_old_val_w" != "$ac_new_val_w"; then
+ { $as_echo "$as_me:${as_lineno-2214}: error: \`$ac_var' has changed since the previous run:" >&5
+$as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;}
+ ac_cache_corrupted=:
+ else
+ { $as_echo "$as_me:${as_lineno-2218}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5
+$as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;}
+ eval $ac_var=\$ac_old_val
+ fi
+ { $as_echo "$as_me:${as_lineno-2222}: former value: \`$ac_old_val'" >&5
+$as_echo "$as_me: former value: \`$ac_old_val'" >&2;}
+ { $as_echo "$as_me:${as_lineno-2224}: current value: \`$ac_new_val'" >&5
+$as_echo "$as_me: current value: \`$ac_new_val'" >&2;}
+ fi;;
+ esac
+ # Pass precious variables to config.status.
+ if test "$ac_new_set" = set; then
+ case $ac_new_val in
+ *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;;
+ *) ac_arg=$ac_var=$ac_new_val ;;
+ esac
+ case " $ac_configure_args " in
+ *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy.
+ *) as_fn_append ac_configure_args " '$ac_arg'" ;;
+ esac
+ fi
+done
+if $ac_cache_corrupted; then
+ { $as_echo "$as_me:${as_lineno-2241}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+ { $as_echo "$as_me:${as_lineno-2243}: error: changes in the environment can compromise the build" >&5
+$as_echo "$as_me: error: changes in the environment can compromise the build" >&2;}
+ as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "2245" 5
+fi
+## -------------------- ##
+## Main body of script. ##
+## -------------------- ##
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+am__api_version='1.11'
+
+ac_aux_dir=
+for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do
+ if test -f "$ac_dir/install-sh"; then
+ ac_aux_dir=$ac_dir
+ ac_install_sh="$ac_aux_dir/install-sh -c"
+ break
+ elif test -f "$ac_dir/install.sh"; then
+ ac_aux_dir=$ac_dir
+ ac_install_sh="$ac_aux_dir/install.sh -c"
+ break
+ elif test -f "$ac_dir/shtool"; then
+ ac_aux_dir=$ac_dir
+ ac_install_sh="$ac_aux_dir/shtool install -c"
+ break
+ fi
+done
+if test -z "$ac_aux_dir"; then
+ as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "2277" 5
+fi
+
+# These three variables are undocumented and unsupported,
+# and are intended to be withdrawn in a future Autoconf release.
+# They can cause serious problems if a builder's source tree is in a directory
+# whose full name contains unusual characters.
+ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var.
+ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var.
+ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var.
+
+
+# Find a good install program. We prefer a C program (faster),
+# so one script is as good as another. But avoid the broken or
+# incompatible versions:
+# SysV /etc/install, /usr/sbin/install
+# SunOS /usr/etc/install
+# IRIX /sbin/install
+# AIX /bin/install
+# AmigaOS /C/install, which installs bootblocks on floppy discs
+# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag
+# AFS /usr/afsws/bin/install, which mishandles nonexistent args
+# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff"
+# OS/2's system install, which has a completely different semantic
+# ./install, which can be erroneously created by make from ./install.sh.
+# Reject install programs that cannot install multiple files.
+{ $as_echo "$as_me:${as_lineno-2303}: checking for a BSD-compatible install" >&5
+$as_echo_n "checking for a BSD-compatible install... " >&6; }
+if test -z "$INSTALL"; then
+if ${ac_cv_path_install+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ # Account for people who put trailing slashes in PATH elements.
+case $as_dir/ in #((
+ ./ | .// | /[cC]/* | \
+ /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \
+ ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \
+ /usr/ucb/* ) ;;
+ *)
+ # OSF1 and SCO ODT 3.0 have their own names for install.
+ # Don't use installbsd from OSF since it installs stuff as root
+ # by default.
+ for ac_prog in ginstall scoinst install; do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; }; then
+ if test $ac_prog = install &&
+ grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then
+ # AIX install. It has an incompatible calling convention.
+ :
+ elif test $ac_prog = install &&
+ grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then
+ # program-specific install script used by HP pwplus--don't use.
+ :
+ else
+ rm -rf conftest.one conftest.two conftest.dir
+ echo one > conftest.one
+ echo two > conftest.two
+ mkdir conftest.dir
+ if "$as_dir/$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir" &&
+ test -s conftest.one && test -s conftest.two &&
+ test -s conftest.dir/conftest.one &&
+ test -s conftest.dir/conftest.two
+ then
+ ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c"
+ break 3
+ fi
+ fi
+ fi
+ done
+ done
+ ;;
+esac
+
+ done
+IFS=$as_save_IFS
+
+rm -rf conftest.one conftest.two conftest.dir
+
+fi
+ if test "${ac_cv_path_install+set}" = set; then
+ INSTALL=$ac_cv_path_install
+ else
+ # As a last resort, use the slow shell script. Don't cache a
+ # value for INSTALL within a source directory, because that will
+ # break other packages using the cache if that directory is
+ # removed, or if the value is a relative name.
+ INSTALL=$ac_install_sh
+ fi
+fi
+{ $as_echo "$as_me:${as_lineno-2371}: result: $INSTALL" >&5
+$as_echo "$INSTALL" >&6; }
+
+# Use test -z because SunOS4 sh mishandles braces in ${var-val}.
+# It thinks the first close brace ends the variable substitution.
+test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}'
+
+test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}'
+
+test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644'
+
+{ $as_echo "$as_me:${as_lineno-2382}: checking whether build environment is sane" >&5
+$as_echo_n "checking whether build environment is sane... " >&6; }
+# Just in case
+sleep 1
+echo timestamp > conftest.file
+# Reject unsafe characters in $srcdir or the absolute working directory
+# name. Accept space and tab only in the latter.
+am_lf='
+'
+case `pwd` in
+ *[\\\"\#\$\&\'\`$am_lf]*)
+ as_fn_error $? "unsafe absolute working directory name" "2393" 5;;
+esac
+case $srcdir in
+ *[\\\"\#\$\&\'\`$am_lf\ \ ]*)
+ as_fn_error $? "unsafe srcdir value: \`$srcdir'" "2397" 5;;
+esac
+
+# Do `set' in a subshell so we don't clobber the current shell's
+# arguments. Must try -L first in case configure is actually a
+# symlink; some systems play weird games with the mod time of symlinks
+# (eg FreeBSD returns the mod time of the symlink's containing
+# directory).
+if (
+ set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null`
+ if test "$*" = "X"; then
+ # -L didn't work.
+ set X `ls -t "$srcdir/configure" conftest.file`
+ fi
+ rm -f conftest.file
+ if test "$*" != "X $srcdir/configure conftest.file" \
+ && test "$*" != "X conftest.file $srcdir/configure"; then
+
+ # If neither matched, then we have a broken ls. This can happen
+ # if, for instance, CONFIG_SHELL is bash and it inherits a
+ # broken ls alias from the environment. This has actually
+ # happened. Such a system could not be considered "sane".
+ as_fn_error $? "ls -t appears to fail. Make sure there is not a broken
+alias in your environment" "2420" 5
+ fi
+
+ test "$2" = conftest.file
+ )
+then
+ # Ok.
+ :
+else
+ as_fn_error $? "newly created file is older than distributed files!
+Check your system clock" "2430" 5
+fi
+{ $as_echo "$as_me:${as_lineno-2432}: result: yes" >&5
+$as_echo "yes" >&6; }
+test "$program_prefix" != NONE &&
+ program_transform_name="s&^&$program_prefix&;$program_transform_name"
+# Use a double $ so make ignores it.
+test "$program_suffix" != NONE &&
+ program_transform_name="s&\$&$program_suffix&;$program_transform_name"
+# Double any \ or $.
+# By default was `s,x,x', remove it if useless.
+ac_script='s/[\\$]/&&/g;s/;s,x,x,$//'
+program_transform_name=`$as_echo "$program_transform_name" | sed "$ac_script"`
+
+# expand $ac_aux_dir to an absolute path
+am_aux_dir=`cd $ac_aux_dir && pwd`
+
+if test x"${MISSING+set}" != xset; then
+ case $am_aux_dir in
+ *\ * | *\ *)
+ MISSING="\${SHELL} \"$am_aux_dir/missing\"" ;;
+ *)
+ MISSING="\${SHELL} $am_aux_dir/missing" ;;
+ esac
+fi
+# Use eval to expand $SHELL
+if eval "$MISSING --run true"; then
+ am_missing_run="$MISSING --run "
+else
+ am_missing_run=
+ { $as_echo "$as_me:${as_lineno-2460}: WARNING: \`missing' script is too old or missing" >&5
+$as_echo "$as_me: WARNING: \`missing' script is too old or missing" >&2;}
+fi
+
+if test x"${install_sh}" != xset; then
+ case $am_aux_dir in
+ *\ * | *\ *)
+ install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;;
+ *)
+ install_sh="\${SHELL} $am_aux_dir/install-sh"
+ esac
+fi
+
+# Installed binaries are usually stripped using `strip' when the user
+# run `make install-strip'. However `strip' might not be the right
+# tool to use in cross-compilation environments, therefore Automake
+# will honor the `STRIP' environment variable to overrule this program.
+if test "$cross_compiling" != no; then
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args.
+set dummy ${ac_tool_prefix}strip; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-2481}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_STRIP+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$STRIP"; then
+ ac_cv_prog_STRIP="$STRIP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_STRIP="${ac_tool_prefix}strip"
+ $as_echo "$as_me:${as_lineno-2497}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+STRIP=$ac_cv_prog_STRIP
+if test -n "$STRIP"; then
+ { $as_echo "$as_me:${as_lineno-2508}: result: $STRIP" >&5
+$as_echo "$STRIP" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-2511}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_STRIP"; then
+ ac_ct_STRIP=$STRIP
+ # Extract the first word of "strip", so it can be a program name with args.
+set dummy strip; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-2521}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_STRIP+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$ac_ct_STRIP"; then
+ ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_STRIP="strip"
+ $as_echo "$as_me:${as_lineno-2537}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP
+if test -n "$ac_ct_STRIP"; then
+ { $as_echo "$as_me:${as_lineno-2548}: result: $ac_ct_STRIP" >&5
+$as_echo "$ac_ct_STRIP" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-2551}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+ if test "x$ac_ct_STRIP" = x; then
+ STRIP=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-2560}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ STRIP=$ac_ct_STRIP
+ fi
+else
+ STRIP="$ac_cv_prog_STRIP"
+fi
+
+fi
+INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s"
+
+{ $as_echo "$as_me:${as_lineno-2573}: checking for a thread-safe mkdir -p" >&5
+$as_echo_n "checking for a thread-safe mkdir -p... " >&6; }
+if test -z "$MKDIR_P"; then
+ if ${ac_cv_path_mkdir+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH$PATH_SEPARATOR/opt/sfw/bin
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_prog in mkdir gmkdir; do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; } || continue
+ case `"$as_dir/$ac_prog$ac_exec_ext" --version 2>&1` in #(
+ 'mkdir (GNU coreutils) '* | \
+ 'mkdir (coreutils) '* | \
+ 'mkdir (fileutils) '4.1*)
+ ac_cv_path_mkdir=$as_dir/$ac_prog$ac_exec_ext
+ break 3;;
+ esac
+ done
+ done
+ done
+IFS=$as_save_IFS
+
+fi
+
+ test -d ./--version && rmdir ./--version
+ if test "${ac_cv_path_mkdir+set}" = set; then
+ MKDIR_P="$ac_cv_path_mkdir -p"
+ else
+ # As a last resort, use the slow shell script. Don't cache a
+ # value for MKDIR_P within a source directory, because that will
+ # break other packages using the cache if that directory is
+ # removed, or if the value is a relative name.
+ MKDIR_P="$ac_install_sh -d"
+ fi
+fi
+{ $as_echo "$as_me:${as_lineno-2612}: result: $MKDIR_P" >&5
+$as_echo "$MKDIR_P" >&6; }
+
+mkdir_p="$MKDIR_P"
+case $mkdir_p in
+ [\\/$]* | ?:[\\/]*) ;;
+ */*) mkdir_p="\$(top_builddir)/$mkdir_p" ;;
+esac
+
+for ac_prog in gawk mawk nawk awk
+do
+ # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-2625}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_AWK+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$AWK"; then
+ ac_cv_prog_AWK="$AWK" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_AWK="$ac_prog"
+ $as_echo "$as_me:${as_lineno-2641}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+AWK=$ac_cv_prog_AWK
+if test -n "$AWK"; then
+ { $as_echo "$as_me:${as_lineno-2652}: result: $AWK" >&5
+$as_echo "$AWK" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-2655}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+ test -n "$AWK" && break
+done
+
+{ $as_echo "$as_me:${as_lineno-2663}: checking whether ${MAKE-make} sets \$(MAKE)" >&5
+$as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; }
+set x ${MAKE-make}
+ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'`
+if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat >conftest.make <<\_ACEOF
+SHELL = /bin/sh
+all:
+ @echo '@@@%%%=$(MAKE)=@@@%%%'
+_ACEOF
+# GNU make sometimes prints "make[1]: Entering ...", which would confuse us.
+case `${MAKE-make} -f conftest.make 2>/dev/null` in
+ *@@@%%%=?*=@@@%%%*)
+ eval ac_cv_prog_make_${ac_make}_set=yes;;
+ *)
+ eval ac_cv_prog_make_${ac_make}_set=no;;
+esac
+rm -f conftest.make
+fi
+if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then
+ { $as_echo "$as_me:${as_lineno-2685}: result: yes" >&5
+$as_echo "yes" >&6; }
+ SET_MAKE=
+else
+ { $as_echo "$as_me:${as_lineno-2689}: result: no" >&5
+$as_echo "no" >&6; }
+ SET_MAKE="MAKE=${MAKE-make}"
+fi
+
+rm -rf .tst 2>/dev/null
+mkdir .tst 2>/dev/null
+if test -d .tst; then
+ am__leading_dot=.
+else
+ am__leading_dot=_
+fi
+rmdir .tst 2>/dev/null
+
+if test "`cd $srcdir && pwd`" != "`pwd`"; then
+ # Use -I$(srcdir) only when $(srcdir) != ., so that make's output
+ # is not polluted with repeated "-I."
+ am__isrc=' -I$(srcdir)'
+ # test to see if srcdir already configured
+ if test -f $srcdir/config.status; then
+ as_fn_error $? "source directory already configured; run \"make distclean\" there first" "2709" 5
+ fi
+fi
+
+# test whether we have cygpath
+if test -z "$CYGPATH_W"; then
+ if (cygpath --version) >/dev/null 2>/dev/null; then
+ CYGPATH_W='cygpath -w'
+ else
+ CYGPATH_W=echo
+ fi
+fi
+
+
+# Define the identity of the package.
+ PACKAGE='pbc'
+ VERSION='0.5.14'
+
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE "$PACKAGE"
+_ACEOF
+
+
+cat >>confdefs.h <<_ACEOF
+#define VERSION "$VERSION"
+_ACEOF
+
+# Some tools Automake needs.
+
+ACLOCAL=${ACLOCAL-"${am_missing_run}aclocal-${am__api_version}"}
+
+
+AUTOCONF=${AUTOCONF-"${am_missing_run}autoconf"}
+
+
+AUTOMAKE=${AUTOMAKE-"${am_missing_run}automake-${am__api_version}"}
+
+
+AUTOHEADER=${AUTOHEADER-"${am_missing_run}autoheader"}
+
+
+MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"}
+
+# We need awk for the "check" target. The system "awk" is bad on
+# some platforms.
+# Always define AMTAR for backward compatibility. Yes, it's still used
+# in the wild :-( We should find a proper way to deprecate it ...
+AMTAR='$${TAR-tar}'
+
+am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -'
+
+
+
+
+
+ac_config_headers="$ac_config_headers config.h"
+
+
+
+case `pwd` in
+ *\ * | *\ *)
+ { $as_echo "$as_me:${as_lineno-2771}: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&5
+$as_echo "$as_me: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&2;} ;;
+esac
+
+
+
+macro_version='2.4.2'
+macro_revision='1.3337'
+
+
+
+
+
+
+
+
+
+
+
+
+
+ltmain="$ac_aux_dir/ltmain.sh"
+
+# Make sure we can run config.sub.
+$SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 ||
+ as_fn_error $? "cannot run $SHELL $ac_aux_dir/config.sub" "2796" 5
+
+{ $as_echo "$as_me:${as_lineno-2798}: checking build system type" >&5
+$as_echo_n "checking build system type... " >&6; }
+if ${ac_cv_build+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_build_alias=$build_alias
+test "x$ac_build_alias" = x &&
+ ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"`
+test "x$ac_build_alias" = x &&
+ as_fn_error $? "cannot guess build type; you must specify one" "2807" 5
+ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` ||
+ as_fn_error $? "$SHELL $ac_aux_dir/config.sub $ac_build_alias failed" "2809" 5
+
+fi
+{ $as_echo "$as_me:${as_lineno-2812}: result: $ac_cv_build" >&5
+$as_echo "$ac_cv_build" >&6; }
+case $ac_cv_build in
+*-*-*) ;;
+*) as_fn_error $? "invalid value of canonical build" "2816" 5;;
+esac
+build=$ac_cv_build
+ac_save_IFS=$IFS; IFS='-'
+set x $ac_cv_build
+shift
+build_cpu=$1
+build_vendor=$2
+shift; shift
+# Remember, the first character of IFS is used to create $*,
+# except with old shells:
+build_os=$*
+IFS=$ac_save_IFS
+case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac
+
+
+{ $as_echo "$as_me:${as_lineno-2832}: checking host system type" >&5
+$as_echo_n "checking host system type... " >&6; }
+if ${ac_cv_host+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test "x$host_alias" = x; then
+ ac_cv_host=$ac_cv_build
+else
+ ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` ||
+ as_fn_error $? "$SHELL $ac_aux_dir/config.sub $host_alias failed" "2841" 5
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-2845}: result: $ac_cv_host" >&5
+$as_echo "$ac_cv_host" >&6; }
+case $ac_cv_host in
+*-*-*) ;;
+*) as_fn_error $? "invalid value of canonical host" "2849" 5;;
+esac
+host=$ac_cv_host
+ac_save_IFS=$IFS; IFS='-'
+set x $ac_cv_host
+shift
+host_cpu=$1
+host_vendor=$2
+shift; shift
+# Remember, the first character of IFS is used to create $*,
+# except with old shells:
+host_os=$*
+IFS=$ac_save_IFS
+case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac
+
+
+# Backslashify metacharacters that are still active within
+# double-quoted strings.
+sed_quote_subst='s/\(["`$\\]\)/\\\1/g'
+
+# Same as above, but do not quote variable references.
+double_quote_subst='s/\(["`\\]\)/\\\1/g'
+
+# Sed substitution to delay expansion of an escaped shell variable in a
+# double_quote_subst'ed string.
+delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g'
+
+# Sed substitution to delay expansion of an escaped single quote.
+delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g'
+
+# Sed substitution to avoid accidental globbing in evaled expressions
+no_glob_subst='s/\*/\\\*/g'
+
+ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO
+ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO
+
+{ $as_echo "$as_me:${as_lineno-2886}: checking how to print strings" >&5
+$as_echo_n "checking how to print strings... " >&6; }
+# Test print first, because it will be a builtin if present.
+if test "X`( print -r -- -n ) 2>/dev/null`" = X-n && \
+ test "X`print -r -- $ECHO 2>/dev/null`" = "X$ECHO"; then
+ ECHO='print -r --'
+elif test "X`printf %s $ECHO 2>/dev/null`" = "X$ECHO"; then
+ ECHO='printf %s\n'
+else
+ # Use this function as a fallback that always works.
+ func_fallback_echo ()
+ {
+ eval 'cat <<_LTECHO_EOF
+$1
+_LTECHO_EOF'
+ }
+ ECHO='func_fallback_echo'
+fi
+
+# func_echo_all arg...
+# Invoke $ECHO with all args, space-separated.
+func_echo_all ()
+{
+ $ECHO ""
+}
+
+case "$ECHO" in
+ printf*) { $as_echo "$as_me:${as_lineno-2913}: result: printf" >&5
+$as_echo "printf" >&6; } ;;
+ print*) { $as_echo "$as_me:${as_lineno-2915}: result: print -r" >&5
+$as_echo "print -r" >&6; } ;;
+ *) { $as_echo "$as_me:${as_lineno-2917}: result: cat" >&5
+$as_echo "cat" >&6; } ;;
+esac
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+DEPDIR="${am__leading_dot}deps"
+
+ac_config_commands="$ac_config_commands depfiles"
+
+
+am_make=${MAKE-make}
+cat > confinc << 'END'
+am__doit:
+ @echo this is the am__doit target
+.PHONY: am__doit
+END
+# If we don't find an include directive, just comment out the code.
+{ $as_echo "$as_me:${as_lineno-2946}: checking for style of include used by $am_make" >&5
+$as_echo_n "checking for style of include used by $am_make... " >&6; }
+am__include="#"
+am__quote=
+_am_result=none
+# First try GNU make style include.
+echo "include confinc" > confmf
+# Ignore all kinds of additional output from `make'.
+case `$am_make -s -f confmf 2> /dev/null` in #(
+*the\ am__doit\ target*)
+ am__include=include
+ am__quote=
+ _am_result=GNU
+ ;;
+esac
+# Now try BSD make style include.
+if test "$am__include" = "#"; then
+ echo '.include "confinc"' > confmf
+ case `$am_make -s -f confmf 2> /dev/null` in #(
+ *the\ am__doit\ target*)
+ am__include=.include
+ am__quote="\""
+ _am_result=BSD
+ ;;
+ esac
+fi
+
+
+{ $as_echo "$as_me:${as_lineno-2974}: result: $_am_result" >&5
+$as_echo "$_am_result" >&6; }
+rm -f confinc confmf
+
+# Check whether --enable-dependency-tracking was given.
+if test "${enable_dependency_tracking+set}" = set; then :
+ enableval=$enable_dependency_tracking;
+fi
+
+if test "x$enable_dependency_tracking" != xno; then
+ am_depcomp="$ac_aux_dir/depcomp"
+ AMDEPBACKSLASH='\'
+ am__nodep='_no'
+fi
+ if test "x$enable_dependency_tracking" != xno; then
+ AMDEP_TRUE=
+ AMDEP_FALSE='#'
+else
+ AMDEP_TRUE='#'
+ AMDEP_FALSE=
+fi
+
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args.
+set dummy ${ac_tool_prefix}gcc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-3005}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$CC"; then
+ ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_CC="${ac_tool_prefix}gcc"
+ $as_echo "$as_me:${as_lineno-3021}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+ { $as_echo "$as_me:${as_lineno-3032}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-3035}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_CC"; then
+ ac_ct_CC=$CC
+ # Extract the first word of "gcc", so it can be a program name with args.
+set dummy gcc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-3045}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_CC+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$ac_ct_CC"; then
+ ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_CC="gcc"
+ $as_echo "$as_me:${as_lineno-3061}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_CC=$ac_cv_prog_ac_ct_CC
+if test -n "$ac_ct_CC"; then
+ { $as_echo "$as_me:${as_lineno-3072}: result: $ac_ct_CC" >&5
+$as_echo "$ac_ct_CC" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-3075}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+ if test "x$ac_ct_CC" = x; then
+ CC=""
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-3084}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ CC=$ac_ct_CC
+ fi
+else
+ CC="$ac_cv_prog_CC"
+fi
+
+if test -z "$CC"; then
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args.
+set dummy ${ac_tool_prefix}cc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-3098}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$CC"; then
+ ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_CC="${ac_tool_prefix}cc"
+ $as_echo "$as_me:${as_lineno-3114}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+ { $as_echo "$as_me:${as_lineno-3125}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-3128}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+ fi
+fi
+if test -z "$CC"; then
+ # Extract the first word of "cc", so it can be a program name with args.
+set dummy cc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-3138}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$CC"; then
+ ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+ ac_prog_rejected=no
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then
+ ac_prog_rejected=yes
+ continue
+ fi
+ ac_cv_prog_CC="cc"
+ $as_echo "$as_me:${as_lineno-3159}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+if test $ac_prog_rejected = yes; then
+ # We found a bogon in the path, so make sure we never use it.
+ set dummy $ac_cv_prog_CC
+ shift
+ if test $# != 0; then
+ # We chose a different compiler from the bogus one.
+ # However, it has the same basename, so the bogon will be chosen
+ # first if we set CC to just the basename; use the full file name.
+ shift
+ ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@"
+ fi
+fi
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+ { $as_echo "$as_me:${as_lineno-3182}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-3185}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$CC"; then
+ if test -n "$ac_tool_prefix"; then
+ for ac_prog in cl.exe
+ do
+ # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
+set dummy $ac_tool_prefix$ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-3197}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$CC"; then
+ ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_CC="$ac_tool_prefix$ac_prog"
+ $as_echo "$as_me:${as_lineno-3213}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+ { $as_echo "$as_me:${as_lineno-3224}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-3227}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+ test -n "$CC" && break
+ done
+fi
+if test -z "$CC"; then
+ ac_ct_CC=$CC
+ for ac_prog in cl.exe
+do
+ # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-3241}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_CC+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$ac_ct_CC"; then
+ ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_CC="$ac_prog"
+ $as_echo "$as_me:${as_lineno-3257}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_CC=$ac_cv_prog_ac_ct_CC
+if test -n "$ac_ct_CC"; then
+ { $as_echo "$as_me:${as_lineno-3268}: result: $ac_ct_CC" >&5
+$as_echo "$ac_ct_CC" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-3271}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+ test -n "$ac_ct_CC" && break
+done
+
+ if test "x$ac_ct_CC" = x; then
+ CC=""
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-3284}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ CC=$ac_ct_CC
+ fi
+fi
+
+fi
+
+
+test -z "$CC" && { { $as_echo "$as_me:${as_lineno-3295}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "no acceptable C compiler found in \$PATH
+See \`config.log' for more details" "3298" 5; }
+
+# Provide some information about the compiler.
+$as_echo "$as_me:${as_lineno-3301}: checking for C compiler version" >&5
+set X $ac_compile
+ac_compiler=$2
+for ac_option in --version -v -V -qversion; do
+ { { ac_try="$ac_compiler $ac_option >&5"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-3310}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+ (eval "$ac_compiler $ac_option >&5") 2>conftest.err
+ ac_status=$?
+ if test -s conftest.err; then
+ sed '10a\
+... rest of stderr output deleted ...
+ 10q' conftest.err >conftest.er1
+ cat conftest.er1 >&5
+ fi
+ rm -f conftest.er1 conftest.err
+ $as_echo "$as_me:${as_lineno-3321}: \$? = $ac_status" >&5
+ test $ac_status = 0; }
+done
+
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+ac_clean_files_save=$ac_clean_files
+ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out"
+# Try to create an executable without -o first, disregard a.out.
+# It will help us diagnose broken compilers, and finding out an intuition
+# of exeext.
+{ $as_echo "$as_me:${as_lineno-3341}: checking whether the C compiler works" >&5
+$as_echo_n "checking whether the C compiler works... " >&6; }
+ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'`
+
+# The possible output files:
+ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*"
+
+ac_rmfiles=
+for ac_file in $ac_files
+do
+ case $ac_file in
+ *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;;
+ * ) ac_rmfiles="$ac_rmfiles $ac_file";;
+ esac
+done
+rm -f $ac_rmfiles
+
+if { { ac_try="$ac_link_default"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-3363}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+ (eval "$ac_link_default") 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-3367}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then :
+ # Autoconf-2.13 could set the ac_cv_exeext variable to `no'.
+# So ignore a value of `no', otherwise this would lead to `EXEEXT = no'
+# in a Makefile. We should not override ac_cv_exeext if it was cached,
+# so that the user can short-circuit this test for compilers unknown to
+# Autoconf.
+for ac_file in $ac_files ''
+do
+ test -f "$ac_file" || continue
+ case $ac_file in
+ *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj )
+ ;;
+ [ab].out )
+ # We found the default executable, but exeext='' is most
+ # certainly right.
+ break;;
+ *.* )
+ if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no;
+ then :; else
+ ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
+ fi
+ # We set ac_cv_exeext here because the later test for it is not
+ # safe: cross compilers may not add the suffix if given an `-o'
+ # argument, so we may need to know it at that point already.
+ # Even if this section looks crufty: it has the advantage of
+ # actually working.
+ break;;
+ * )
+ break;;
+ esac
+done
+test "$ac_cv_exeext" = no && ac_cv_exeext=
+
+else
+ ac_file=''
+fi
+if test -z "$ac_file"; then :
+ { $as_echo "$as_me:${as_lineno-3405}: result: no" >&5
+$as_echo "no" >&6; }
+$as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+{ { $as_echo "$as_me:${as_lineno-3410}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "C compiler cannot create executables
+See \`config.log' for more details" "3413" 5; }
+else
+ { $as_echo "$as_me:${as_lineno-3415}: result: yes" >&5
+$as_echo "yes" >&6; }
+fi
+{ $as_echo "$as_me:${as_lineno-3418}: checking for C compiler default output file name" >&5
+$as_echo_n "checking for C compiler default output file name... " >&6; }
+{ $as_echo "$as_me:${as_lineno-3420}: result: $ac_file" >&5
+$as_echo "$ac_file" >&6; }
+ac_exeext=$ac_cv_exeext
+
+rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out
+ac_clean_files=$ac_clean_files_save
+{ $as_echo "$as_me:${as_lineno-3426}: checking for suffix of executables" >&5
+$as_echo_n "checking for suffix of executables... " >&6; }
+if { { ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-3433}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+ (eval "$ac_link") 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-3437}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then :
+ # If both `conftest.exe' and `conftest' are `present' (well, observable)
+# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will
+# work properly (i.e., refer to `conftest.exe'), while it won't with
+# `rm'.
+for ac_file in conftest.exe conftest conftest.*; do
+ test -f "$ac_file" || continue
+ case $ac_file in
+ *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;;
+ *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
+ break;;
+ * ) break;;
+ esac
+done
+else
+ { { $as_echo "$as_me:${as_lineno-3453}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "cannot compute suffix of executables: cannot compile and link
+See \`config.log' for more details" "3456" 5; }
+fi
+rm -f conftest conftest$ac_cv_exeext
+{ $as_echo "$as_me:${as_lineno-3459}: result: $ac_cv_exeext" >&5
+$as_echo "$ac_cv_exeext" >&6; }
+
+rm -f conftest.$ac_ext
+EXEEXT=$ac_cv_exeext
+ac_exeext=$EXEEXT
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <stdio.h>
+int
+main ()
+{
+FILE *f = fopen ("conftest.out", "w");
+ return ferror (f) || fclose (f) != 0;
+
+ ;
+ return 0;
+}
+_ACEOF
+ac_clean_files="$ac_clean_files conftest.out"
+# Check that the compiler produces executables we can run. If not, either
+# the compiler is broken, or we cross compile.
+{ $as_echo "$as_me:${as_lineno-3481}: checking whether we are cross compiling" >&5
+$as_echo_n "checking whether we are cross compiling... " >&6; }
+if test "$cross_compiling" != yes; then
+ { { ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-3489}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+ (eval "$ac_link") 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-3493}: \$? = $ac_status" >&5
+ test $ac_status = 0; }
+ if { ac_try='./conftest$ac_cv_exeext'
+ { { case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-3500}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+ (eval "$ac_try") 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-3504}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; }; then
+ cross_compiling=no
+ else
+ if test "$cross_compiling" = maybe; then
+ cross_compiling=yes
+ else
+ { { $as_echo "$as_me:${as_lineno-3511}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "cannot run C compiled programs.
+If you meant to cross compile, use \`--host'.
+See \`config.log' for more details" "3515" 5; }
+ fi
+ fi
+fi
+{ $as_echo "$as_me:${as_lineno-3519}: result: $cross_compiling" >&5
+$as_echo "$cross_compiling" >&6; }
+
+rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out
+ac_clean_files=$ac_clean_files_save
+{ $as_echo "$as_me:${as_lineno-3524}: checking for suffix of object files" >&5
+$as_echo_n "checking for suffix of object files... " >&6; }
+if ${ac_cv_objext+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.o conftest.obj
+if { { ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-3546}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+ (eval "$ac_compile") 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-3550}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then :
+ for ac_file in conftest.o conftest.obj conftest.*; do
+ test -f "$ac_file" || continue;
+ case $ac_file in
+ *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;;
+ *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'`
+ break;;
+ esac
+done
+else
+ $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+{ { $as_echo "$as_me:${as_lineno-3564}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "cannot compute suffix of object files: cannot compile
+See \`config.log' for more details" "3567" 5; }
+fi
+rm -f conftest.$ac_cv_objext conftest.$ac_ext
+fi
+{ $as_echo "$as_me:${as_lineno-3571}: result: $ac_cv_objext" >&5
+$as_echo "$ac_cv_objext" >&6; }
+OBJEXT=$ac_cv_objext
+ac_objext=$OBJEXT
+{ $as_echo "$as_me:${as_lineno-3575}: checking whether we are using the GNU C compiler" >&5
+$as_echo_n "checking whether we are using the GNU C compiler... " >&6; }
+if ${ac_cv_c_compiler_gnu+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main ()
+{
+#ifndef __GNUC__
+ choke me
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "3594"; then :
+ ac_compiler_gnu=yes
+else
+ ac_compiler_gnu=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ac_cv_c_compiler_gnu=$ac_compiler_gnu
+
+fi
+{ $as_echo "$as_me:${as_lineno-3603}: result: $ac_cv_c_compiler_gnu" >&5
+$as_echo "$ac_cv_c_compiler_gnu" >&6; }
+if test $ac_compiler_gnu = yes; then
+ GCC=yes
+else
+ GCC=
+fi
+ac_test_CFLAGS=${CFLAGS+set}
+ac_save_CFLAGS=$CFLAGS
+{ $as_echo "$as_me:${as_lineno-3612}: checking whether $CC accepts -g" >&5
+$as_echo_n "checking whether $CC accepts -g... " >&6; }
+if ${ac_cv_prog_cc_g+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_save_c_werror_flag=$ac_c_werror_flag
+ ac_c_werror_flag=yes
+ ac_cv_prog_cc_g=no
+ CFLAGS="-g"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "3632"; then :
+ ac_cv_prog_cc_g=yes
+else
+ CFLAGS=""
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "3647"; then :
+
+else
+ ac_c_werror_flag=$ac_save_c_werror_flag
+ CFLAGS="-g"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "3663"; then :
+ ac_cv_prog_cc_g=yes
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ ac_c_werror_flag=$ac_save_c_werror_flag
+fi
+{ $as_echo "$as_me:${as_lineno-3673}: result: $ac_cv_prog_cc_g" >&5
+$as_echo "$ac_cv_prog_cc_g" >&6; }
+if test "$ac_test_CFLAGS" = set; then
+ CFLAGS=$ac_save_CFLAGS
+elif test $ac_cv_prog_cc_g = yes; then
+ if test "$GCC" = yes; then
+ CFLAGS="-g -O2"
+ else
+ CFLAGS="-g"
+ fi
+else
+ if test "$GCC" = yes; then
+ CFLAGS="-O2"
+ else
+ CFLAGS=
+ fi
+fi
+{ $as_echo "$as_me:${as_lineno-3690}: checking for $CC option to accept ISO C89" >&5
+$as_echo_n "checking for $CC option to accept ISO C89... " >&6; }
+if ${ac_cv_prog_cc_c89+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_cv_prog_cc_c89=no
+ac_save_CC=$CC
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <stdarg.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */
+struct buf { int x; };
+FILE * (*rcsopen) (struct buf *, struct stat *, int);
+static char *e (p, i)
+ char **p;
+ int i;
+{
+ return p[i];
+}
+static char *f (char * (*g) (char **, int), char **p, ...)
+{
+ char *s;
+ va_list v;
+ va_start (v,p);
+ s = g (p, va_arg (v,int));
+ va_end (v);
+ return s;
+}
+
+/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has
+ function prototypes and stuff, but not '\xHH' hex character constants.
+ These don't provoke an error unfortunately, instead are silently treated
+ as 'x'. The following induces an error, until -std is added to get
+ proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an
+ array size at least. It's necessary to write '\x00'==0 to get something
+ that's true only with -std. */
+int osf4_cc_array ['\x00' == 0 ? 1 : -1];
+
+/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters
+ inside strings and character constants. */
+#define FOO(x) 'x'
+int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1];
+
+int test (int i, double x);
+struct s1 {int (*f) (int a);};
+struct s2 {int (*f) (double a);};
+int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int);
+int argc;
+char **argv;
+int
+main ()
+{
+return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1];
+ ;
+ return 0;
+}
+_ACEOF
+for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \
+ -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__"
+do
+ CC="$ac_save_CC $ac_arg"
+ if ac_fn_c_try_compile "3754"; then :
+ ac_cv_prog_cc_c89=$ac_arg
+fi
+rm -f core conftest.err conftest.$ac_objext
+ test "x$ac_cv_prog_cc_c89" != "xno" && break
+done
+rm -f conftest.$ac_ext
+CC=$ac_save_CC
+
+fi
+# AC_CACHE_VAL
+case "x$ac_cv_prog_cc_c89" in
+ x)
+ { $as_echo "$as_me:${as_lineno-3767}: result: none needed" >&5
+$as_echo "none needed" >&6; } ;;
+ xno)
+ { $as_echo "$as_me:${as_lineno-3770}: result: unsupported" >&5
+$as_echo "unsupported" >&6; } ;;
+ *)
+ CC="$CC $ac_cv_prog_cc_c89"
+ { $as_echo "$as_me:${as_lineno-3774}: result: $ac_cv_prog_cc_c89" >&5
+$as_echo "$ac_cv_prog_cc_c89" >&6; } ;;
+esac
+if test "x$ac_cv_prog_cc_c89" != xno; then :
+
+fi
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+depcc="$CC" am_compiler_list=
+
+{ $as_echo "$as_me:${as_lineno-3789}: checking dependency style of $depcc" >&5
+$as_echo_n "checking dependency style of $depcc... " >&6; }
+if ${am_cv_CC_dependencies_compiler_type+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then
+ # We make a subdir and do the tests there. Otherwise we can end up
+ # making bogus files that we don't know about and never remove. For
+ # instance it was reported that on HP-UX the gcc test will end up
+ # making a dummy file named `D' -- because `-MD' means `put the output
+ # in D'.
+ rm -rf conftest.dir
+ mkdir conftest.dir
+ # Copy depcomp to subdir because otherwise we won't find it if we're
+ # using a relative directory.
+ cp "$am_depcomp" conftest.dir
+ cd conftest.dir
+ # We will build objects and dependencies in a subdirectory because
+ # it helps to detect inapplicable dependency modes. For instance
+ # both Tru64's cc and ICC support -MD to output dependencies as a
+ # side effect of compilation, but ICC will put the dependencies in
+ # the current directory while Tru64 will put them in the object
+ # directory.
+ mkdir sub
+
+ am_cv_CC_dependencies_compiler_type=none
+ if test "$am_compiler_list" = ""; then
+ am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp`
+ fi
+ am__universal=false
+ case " $depcc " in #(
+ *\ -arch\ *\ -arch\ *) am__universal=true ;;
+ esac
+
+ for depmode in $am_compiler_list; do
+ # Setup a source with many dependencies, because some compilers
+ # like to wrap large dependency lists on column 80 (with \), and
+ # we should not choose a depcomp mode which is confused by this.
+ #
+ # We need to recreate these files for each test, as the compiler may
+ # overwrite some of them when testing with obscure command lines.
+ # This happens at least with the AIX C compiler.
+ : > sub/conftest.c
+ for i in 1 2 3 4 5 6; do
+ echo '#include "conftst'$i'.h"' >> sub/conftest.c
+ # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with
+ # Solaris 8's {/usr,}/bin/sh.
+ touch sub/conftst$i.h
+ done
+ echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf
+
+ # We check with `-c' and `-o' for the sake of the "dashmstdout"
+ # mode. It turns out that the SunPro C++ compiler does not properly
+ # handle `-M -o', and we need to detect this. Also, some Intel
+ # versions had trouble with output in subdirs
+ am__obj=sub/conftest.${OBJEXT-o}
+ am__minus_obj="-o $am__obj"
+ case $depmode in
+ gcc)
+ # This depmode causes a compiler race in universal mode.
+ test "$am__universal" = false || continue
+ ;;
+ nosideeffect)
+ # after this tag, mechanisms are not by side-effect, so they'll
+ # only be used when explicitly requested
+ if test "x$enable_dependency_tracking" = xyes; then
+ continue
+ else
+ break
+ fi
+ ;;
+ msvc7 | msvc7msys | msvisualcpp | msvcmsys)
+ # This compiler won't grok `-c -o', but also, the minuso test has
+ # not run yet. These depmodes are late enough in the game, and
+ # so weak that their functioning should not be impacted.
+ am__obj=conftest.${OBJEXT-o}
+ am__minus_obj=
+ ;;
+ none) break ;;
+ esac
+ if depmode=$depmode \
+ source=sub/conftest.c object=$am__obj \
+ depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \
+ $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \
+ >/dev/null 2>conftest.err &&
+ grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 &&
+ grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 &&
+ grep $am__obj sub/conftest.Po > /dev/null 2>&1 &&
+ ${MAKE-make} -s -f confmf > /dev/null 2>&1; then
+ # icc doesn't choke on unknown options, it will just issue warnings
+ # or remarks (even with -Werror). So we grep stderr for any message
+ # that says an option was ignored or not supported.
+ # When given -MP, icc 7.0 and 7.1 complain thusly:
+ # icc: Command line warning: ignoring option '-M'; no argument required
+ # The diagnosis changed in icc 8.0:
+ # icc: Command line remark: option '-MP' not supported
+ if (grep 'ignoring option' conftest.err ||
+ grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else
+ am_cv_CC_dependencies_compiler_type=$depmode
+ break
+ fi
+ fi
+ done
+
+ cd ..
+ rm -rf conftest.dir
+else
+ am_cv_CC_dependencies_compiler_type=none
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-3900}: result: $am_cv_CC_dependencies_compiler_type" >&5
+$as_echo "$am_cv_CC_dependencies_compiler_type" >&6; }
+CCDEPMODE=depmode=$am_cv_CC_dependencies_compiler_type
+
+ if
+ test "x$enable_dependency_tracking" != xno \
+ && test "$am_cv_CC_dependencies_compiler_type" = gcc3; then
+ am__fastdepCC_TRUE=
+ am__fastdepCC_FALSE='#'
+else
+ am__fastdepCC_TRUE='#'
+ am__fastdepCC_FALSE=
+fi
+
+
+{ $as_echo "$as_me:${as_lineno-3915}: checking for a sed that does not truncate output" >&5
+$as_echo_n "checking for a sed that does not truncate output... " >&6; }
+if ${ac_cv_path_SED+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_script=s/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb/
+ for ac_i in 1 2 3 4 5 6 7; do
+ ac_script="$ac_script$as_nl$ac_script"
+ done
+ echo "$ac_script" 2>/dev/null | sed 99q >conftest.sed
+ { ac_script=; unset ac_script;}
+ if test -z "$SED"; then
+ ac_path_SED_found=false
+ # Loop through the user's path and test for each of PROGNAME-LIST
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_prog in sed gsed; do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ ac_path_SED="$as_dir/$ac_prog$ac_exec_ext"
+ { test -f "$ac_path_SED" && $as_test_x "$ac_path_SED"; } || continue
+# Check for GNU ac_path_SED and select it if it is found.
+ # Check for GNU $ac_path_SED
+case `"$ac_path_SED" --version 2>&1` in
+*GNU*)
+ ac_cv_path_SED="$ac_path_SED" ac_path_SED_found=:;;
+*)
+ ac_count=0
+ $as_echo_n 0123456789 >"conftest.in"
+ while :
+ do
+ cat "conftest.in" "conftest.in" >"conftest.tmp"
+ mv "conftest.tmp" "conftest.in"
+ cp "conftest.in" "conftest.nl"
+ $as_echo '' >> "conftest.nl"
+ "$ac_path_SED" -f conftest.sed < "conftest.nl" >"conftest.out" 2>/dev/null || break
+ diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
+ as_fn_arith $ac_count + 1 && ac_count=$as_val
+ if test $ac_count -gt ${ac_path_SED_max-0}; then
+ # Best one so far, save it but keep looking for a better one
+ ac_cv_path_SED="$ac_path_SED"
+ ac_path_SED_max=$ac_count
+ fi
+ # 10*(2^10) chars as input seems more than enough
+ test $ac_count -gt 10 && break
+ done
+ rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
+esac
+
+ $ac_path_SED_found && break 3
+ done
+ done
+ done
+IFS=$as_save_IFS
+ if test -z "$ac_cv_path_SED"; then
+ as_fn_error $? "no acceptable sed could be found in \$PATH" "3972" 5
+ fi
+else
+ ac_cv_path_SED=$SED
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-3979}: result: $ac_cv_path_SED" >&5
+$as_echo "$ac_cv_path_SED" >&6; }
+ SED="$ac_cv_path_SED"
+ rm -f conftest.sed
+
+test -z "$SED" && SED=sed
+Xsed="$SED -e 1s/^X//"
+
+
+
+
+
+
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-3997}: checking for grep that handles long lines and -e" >&5
+$as_echo_n "checking for grep that handles long lines and -e... " >&6; }
+if ${ac_cv_path_GREP+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -z "$GREP"; then
+ ac_path_GREP_found=false
+ # Loop through the user's path and test for each of PROGNAME-LIST
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_prog in grep ggrep; do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext"
+ { test -f "$ac_path_GREP" && $as_test_x "$ac_path_GREP"; } || continue
+# Check for GNU ac_path_GREP and select it if it is found.
+ # Check for GNU $ac_path_GREP
+case `"$ac_path_GREP" --version 2>&1` in
+*GNU*)
+ ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;;
+*)
+ ac_count=0
+ $as_echo_n 0123456789 >"conftest.in"
+ while :
+ do
+ cat "conftest.in" "conftest.in" >"conftest.tmp"
+ mv "conftest.tmp" "conftest.in"
+ cp "conftest.in" "conftest.nl"
+ $as_echo 'GREP' >> "conftest.nl"
+ "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break
+ diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
+ as_fn_arith $ac_count + 1 && ac_count=$as_val
+ if test $ac_count -gt ${ac_path_GREP_max-0}; then
+ # Best one so far, save it but keep looking for a better one
+ ac_cv_path_GREP="$ac_path_GREP"
+ ac_path_GREP_max=$ac_count
+ fi
+ # 10*(2^10) chars as input seems more than enough
+ test $ac_count -gt 10 && break
+ done
+ rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
+esac
+
+ $ac_path_GREP_found && break 3
+ done
+ done
+ done
+IFS=$as_save_IFS
+ if test -z "$ac_cv_path_GREP"; then
+ as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "4048" 5
+ fi
+else
+ ac_cv_path_GREP=$GREP
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-4055}: result: $ac_cv_path_GREP" >&5
+$as_echo "$ac_cv_path_GREP" >&6; }
+ GREP="$ac_cv_path_GREP"
+
+
+{ $as_echo "$as_me:${as_lineno-4060}: checking for egrep" >&5
+$as_echo_n "checking for egrep... " >&6; }
+if ${ac_cv_path_EGREP+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if echo a | $GREP -E '(a|b)' >/dev/null 2>&1
+ then ac_cv_path_EGREP="$GREP -E"
+ else
+ if test -z "$EGREP"; then
+ ac_path_EGREP_found=false
+ # Loop through the user's path and test for each of PROGNAME-LIST
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_prog in egrep; do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext"
+ { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue
+# Check for GNU ac_path_EGREP and select it if it is found.
+ # Check for GNU $ac_path_EGREP
+case `"$ac_path_EGREP" --version 2>&1` in
+*GNU*)
+ ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;;
+*)
+ ac_count=0
+ $as_echo_n 0123456789 >"conftest.in"
+ while :
+ do
+ cat "conftest.in" "conftest.in" >"conftest.tmp"
+ mv "conftest.tmp" "conftest.in"
+ cp "conftest.in" "conftest.nl"
+ $as_echo 'EGREP' >> "conftest.nl"
+ "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break
+ diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
+ as_fn_arith $ac_count + 1 && ac_count=$as_val
+ if test $ac_count -gt ${ac_path_EGREP_max-0}; then
+ # Best one so far, save it but keep looking for a better one
+ ac_cv_path_EGREP="$ac_path_EGREP"
+ ac_path_EGREP_max=$ac_count
+ fi
+ # 10*(2^10) chars as input seems more than enough
+ test $ac_count -gt 10 && break
+ done
+ rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
+esac
+
+ $ac_path_EGREP_found && break 3
+ done
+ done
+ done
+IFS=$as_save_IFS
+ if test -z "$ac_cv_path_EGREP"; then
+ as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "4114" 5
+ fi
+else
+ ac_cv_path_EGREP=$EGREP
+fi
+
+ fi
+fi
+{ $as_echo "$as_me:${as_lineno-4122}: result: $ac_cv_path_EGREP" >&5
+$as_echo "$ac_cv_path_EGREP" >&6; }
+ EGREP="$ac_cv_path_EGREP"
+
+
+{ $as_echo "$as_me:${as_lineno-4127}: checking for fgrep" >&5
+$as_echo_n "checking for fgrep... " >&6; }
+if ${ac_cv_path_FGREP+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if echo 'ab*c' | $GREP -F 'ab*c' >/dev/null 2>&1
+ then ac_cv_path_FGREP="$GREP -F"
+ else
+ if test -z "$FGREP"; then
+ ac_path_FGREP_found=false
+ # Loop through the user's path and test for each of PROGNAME-LIST
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_prog in fgrep; do
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ ac_path_FGREP="$as_dir/$ac_prog$ac_exec_ext"
+ { test -f "$ac_path_FGREP" && $as_test_x "$ac_path_FGREP"; } || continue
+# Check for GNU ac_path_FGREP and select it if it is found.
+ # Check for GNU $ac_path_FGREP
+case `"$ac_path_FGREP" --version 2>&1` in
+*GNU*)
+ ac_cv_path_FGREP="$ac_path_FGREP" ac_path_FGREP_found=:;;
+*)
+ ac_count=0
+ $as_echo_n 0123456789 >"conftest.in"
+ while :
+ do
+ cat "conftest.in" "conftest.in" >"conftest.tmp"
+ mv "conftest.tmp" "conftest.in"
+ cp "conftest.in" "conftest.nl"
+ $as_echo 'FGREP' >> "conftest.nl"
+ "$ac_path_FGREP" FGREP < "conftest.nl" >"conftest.out" 2>/dev/null || break
+ diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
+ as_fn_arith $ac_count + 1 && ac_count=$as_val
+ if test $ac_count -gt ${ac_path_FGREP_max-0}; then
+ # Best one so far, save it but keep looking for a better one
+ ac_cv_path_FGREP="$ac_path_FGREP"
+ ac_path_FGREP_max=$ac_count
+ fi
+ # 10*(2^10) chars as input seems more than enough
+ test $ac_count -gt 10 && break
+ done
+ rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
+esac
+
+ $ac_path_FGREP_found && break 3
+ done
+ done
+ done
+IFS=$as_save_IFS
+ if test -z "$ac_cv_path_FGREP"; then
+ as_fn_error $? "no acceptable fgrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "4181" 5
+ fi
+else
+ ac_cv_path_FGREP=$FGREP
+fi
+
+ fi
+fi
+{ $as_echo "$as_me:${as_lineno-4189}: result: $ac_cv_path_FGREP" >&5
+$as_echo "$ac_cv_path_FGREP" >&6; }
+ FGREP="$ac_cv_path_FGREP"
+
+
+test -z "$GREP" && GREP=grep
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+# Check whether --with-gnu-ld was given.
+if test "${with_gnu_ld+set}" = set; then :
+ withval=$with_gnu_ld; test "$withval" = no || with_gnu_ld=yes
+else
+ with_gnu_ld=no
+fi
+
+ac_prog=ld
+if test "$GCC" = yes; then
+ # Check if gcc -print-prog-name=ld gives a path.
+ { $as_echo "$as_me:${as_lineno-4224}: checking for ld used by $CC" >&5
+$as_echo_n "checking for ld used by $CC... " >&6; }
+ case $host in
+ *-*-mingw*)
+ # gcc leaves a trailing carriage return which upsets mingw
+ ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;;
+ *)
+ ac_prog=`($CC -print-prog-name=ld) 2>&5` ;;
+ esac
+ case $ac_prog in
+ # Accept absolute paths.
+ [\\/]* | ?:[\\/]*)
+ re_direlt='/[^/][^/]*/\.\./'
+ # Canonicalize the pathname of ld
+ ac_prog=`$ECHO "$ac_prog"| $SED 's%\\\\%/%g'`
+ while $ECHO "$ac_prog" | $GREP "$re_direlt" > /dev/null 2>&1; do
+ ac_prog=`$ECHO $ac_prog| $SED "s%$re_direlt%/%"`
+ done
+ test -z "$LD" && LD="$ac_prog"
+ ;;
+ "")
+ # If it fails, then pretend we aren't using GCC.
+ ac_prog=ld
+ ;;
+ *)
+ # If it is relative, then search for the first ld in PATH.
+ with_gnu_ld=unknown
+ ;;
+ esac
+elif test "$with_gnu_ld" = yes; then
+ { $as_echo "$as_me:${as_lineno-4254}: checking for GNU ld" >&5
+$as_echo_n "checking for GNU ld... " >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-4257}: checking for non-GNU ld" >&5
+$as_echo_n "checking for non-GNU ld... " >&6; }
+fi
+if ${lt_cv_path_LD+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -z "$LD"; then
+ lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+ for ac_dir in $PATH; do
+ IFS="$lt_save_ifs"
+ test -z "$ac_dir" && ac_dir=.
+ if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then
+ lt_cv_path_LD="$ac_dir/$ac_prog"
+ # Check to see if the program is GNU ld. I'd rather use --version,
+ # but apparently some variants of GNU ld only accept -v.
+ # Break only if it was the GNU/non-GNU ld that we prefer.
+ case `"$lt_cv_path_LD" -v 2>&1 </dev/null` in
+ *GNU* | *'with BFD'*)
+ test "$with_gnu_ld" != no && break
+ ;;
+ *)
+ test "$with_gnu_ld" != yes && break
+ ;;
+ esac
+ fi
+ done
+ IFS="$lt_save_ifs"
+else
+ lt_cv_path_LD="$LD" # Let the user override the test with a path.
+fi
+fi
+
+LD="$lt_cv_path_LD"
+if test -n "$LD"; then
+ { $as_echo "$as_me:${as_lineno-4291}: result: $LD" >&5
+$as_echo "$LD" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-4294}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+test -z "$LD" && as_fn_error $? "no acceptable ld found in \$PATH" "4297" 5
+{ $as_echo "$as_me:${as_lineno-4298}: checking if the linker ($LD) is GNU ld" >&5
+$as_echo_n "checking if the linker ($LD) is GNU ld... " >&6; }
+if ${lt_cv_prog_gnu_ld+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ # I'd rather use --version here, but apparently some GNU lds only accept -v.
+case `$LD -v 2>&1 </dev/null` in
+*GNU* | *'with BFD'*)
+ lt_cv_prog_gnu_ld=yes
+ ;;
+*)
+ lt_cv_prog_gnu_ld=no
+ ;;
+esac
+fi
+{ $as_echo "$as_me:${as_lineno-4313}: result: $lt_cv_prog_gnu_ld" >&5
+$as_echo "$lt_cv_prog_gnu_ld" >&6; }
+with_gnu_ld=$lt_cv_prog_gnu_ld
+
+
+
+
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-4325}: checking for BSD- or MS-compatible name lister (nm)" >&5
+$as_echo_n "checking for BSD- or MS-compatible name lister (nm)... " >&6; }
+if ${lt_cv_path_NM+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$NM"; then
+ # Let the user override the test.
+ lt_cv_path_NM="$NM"
+else
+ lt_nm_to_check="${ac_tool_prefix}nm"
+ if test -n "$ac_tool_prefix" && test "$build" = "$host"; then
+ lt_nm_to_check="$lt_nm_to_check nm"
+ fi
+ for lt_tmp_nm in $lt_nm_to_check; do
+ lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+ for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do
+ IFS="$lt_save_ifs"
+ test -z "$ac_dir" && ac_dir=.
+ tmp_nm="$ac_dir/$lt_tmp_nm"
+ if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext" ; then
+ # Check to see if the nm accepts a BSD-compat flag.
+ # Adding the `sed 1q' prevents false positives on HP-UX, which says:
+ # nm: unknown option "B" ignored
+ # Tru64's nm complains that /dev/null is an invalid object file
+ case `"$tmp_nm" -B /dev/null 2>&1 | sed '1q'` in
+ */dev/null* | *'Invalid file or object type'*)
+ lt_cv_path_NM="$tmp_nm -B"
+ break
+ ;;
+ *)
+ case `"$tmp_nm" -p /dev/null 2>&1 | sed '1q'` in
+ */dev/null*)
+ lt_cv_path_NM="$tmp_nm -p"
+ break
+ ;;
+ *)
+ lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but
+ continue # so that we can try to find one that supports BSD flags
+ ;;
+ esac
+ ;;
+ esac
+ fi
+ done
+ IFS="$lt_save_ifs"
+ done
+ : ${lt_cv_path_NM=no}
+fi
+fi
+{ $as_echo "$as_me:${as_lineno-4374}: result: $lt_cv_path_NM" >&5
+$as_echo "$lt_cv_path_NM" >&6; }
+if test "$lt_cv_path_NM" != "no"; then
+ NM="$lt_cv_path_NM"
+else
+ # Didn't find any BSD compatible name lister, look for dumpbin.
+ if test -n "$DUMPBIN"; then :
+ # Let the user override the test.
+ else
+ if test -n "$ac_tool_prefix"; then
+ for ac_prog in dumpbin "link -dump"
+ do
+ # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
+set dummy $ac_tool_prefix$ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-4388}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_DUMPBIN+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$DUMPBIN"; then
+ ac_cv_prog_DUMPBIN="$DUMPBIN" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_DUMPBIN="$ac_tool_prefix$ac_prog"
+ $as_echo "$as_me:${as_lineno-4404}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+DUMPBIN=$ac_cv_prog_DUMPBIN
+if test -n "$DUMPBIN"; then
+ { $as_echo "$as_me:${as_lineno-4415}: result: $DUMPBIN" >&5
+$as_echo "$DUMPBIN" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-4418}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+ test -n "$DUMPBIN" && break
+ done
+fi
+if test -z "$DUMPBIN"; then
+ ac_ct_DUMPBIN=$DUMPBIN
+ for ac_prog in dumpbin "link -dump"
+do
+ # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-4432}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_DUMPBIN+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$ac_ct_DUMPBIN"; then
+ ac_cv_prog_ac_ct_DUMPBIN="$ac_ct_DUMPBIN" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_DUMPBIN="$ac_prog"
+ $as_echo "$as_me:${as_lineno-4448}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_DUMPBIN=$ac_cv_prog_ac_ct_DUMPBIN
+if test -n "$ac_ct_DUMPBIN"; then
+ { $as_echo "$as_me:${as_lineno-4459}: result: $ac_ct_DUMPBIN" >&5
+$as_echo "$ac_ct_DUMPBIN" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-4462}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+ test -n "$ac_ct_DUMPBIN" && break
+done
+
+ if test "x$ac_ct_DUMPBIN" = x; then
+ DUMPBIN=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-4475}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ DUMPBIN=$ac_ct_DUMPBIN
+ fi
+fi
+
+ case `$DUMPBIN -symbols /dev/null 2>&1 | sed '1q'` in
+ *COFF*)
+ DUMPBIN="$DUMPBIN -symbols"
+ ;;
+ *)
+ DUMPBIN=:
+ ;;
+ esac
+ fi
+
+ if test "$DUMPBIN" != ":"; then
+ NM="$DUMPBIN"
+ fi
+fi
+test -z "$NM" && NM=nm
+
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-4504}: checking the name lister ($NM) interface" >&5
+$as_echo_n "checking the name lister ($NM) interface... " >&6; }
+if ${lt_cv_nm_interface+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ lt_cv_nm_interface="BSD nm"
+ echo "int some_variable = 0;" > conftest.$ac_ext
+ (eval echo "\"\$as_me:4511: $ac_compile\"" >&5)
+ (eval "$ac_compile" 2>conftest.err)
+ cat conftest.err >&5
+ (eval echo "\"\$as_me:4514: $NM \\\"conftest.$ac_objext\\\"\"" >&5)
+ (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out)
+ cat conftest.err >&5
+ (eval echo "\"\$as_me:4517: output\"" >&5)
+ cat conftest.out >&5
+ if $GREP 'External.*some_variable' conftest.out > /dev/null; then
+ lt_cv_nm_interface="MS dumpbin"
+ fi
+ rm -f conftest*
+fi
+{ $as_echo "$as_me:${as_lineno-4524}: result: $lt_cv_nm_interface" >&5
+$as_echo "$lt_cv_nm_interface" >&6; }
+
+{ $as_echo "$as_me:${as_lineno-4527}: checking whether ln -s works" >&5
+$as_echo_n "checking whether ln -s works... " >&6; }
+LN_S=$as_ln_s
+if test "$LN_S" = "ln -s"; then
+ { $as_echo "$as_me:${as_lineno-4531}: result: yes" >&5
+$as_echo "yes" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-4534}: result: no, using $LN_S" >&5
+$as_echo "no, using $LN_S" >&6; }
+fi
+
+# find the maximum length of command line arguments
+{ $as_echo "$as_me:${as_lineno-4539}: checking the maximum length of command line arguments" >&5
+$as_echo_n "checking the maximum length of command line arguments... " >&6; }
+if ${lt_cv_sys_max_cmd_len+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ i=0
+ teststring="ABCD"
+
+ case $build_os in
+ msdosdjgpp*)
+ # On DJGPP, this test can blow up pretty badly due to problems in libc
+ # (any single argument exceeding 2000 bytes causes a buffer overrun
+ # during glob expansion). Even if it were fixed, the result of this
+ # check would be larger than it should be.
+ lt_cv_sys_max_cmd_len=12288; # 12K is about right
+ ;;
+
+ gnu*)
+ # Under GNU Hurd, this test is not required because there is
+ # no limit to the length of command line arguments.
+ # Libtool will interpret -1 as no limit whatsoever
+ lt_cv_sys_max_cmd_len=-1;
+ ;;
+
+ cygwin* | mingw* | cegcc*)
+ # On Win9x/ME, this test blows up -- it succeeds, but takes
+ # about 5 minutes as the teststring grows exponentially.
+ # Worse, since 9x/ME are not pre-emptively multitasking,
+ # you end up with a "frozen" computer, even though with patience
+ # the test eventually succeeds (with a max line length of 256k).
+ # Instead, let's just punt: use the minimum linelength reported by
+ # all of the supported platforms: 8192 (on NT/2K/XP).
+ lt_cv_sys_max_cmd_len=8192;
+ ;;
+
+ mint*)
+ # On MiNT this can take a long time and run out of memory.
+ lt_cv_sys_max_cmd_len=8192;
+ ;;
+
+ amigaos*)
+ # On AmigaOS with pdksh, this test takes hours, literally.
+ # So we just punt and use a minimum line length of 8192.
+ lt_cv_sys_max_cmd_len=8192;
+ ;;
+
+ netbsd* | freebsd* | openbsd* | darwin* | dragonfly*)
+ # This has been around since 386BSD, at least. Likely further.
+ if test -x /sbin/sysctl; then
+ lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax`
+ elif test -x /usr/sbin/sysctl; then
+ lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax`
+ else
+ lt_cv_sys_max_cmd_len=65536 # usable default for all BSDs
+ fi
+ # And add a safety zone
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4`
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3`
+ ;;
+
+ interix*)
+ # We know the value 262144 and hardcode it with a safety zone (like BSD)
+ lt_cv_sys_max_cmd_len=196608
+ ;;
+
+ os2*)
+ # The test takes a long time on OS/2.
+ lt_cv_sys_max_cmd_len=8192
+ ;;
+
+ osf*)
+ # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure
+ # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not
+ # nice to cause kernel panics so lets avoid the loop below.
+ # First set a reasonable default.
+ lt_cv_sys_max_cmd_len=16384
+ #
+ if test -x /sbin/sysconfig; then
+ case `/sbin/sysconfig -q proc exec_disable_arg_limit` in
+ *1*) lt_cv_sys_max_cmd_len=-1 ;;
+ esac
+ fi
+ ;;
+ sco3.2v5*)
+ lt_cv_sys_max_cmd_len=102400
+ ;;
+ sysv5* | sco5v6* | sysv4.2uw2*)
+ kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null`
+ if test -n "$kargmax"; then
+ lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[ ]//'`
+ else
+ lt_cv_sys_max_cmd_len=32768
+ fi
+ ;;
+ *)
+ lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null`
+ if test -n "$lt_cv_sys_max_cmd_len"; then
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4`
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3`
+ else
+ # Make teststring a little bigger before we do anything with it.
+ # a 1K string should be a reasonable start.
+ for i in 1 2 3 4 5 6 7 8 ; do
+ teststring=$teststring$teststring
+ done
+ SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}}
+ # If test is not a shell built-in, we'll probably end up computing a
+ # maximum length that is only half of the actual maximum length, but
+ # we can't tell.
+ while { test "X"`env echo "$teststring$teststring" 2>/dev/null` \
+ = "X$teststring$teststring"; } >/dev/null 2>&1 &&
+ test $i != 17 # 1/2 MB should be enough
+ do
+ i=`expr $i + 1`
+ teststring=$teststring$teststring
+ done
+ # Only check the string length outside the loop.
+ lt_cv_sys_max_cmd_len=`expr "X$teststring" : ".*" 2>&1`
+ teststring=
+ # Add a significant safety factor because C++ compilers can tack on
+ # massive amounts of additional arguments before passing them to the
+ # linker. It appears as though 1/2 is a usable value.
+ lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2`
+ fi
+ ;;
+ esac
+
+fi
+
+if test -n $lt_cv_sys_max_cmd_len ; then
+ { $as_echo "$as_me:${as_lineno-4669}: result: $lt_cv_sys_max_cmd_len" >&5
+$as_echo "$lt_cv_sys_max_cmd_len" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-4672}: result: none" >&5
+$as_echo "none" >&6; }
+fi
+max_cmd_len=$lt_cv_sys_max_cmd_len
+
+
+
+
+
+
+: ${CP="cp -f"}
+: ${MV="mv -f"}
+: ${RM="rm -f"}
+
+{ $as_echo "$as_me:${as_lineno-4686}: checking whether the shell understands some XSI constructs" >&5
+$as_echo_n "checking whether the shell understands some XSI constructs... " >&6; }
+# Try some XSI features
+xsi_shell=no
+( _lt_dummy="a/b/c"
+ test "${_lt_dummy##*/},${_lt_dummy%/*},${_lt_dummy#??}"${_lt_dummy%"$_lt_dummy"}, \
+ = c,a/b,b/c, \
+ && eval 'test $(( 1 + 1 )) -eq 2 \
+ && test "${#_lt_dummy}" -eq 5' ) >/dev/null 2>&1 \
+ && xsi_shell=yes
+{ $as_echo "$as_me:${as_lineno-4696}: result: $xsi_shell" >&5
+$as_echo "$xsi_shell" >&6; }
+
+
+{ $as_echo "$as_me:${as_lineno-4700}: checking whether the shell understands \"+=\"" >&5
+$as_echo_n "checking whether the shell understands \"+=\"... " >&6; }
+lt_shell_append=no
+( foo=bar; set foo baz; eval "$1+=\$2" && test "$foo" = barbaz ) \
+ >/dev/null 2>&1 \
+ && lt_shell_append=yes
+{ $as_echo "$as_me:${as_lineno-4706}: result: $lt_shell_append" >&5
+$as_echo "$lt_shell_append" >&6; }
+
+
+if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then
+ lt_unset=unset
+else
+ lt_unset=false
+fi
+
+
+
+
+
+# test EBCDIC or ASCII
+case `echo X|tr X '\101'` in
+ A) # ASCII based system
+ # \n is not interpreted correctly by Solaris 8 /usr/ucb/tr
+ lt_SP2NL='tr \040 \012'
+ lt_NL2SP='tr \015\012 \040\040'
+ ;;
+ *) # EBCDIC based system
+ lt_SP2NL='tr \100 \n'
+ lt_NL2SP='tr \r\n \100\100'
+ ;;
+esac
+
+
+
+
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-4741}: checking how to convert $build file names to $host format" >&5
+$as_echo_n "checking how to convert $build file names to $host format... " >&6; }
+if ${lt_cv_to_host_file_cmd+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ case $host in
+ *-*-mingw* )
+ case $build in
+ *-*-mingw* ) # actually msys
+ lt_cv_to_host_file_cmd=func_convert_file_msys_to_w32
+ ;;
+ *-*-cygwin* )
+ lt_cv_to_host_file_cmd=func_convert_file_cygwin_to_w32
+ ;;
+ * ) # otherwise, assume *nix
+ lt_cv_to_host_file_cmd=func_convert_file_nix_to_w32
+ ;;
+ esac
+ ;;
+ *-*-cygwin* )
+ case $build in
+ *-*-mingw* ) # actually msys
+ lt_cv_to_host_file_cmd=func_convert_file_msys_to_cygwin
+ ;;
+ *-*-cygwin* )
+ lt_cv_to_host_file_cmd=func_convert_file_noop
+ ;;
+ * ) # otherwise, assume *nix
+ lt_cv_to_host_file_cmd=func_convert_file_nix_to_cygwin
+ ;;
+ esac
+ ;;
+ * ) # unhandled hosts (and "normal" native builds)
+ lt_cv_to_host_file_cmd=func_convert_file_noop
+ ;;
+esac
+
+fi
+
+to_host_file_cmd=$lt_cv_to_host_file_cmd
+{ $as_echo "$as_me:${as_lineno-4781}: result: $lt_cv_to_host_file_cmd" >&5
+$as_echo "$lt_cv_to_host_file_cmd" >&6; }
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-4788}: checking how to convert $build file names to toolchain format" >&5
+$as_echo_n "checking how to convert $build file names to toolchain format... " >&6; }
+if ${lt_cv_to_tool_file_cmd+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ #assume ordinary cross tools, or native build.
+lt_cv_to_tool_file_cmd=func_convert_file_noop
+case $host in
+ *-*-mingw* )
+ case $build in
+ *-*-mingw* ) # actually msys
+ lt_cv_to_tool_file_cmd=func_convert_file_msys_to_w32
+ ;;
+ esac
+ ;;
+esac
+
+fi
+
+to_tool_file_cmd=$lt_cv_to_tool_file_cmd
+{ $as_echo "$as_me:${as_lineno-4808}: result: $lt_cv_to_tool_file_cmd" >&5
+$as_echo "$lt_cv_to_tool_file_cmd" >&6; }
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-4815}: checking for $LD option to reload object files" >&5
+$as_echo_n "checking for $LD option to reload object files... " >&6; }
+if ${lt_cv_ld_reload_flag+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ lt_cv_ld_reload_flag='-r'
+fi
+{ $as_echo "$as_me:${as_lineno-4822}: result: $lt_cv_ld_reload_flag" >&5
+$as_echo "$lt_cv_ld_reload_flag" >&6; }
+reload_flag=$lt_cv_ld_reload_flag
+case $reload_flag in
+"" | " "*) ;;
+*) reload_flag=" $reload_flag" ;;
+esac
+reload_cmds='$LD$reload_flag -o $output$reload_objs'
+case $host_os in
+ cygwin* | mingw* | pw32* | cegcc*)
+ if test "$GCC" != yes; then
+ reload_cmds=false
+ fi
+ ;;
+ darwin*)
+ if test "$GCC" = yes; then
+ reload_cmds='$LTCC $LTCFLAGS -nostdlib ${wl}-r -o $output$reload_objs'
+ else
+ reload_cmds='$LD$reload_flag -o $output$reload_objs'
+ fi
+ ;;
+esac
+
+
+
+
+
+
+
+
+
+if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}objdump", so it can be a program name with args.
+set dummy ${ac_tool_prefix}objdump; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-4856}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_OBJDUMP+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$OBJDUMP"; then
+ ac_cv_prog_OBJDUMP="$OBJDUMP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump"
+ $as_echo "$as_me:${as_lineno-4872}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+OBJDUMP=$ac_cv_prog_OBJDUMP
+if test -n "$OBJDUMP"; then
+ { $as_echo "$as_me:${as_lineno-4883}: result: $OBJDUMP" >&5
+$as_echo "$OBJDUMP" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-4886}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_OBJDUMP"; then
+ ac_ct_OBJDUMP=$OBJDUMP
+ # Extract the first word of "objdump", so it can be a program name with args.
+set dummy objdump; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-4896}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_OBJDUMP+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$ac_ct_OBJDUMP"; then
+ ac_cv_prog_ac_ct_OBJDUMP="$ac_ct_OBJDUMP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_OBJDUMP="objdump"
+ $as_echo "$as_me:${as_lineno-4912}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_OBJDUMP=$ac_cv_prog_ac_ct_OBJDUMP
+if test -n "$ac_ct_OBJDUMP"; then
+ { $as_echo "$as_me:${as_lineno-4923}: result: $ac_ct_OBJDUMP" >&5
+$as_echo "$ac_ct_OBJDUMP" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-4926}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+ if test "x$ac_ct_OBJDUMP" = x; then
+ OBJDUMP="false"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-4935}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ OBJDUMP=$ac_ct_OBJDUMP
+ fi
+else
+ OBJDUMP="$ac_cv_prog_OBJDUMP"
+fi
+
+test -z "$OBJDUMP" && OBJDUMP=objdump
+
+
+
+
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-4955}: checking how to recognize dependent libraries" >&5
+$as_echo_n "checking how to recognize dependent libraries... " >&6; }
+if ${lt_cv_deplibs_check_method+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ lt_cv_file_magic_cmd='$MAGIC_CMD'
+lt_cv_file_magic_test_file=
+lt_cv_deplibs_check_method='unknown'
+# Need to set the preceding variable on all platforms that support
+# interlibrary dependencies.
+# 'none' -- dependencies not supported.
+# `unknown' -- same as none, but documents that we really don't know.
+# 'pass_all' -- all dependencies passed with no checks.
+# 'test_compile' -- check by making test program.
+# 'file_magic [[regex]]' -- check by looking for files in library path
+# which responds to the $file_magic_cmd with a given extended regex.
+# If you have `file' or equivalent on your system and you're not sure
+# whether `pass_all' will *always* work, you probably want this one.
+
+case $host_os in
+aix[4-9]*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+beos*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+bsdi[45]*)
+ lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib)'
+ lt_cv_file_magic_cmd='/usr/bin/file -L'
+ lt_cv_file_magic_test_file=/shlib/libc.so
+ ;;
+
+cygwin*)
+ # func_win32_libid is a shell function defined in ltmain.sh
+ lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL'
+ lt_cv_file_magic_cmd='func_win32_libid'
+ ;;
+
+mingw* | pw32*)
+ # Base MSYS/MinGW do not provide the 'file' command needed by
+ # func_win32_libid shell function, so use a weaker test based on 'objdump',
+ # unless we find 'file', for example because we are cross-compiling.
+ # func_win32_libid assumes BSD nm, so disallow it if using MS dumpbin.
+ if ( test "$lt_cv_nm_interface" = "BSD nm" && file / ) >/dev/null 2>&1; then
+ lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL'
+ lt_cv_file_magic_cmd='func_win32_libid'
+ else
+ # Keep this pattern in sync with the one in func_win32_libid.
+ lt_cv_deplibs_check_method='file_magic file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)'
+ lt_cv_file_magic_cmd='$OBJDUMP -f'
+ fi
+ ;;
+
+cegcc*)
+ # use the weaker test based on 'objdump'. See mingw*.
+ lt_cv_deplibs_check_method='file_magic file format pe-arm-.*little(.*architecture: arm)?'
+ lt_cv_file_magic_cmd='$OBJDUMP -f'
+ ;;
+
+darwin* | rhapsody*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+freebsd* | dragonfly*)
+ if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then
+ case $host_cpu in
+ i*86 )
+ # Not sure whether the presence of OpenBSD here was a mistake.
+ # Let's accept both of them until this is cleared up.
+ lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[3-9]86 (compact )?demand paged shared library'
+ lt_cv_file_magic_cmd=/usr/bin/file
+ lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*`
+ ;;
+ esac
+ else
+ lt_cv_deplibs_check_method=pass_all
+ fi
+ ;;
+
+gnu*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+haiku*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+hpux10.20* | hpux11*)
+ lt_cv_file_magic_cmd=/usr/bin/file
+ case $host_cpu in
+ ia64*)
+ lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - IA64'
+ lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so
+ ;;
+ hppa*64*)
+ lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF[ -][0-9][0-9])(-bit)?( [LM]SB)? shared object( file)?[, -]* PA-RISC [0-9]\.[0-9]'
+ lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl
+ ;;
+ *)
+ lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|PA-RISC[0-9]\.[0-9]) shared library'
+ lt_cv_file_magic_test_file=/usr/lib/libc.sl
+ ;;
+ esac
+ ;;
+
+interix[3-9]*)
+ # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here
+ lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|\.a)$'
+ ;;
+
+irix5* | irix6* | nonstopux*)
+ case $LD in
+ *-32|*"-32 ") libmagic=32-bit;;
+ *-n32|*"-n32 ") libmagic=N32;;
+ *-64|*"-64 ") libmagic=64-bit;;
+ *) libmagic=never-match;;
+ esac
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+# This must be glibc/ELF.
+linux* | k*bsd*-gnu | kopensolaris*-gnu)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+netbsd* | netbsdelf*-gnu)
+ if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then
+ lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$'
+ else
+ lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|_pic\.a)$'
+ fi
+ ;;
+
+newos6*)
+ lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (executable|dynamic lib)'
+ lt_cv_file_magic_cmd=/usr/bin/file
+ lt_cv_file_magic_test_file=/usr/lib/libnls.so
+ ;;
+
+*nto* | *qnx*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+openbsd*)
+ if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|\.so|_pic\.a)$'
+ else
+ lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$'
+ fi
+ ;;
+
+osf3* | osf4* | osf5*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+rdos*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+solaris*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
+sysv4 | sysv4.3*)
+ case $host_vendor in
+ motorola)
+ lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib) M[0-9][0-9]* Version [0-9]'
+ lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*`
+ ;;
+ ncr)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+ sequent)
+ lt_cv_file_magic_cmd='/bin/file'
+ lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [LM]SB (shared object|dynamic lib )'
+ ;;
+ sni)
+ lt_cv_file_magic_cmd='/bin/file'
+ lt_cv_deplibs_check_method="file_magic ELF [0-9][0-9]*-bit [LM]SB dynamic lib"
+ lt_cv_file_magic_test_file=/lib/libc.so
+ ;;
+ siemens)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+ pc)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+ esac
+ ;;
+
+tpf*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+esac
+
+fi
+{ $as_echo "$as_me:${as_lineno-5157}: result: $lt_cv_deplibs_check_method" >&5
+$as_echo "$lt_cv_deplibs_check_method" >&6; }
+
+file_magic_glob=
+want_nocaseglob=no
+if test "$build" = "$host"; then
+ case $host_os in
+ mingw* | pw32*)
+ if ( shopt | grep nocaseglob ) >/dev/null 2>&1; then
+ want_nocaseglob=yes
+ else
+ file_magic_glob=`echo aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ | $SED -e "s/\(..\)/s\/[\1]\/[\1]\/g;/g"`
+ fi
+ ;;
+ esac
+fi
+
+file_magic_cmd=$lt_cv_file_magic_cmd
+deplibs_check_method=$lt_cv_deplibs_check_method
+test -z "$deplibs_check_method" && deplibs_check_method=unknown
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}dlltool", so it can be a program name with args.
+set dummy ${ac_tool_prefix}dlltool; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-5202}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_DLLTOOL+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$DLLTOOL"; then
+ ac_cv_prog_DLLTOOL="$DLLTOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_DLLTOOL="${ac_tool_prefix}dlltool"
+ $as_echo "$as_me:${as_lineno-5218}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+DLLTOOL=$ac_cv_prog_DLLTOOL
+if test -n "$DLLTOOL"; then
+ { $as_echo "$as_me:${as_lineno-5229}: result: $DLLTOOL" >&5
+$as_echo "$DLLTOOL" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-5232}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_DLLTOOL"; then
+ ac_ct_DLLTOOL=$DLLTOOL
+ # Extract the first word of "dlltool", so it can be a program name with args.
+set dummy dlltool; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-5242}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_DLLTOOL+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$ac_ct_DLLTOOL"; then
+ ac_cv_prog_ac_ct_DLLTOOL="$ac_ct_DLLTOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_DLLTOOL="dlltool"
+ $as_echo "$as_me:${as_lineno-5258}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_DLLTOOL=$ac_cv_prog_ac_ct_DLLTOOL
+if test -n "$ac_ct_DLLTOOL"; then
+ { $as_echo "$as_me:${as_lineno-5269}: result: $ac_ct_DLLTOOL" >&5
+$as_echo "$ac_ct_DLLTOOL" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-5272}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+ if test "x$ac_ct_DLLTOOL" = x; then
+ DLLTOOL="false"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-5281}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ DLLTOOL=$ac_ct_DLLTOOL
+ fi
+else
+ DLLTOOL="$ac_cv_prog_DLLTOOL"
+fi
+
+test -z "$DLLTOOL" && DLLTOOL=dlltool
+
+
+
+
+
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-5302}: checking how to associate runtime and link libraries" >&5
+$as_echo_n "checking how to associate runtime and link libraries... " >&6; }
+if ${lt_cv_sharedlib_from_linklib_cmd+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ lt_cv_sharedlib_from_linklib_cmd='unknown'
+
+case $host_os in
+cygwin* | mingw* | pw32* | cegcc*)
+ # two different shell functions defined in ltmain.sh
+ # decide which to use based on capabilities of $DLLTOOL
+ case `$DLLTOOL --help 2>&1` in
+ *--identify-strict*)
+ lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib
+ ;;
+ *)
+ lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib_fallback
+ ;;
+ esac
+ ;;
+*)
+ # fallback: assume linklib IS sharedlib
+ lt_cv_sharedlib_from_linklib_cmd="$ECHO"
+ ;;
+esac
+
+fi
+{ $as_echo "$as_me:${as_lineno-5329}: result: $lt_cv_sharedlib_from_linklib_cmd" >&5
+$as_echo "$lt_cv_sharedlib_from_linklib_cmd" >&6; }
+sharedlib_from_linklib_cmd=$lt_cv_sharedlib_from_linklib_cmd
+test -z "$sharedlib_from_linklib_cmd" && sharedlib_from_linklib_cmd=$ECHO
+
+
+
+
+
+
+
+
+if test -n "$ac_tool_prefix"; then
+ for ac_prog in ar
+ do
+ # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
+set dummy $ac_tool_prefix$ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-5346}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_AR+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$AR"; then
+ ac_cv_prog_AR="$AR" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_AR="$ac_tool_prefix$ac_prog"
+ $as_echo "$as_me:${as_lineno-5362}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+AR=$ac_cv_prog_AR
+if test -n "$AR"; then
+ { $as_echo "$as_me:${as_lineno-5373}: result: $AR" >&5
+$as_echo "$AR" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-5376}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+ test -n "$AR" && break
+ done
+fi
+if test -z "$AR"; then
+ ac_ct_AR=$AR
+ for ac_prog in ar
+do
+ # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-5390}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_AR+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$ac_ct_AR"; then
+ ac_cv_prog_ac_ct_AR="$ac_ct_AR" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_AR="$ac_prog"
+ $as_echo "$as_me:${as_lineno-5406}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_AR=$ac_cv_prog_ac_ct_AR
+if test -n "$ac_ct_AR"; then
+ { $as_echo "$as_me:${as_lineno-5417}: result: $ac_ct_AR" >&5
+$as_echo "$ac_ct_AR" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-5420}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+ test -n "$ac_ct_AR" && break
+done
+
+ if test "x$ac_ct_AR" = x; then
+ AR="false"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-5433}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ AR=$ac_ct_AR
+ fi
+fi
+
+: ${AR=ar}
+: ${AR_FLAGS=cru}
+
+
+
+
+
+
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-5454}: checking for archiver @FILE support" >&5
+$as_echo_n "checking for archiver @FILE support... " >&6; }
+if ${lt_cv_ar_at_file+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ lt_cv_ar_at_file=no
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "5471"; then :
+ echo conftest.$ac_objext > conftest.lst
+ lt_ar_try='$AR $AR_FLAGS libconftest.a @conftest.lst >&5'
+ { { eval echo "\"\$as_me\":${as_lineno-5474}: \"$lt_ar_try\""; } >&5
+ (eval $lt_ar_try) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-5477}: \$? = $ac_status" >&5
+ test $ac_status = 0; }
+ if test "$ac_status" -eq 0; then
+ # Ensure the archiver fails upon bogus file names.
+ rm -f conftest.$ac_objext libconftest.a
+ { { eval echo "\"\$as_me\":${as_lineno-5482}: \"$lt_ar_try\""; } >&5
+ (eval $lt_ar_try) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-5485}: \$? = $ac_status" >&5
+ test $ac_status = 0; }
+ if test "$ac_status" -ne 0; then
+ lt_cv_ar_at_file=@
+ fi
+ fi
+ rm -f conftest.* libconftest.a
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+fi
+{ $as_echo "$as_me:${as_lineno-5497}: result: $lt_cv_ar_at_file" >&5
+$as_echo "$lt_cv_ar_at_file" >&6; }
+
+if test "x$lt_cv_ar_at_file" = xno; then
+ archiver_list_spec=
+else
+ archiver_list_spec=$lt_cv_ar_at_file
+fi
+
+
+
+
+
+
+
+if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args.
+set dummy ${ac_tool_prefix}strip; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-5515}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_STRIP+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$STRIP"; then
+ ac_cv_prog_STRIP="$STRIP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_STRIP="${ac_tool_prefix}strip"
+ $as_echo "$as_me:${as_lineno-5531}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+STRIP=$ac_cv_prog_STRIP
+if test -n "$STRIP"; then
+ { $as_echo "$as_me:${as_lineno-5542}: result: $STRIP" >&5
+$as_echo "$STRIP" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-5545}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_STRIP"; then
+ ac_ct_STRIP=$STRIP
+ # Extract the first word of "strip", so it can be a program name with args.
+set dummy strip; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-5555}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_STRIP+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$ac_ct_STRIP"; then
+ ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_STRIP="strip"
+ $as_echo "$as_me:${as_lineno-5571}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP
+if test -n "$ac_ct_STRIP"; then
+ { $as_echo "$as_me:${as_lineno-5582}: result: $ac_ct_STRIP" >&5
+$as_echo "$ac_ct_STRIP" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-5585}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+ if test "x$ac_ct_STRIP" = x; then
+ STRIP=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-5594}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ STRIP=$ac_ct_STRIP
+ fi
+else
+ STRIP="$ac_cv_prog_STRIP"
+fi
+
+test -z "$STRIP" && STRIP=:
+
+
+
+
+
+
+if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args.
+set dummy ${ac_tool_prefix}ranlib; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-5614}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_RANLIB+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$RANLIB"; then
+ ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib"
+ $as_echo "$as_me:${as_lineno-5630}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+RANLIB=$ac_cv_prog_RANLIB
+if test -n "$RANLIB"; then
+ { $as_echo "$as_me:${as_lineno-5641}: result: $RANLIB" >&5
+$as_echo "$RANLIB" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-5644}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_RANLIB"; then
+ ac_ct_RANLIB=$RANLIB
+ # Extract the first word of "ranlib", so it can be a program name with args.
+set dummy ranlib; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-5654}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_RANLIB+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$ac_ct_RANLIB"; then
+ ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_RANLIB="ranlib"
+ $as_echo "$as_me:${as_lineno-5670}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB
+if test -n "$ac_ct_RANLIB"; then
+ { $as_echo "$as_me:${as_lineno-5681}: result: $ac_ct_RANLIB" >&5
+$as_echo "$ac_ct_RANLIB" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-5684}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+ if test "x$ac_ct_RANLIB" = x; then
+ RANLIB=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-5693}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ RANLIB=$ac_ct_RANLIB
+ fi
+else
+ RANLIB="$ac_cv_prog_RANLIB"
+fi
+
+test -z "$RANLIB" && RANLIB=:
+
+
+
+
+
+
+# Determine commands to create old-style static archives.
+old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs'
+old_postinstall_cmds='chmod 644 $oldlib'
+old_postuninstall_cmds=
+
+if test -n "$RANLIB"; then
+ case $host_os in
+ openbsd*)
+ old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$tool_oldlib"
+ ;;
+ *)
+ old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$tool_oldlib"
+ ;;
+ esac
+ old_archive_cmds="$old_archive_cmds~\$RANLIB \$tool_oldlib"
+fi
+
+case $host_os in
+ darwin*)
+ lock_old_archive_extraction=yes ;;
+ *)
+ lock_old_archive_extraction=no ;;
+esac
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+# If no C compiler was specified, use CC.
+LTCC=${LTCC-"$CC"}
+
+# If no C compiler flags were specified, use CFLAGS.
+LTCFLAGS=${LTCFLAGS-"$CFLAGS"}
+
+# Allow CC to be a program name with arguments.
+compiler=$CC
+
+
+# Check for command to grab the raw symbol name followed by C symbol from nm.
+{ $as_echo "$as_me:${as_lineno-5783}: checking command to parse $NM output from $compiler object" >&5
+$as_echo_n "checking command to parse $NM output from $compiler object... " >&6; }
+if ${lt_cv_sys_global_symbol_pipe+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+
+# These are sane defaults that work on at least a few old systems.
+# [They come from Ultrix. What could be older than Ultrix?!! ;)]
+
+# Character class describing NM global symbol codes.
+symcode='[BCDEGRST]'
+
+# Regexp to match symbols that can be accessed directly from C.
+sympat='\([_A-Za-z][_A-Za-z0-9]*\)'
+
+# Define system-specific variables.
+case $host_os in
+aix*)
+ symcode='[BCDT]'
+ ;;
+cygwin* | mingw* | pw32* | cegcc*)
+ symcode='[ABCDGISTW]'
+ ;;
+hpux*)
+ if test "$host_cpu" = ia64; then
+ symcode='[ABCDEGRST]'
+ fi
+ ;;
+irix* | nonstopux*)
+ symcode='[BCDEGRST]'
+ ;;
+osf*)
+ symcode='[BCDEGQRST]'
+ ;;
+solaris*)
+ symcode='[BDRT]'
+ ;;
+sco3.2v5*)
+ symcode='[DT]'
+ ;;
+sysv4.2uw2*)
+ symcode='[DT]'
+ ;;
+sysv5* | sco5v6* | unixware* | OpenUNIX*)
+ symcode='[ABDT]'
+ ;;
+sysv4)
+ symcode='[DFNSTU]'
+ ;;
+esac
+
+# If we're using GNU nm, then use its standard symbol codes.
+case `$NM -V 2>&1` in
+*GNU* | *'with BFD'*)
+ symcode='[ABCDGIRSTW]' ;;
+esac
+
+# Transform an extracted symbol line into a proper C declaration.
+# Some systems (esp. on ia64) link data and code symbols differently,
+# so use this general approach.
+lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'"
+
+# Transform an extracted symbol line into symbol name and symbol address
+lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([^ ]*\)[ ]*$/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/ {\"\2\", (void *) \&\2},/p'"
+lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n -e 's/^: \([^ ]*\)[ ]*$/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([^ ]*\) \(lib[^ ]*\)$/ {\"\2\", (void *) \&\2},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/ {\"lib\2\", (void *) \&\2},/p'"
+
+# Handle CRLF in mingw tool chain
+opt_cr=
+case $build_os in
+mingw*)
+ opt_cr=`$ECHO 'x\{0,1\}' | tr x '\015'` # option cr in regexp
+ ;;
+esac
+
+# Try without a prefix underscore, then with it.
+for ac_symprfx in "" "_"; do
+
+ # Transform symcode, sympat, and symprfx into a raw symbol and a C symbol.
+ symxfrm="\\1 $ac_symprfx\\2 \\2"
+
+ # Write the raw and C identifiers.
+ if test "$lt_cv_nm_interface" = "MS dumpbin"; then
+ # Fake it for dumpbin and say T for any non-static function
+ # and D for any global variable.
+ # Also find C++ and __fastcall symbols from MSVC++,
+ # which start with @ or ?.
+ lt_cv_sys_global_symbol_pipe="$AWK '"\
+" {last_section=section; section=\$ 3};"\
+" /^COFF SYMBOL TABLE/{for(i in hide) delete hide[i]};"\
+" /Section length .*#relocs.*(pick any)/{hide[last_section]=1};"\
+" \$ 0!~/External *\|/{next};"\
+" / 0+ UNDEF /{next}; / UNDEF \([^|]\)*()/{next};"\
+" {if(hide[section]) next};"\
+" {f=0}; \$ 0~/\(\).*\|/{f=1}; {printf f ? \"T \" : \"D \"};"\
+" {split(\$ 0, a, /\||\r/); split(a[2], s)};"\
+" s[1]~/^[@?]/{print s[1], s[1]; next};"\
+" s[1]~prfx {split(s[1],t,\"@\"); print t[1], substr(t[1],length(prfx))}"\
+" ' prfx=^$ac_symprfx"
+ else
+ lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[ ]\($symcode$symcode*\)[ ][ ]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'"
+ fi
+ lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | sed '/ __gnu_lto/d'"
+
+ # Check to see that the pipe works correctly.
+ pipe_works=no
+
+ rm -f conftest*
+ cat > conftest.$ac_ext <<_LT_EOF
+#ifdef __cplusplus
+extern "C" {
+#endif
+char nm_test_var;
+void nm_test_func(void);
+void nm_test_func(void){}
+#ifdef __cplusplus
+}
+#endif
+int main(){nm_test_var='a';nm_test_func();return(0);}
+_LT_EOF
+
+ if { { eval echo "\"\$as_me\":${as_lineno-5903}: \"$ac_compile\""; } >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-5906}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ # Now try to grab the symbols.
+ nlist=conftest.nm
+ if { { eval echo "\"\$as_me\":${as_lineno-5910}: \"$NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist\""; } >&5
+ (eval $NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-5913}: \$? = $ac_status" >&5
+ test $ac_status = 0; } && test -s "$nlist"; then
+ # Try sorting and uniquifying the output.
+ if sort "$nlist" | uniq > "$nlist"T; then
+ mv -f "$nlist"T "$nlist"
+ else
+ rm -f "$nlist"T
+ fi
+
+ # Make sure that we snagged all the symbols we need.
+ if $GREP ' nm_test_var$' "$nlist" >/dev/null; then
+ if $GREP ' nm_test_func$' "$nlist" >/dev/null; then
+ cat <<_LT_EOF > conftest.$ac_ext
+/* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests. */
+#if defined(_WIN32) || defined(__CYGWIN__) || defined(_WIN32_WCE)
+/* DATA imports from DLLs on WIN32 con't be const, because runtime
+ relocations are performed -- see ld's documentation on pseudo-relocs. */
+# define LT_DLSYM_CONST
+#elif defined(__osf__)
+/* This system does not cope well with relocations in const data. */
+# define LT_DLSYM_CONST
+#else
+# define LT_DLSYM_CONST const
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+_LT_EOF
+ # Now generate the symbol file.
+ eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | $GREP -v main >> conftest.$ac_ext'
+
+ cat <<_LT_EOF >> conftest.$ac_ext
+
+/* The mapping between symbol names and symbols. */
+LT_DLSYM_CONST struct {
+ const char *name;
+ void *address;
+}
+lt__PROGRAM__LTX_preloaded_symbols[] =
+{
+ { "@PROGRAM@", (void *) 0 },
+_LT_EOF
+ $SED "s/^$symcode$symcode* \(.*\) \(.*\)$/ {\"\2\", (void *) \&\2},/" < "$nlist" | $GREP -v main >> conftest.$ac_ext
+ cat <<\_LT_EOF >> conftest.$ac_ext
+ {0, (void *) 0}
+};
+
+/* This works around a problem in FreeBSD linker */
+#ifdef FREEBSD_WORKAROUND
+static const void *lt_preloaded_setup() {
+ return lt__PROGRAM__LTX_preloaded_symbols;
+}
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+_LT_EOF
+ # Now try linking the two files.
+ mv conftest.$ac_objext conftstm.$ac_objext
+ lt_globsym_save_LIBS=$LIBS
+ lt_globsym_save_CFLAGS=$CFLAGS
+ LIBS="conftstm.$ac_objext"
+ CFLAGS="$CFLAGS$lt_prog_compiler_no_builtin_flag"
+ if { { eval echo "\"\$as_me\":${as_lineno-5979}: \"$ac_link\""; } >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-5982}: \$? = $ac_status" >&5
+ test $ac_status = 0; } && test -s conftest${ac_exeext}; then
+ pipe_works=yes
+ fi
+ LIBS=$lt_globsym_save_LIBS
+ CFLAGS=$lt_globsym_save_CFLAGS
+ else
+ echo "cannot find nm_test_func in $nlist" >&5
+ fi
+ else
+ echo "cannot find nm_test_var in $nlist" >&5
+ fi
+ else
+ echo "cannot run $lt_cv_sys_global_symbol_pipe" >&5
+ fi
+ else
+ echo "$progname: failed program was:" >&5
+ cat conftest.$ac_ext >&5
+ fi
+ rm -rf conftest* conftst*
+
+ # Do not use the global_symbol_pipe unless it works.
+ if test "$pipe_works" = yes; then
+ break
+ else
+ lt_cv_sys_global_symbol_pipe=
+ fi
+done
+
+fi
+
+if test -z "$lt_cv_sys_global_symbol_pipe"; then
+ lt_cv_sys_global_symbol_to_cdecl=
+fi
+if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then
+ { $as_echo "$as_me:${as_lineno-6017}: result: failed" >&5
+$as_echo "failed" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-6020}: result: ok" >&5
+$as_echo "ok" >&6; }
+fi
+
+# Response file support.
+if test "$lt_cv_nm_interface" = "MS dumpbin"; then
+ nm_file_list_spec='@'
+elif $NM --help 2>/dev/null | grep '[@]FILE' >/dev/null; then
+ nm_file_list_spec='@'
+fi
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-6057}: checking for sysroot" >&5
+$as_echo_n "checking for sysroot... " >&6; }
+
+# Check whether --with-sysroot was given.
+if test "${with_sysroot+set}" = set; then :
+ withval=$with_sysroot;
+else
+ with_sysroot=no
+fi
+
+
+lt_sysroot=
+case ${with_sysroot} in #(
+ yes)
+ if test "$GCC" = yes; then
+ lt_sysroot=`$CC --print-sysroot 2>/dev/null`
+ fi
+ ;; #(
+ /*)
+ lt_sysroot=`echo "$with_sysroot" | sed -e "$sed_quote_subst"`
+ ;; #(
+ no|'')
+ ;; #(
+ *)
+ { $as_echo "$as_me:${as_lineno-6081}: result: ${with_sysroot}" >&5
+$as_echo "${with_sysroot}" >&6; }
+ as_fn_error $? "The sysroot must be an absolute path." "6083" 5
+ ;;
+esac
+
+ { $as_echo "$as_me:${as_lineno-6087}: result: ${lt_sysroot:-no}" >&5
+$as_echo "${lt_sysroot:-no}" >&6; }
+
+
+
+
+
+# Check whether --enable-libtool-lock was given.
+if test "${enable_libtool_lock+set}" = set; then :
+ enableval=$enable_libtool_lock;
+fi
+
+test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes
+
+# Some flags need to be propagated to the compiler or linker for good
+# libtool support.
+case $host in
+ia64-*-hpux*)
+ # Find out which ABI we are using.
+ echo 'int i;' > conftest.$ac_ext
+ if { { eval echo "\"\$as_me\":${as_lineno-6107}: \"$ac_compile\""; } >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-6110}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ case `/usr/bin/file conftest.$ac_objext` in
+ *ELF-32*)
+ HPUX_IA64_MODE="32"
+ ;;
+ *ELF-64*)
+ HPUX_IA64_MODE="64"
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+*-*-irix6*)
+ # Find out which ABI we are using.
+ echo '#line '6125' "configure"' > conftest.$ac_ext
+ if { { eval echo "\"\$as_me\":${as_lineno-6126}: \"$ac_compile\""; } >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-6129}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ if test "$lt_cv_prog_gnu_ld" = yes; then
+ case `/usr/bin/file conftest.$ac_objext` in
+ *32-bit*)
+ LD="${LD-ld} -melf32bsmip"
+ ;;
+ *N32*)
+ LD="${LD-ld} -melf32bmipn32"
+ ;;
+ *64-bit*)
+ LD="${LD-ld} -melf64bmip"
+ ;;
+ esac
+ else
+ case `/usr/bin/file conftest.$ac_objext` in
+ *32-bit*)
+ LD="${LD-ld} -32"
+ ;;
+ *N32*)
+ LD="${LD-ld} -n32"
+ ;;
+ *64-bit*)
+ LD="${LD-ld} -64"
+ ;;
+ esac
+ fi
+ fi
+ rm -rf conftest*
+ ;;
+
+x86_64-*kfreebsd*-gnu|x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*| \
+s390*-*linux*|s390*-*tpf*|sparc*-*linux*)
+ # Find out which ABI we are using.
+ echo 'int i;' > conftest.$ac_ext
+ if { { eval echo "\"\$as_me\":${as_lineno-6164}: \"$ac_compile\""; } >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-6167}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ case `/usr/bin/file conftest.o` in
+ *32-bit*)
+ case $host in
+ x86_64-*kfreebsd*-gnu)
+ LD="${LD-ld} -m elf_i386_fbsd"
+ ;;
+ x86_64-*linux*)
+ LD="${LD-ld} -m elf_i386"
+ ;;
+ ppc64-*linux*|powerpc64-*linux*)
+ LD="${LD-ld} -m elf32ppclinux"
+ ;;
+ s390x-*linux*)
+ LD="${LD-ld} -m elf_s390"
+ ;;
+ sparc64-*linux*)
+ LD="${LD-ld} -m elf32_sparc"
+ ;;
+ esac
+ ;;
+ *64-bit*)
+ case $host in
+ x86_64-*kfreebsd*-gnu)
+ LD="${LD-ld} -m elf_x86_64_fbsd"
+ ;;
+ x86_64-*linux*)
+ LD="${LD-ld} -m elf_x86_64"
+ ;;
+ ppc*-*linux*|powerpc*-*linux*)
+ LD="${LD-ld} -m elf64ppc"
+ ;;
+ s390*-*linux*|s390*-*tpf*)
+ LD="${LD-ld} -m elf64_s390"
+ ;;
+ sparc*-*linux*)
+ LD="${LD-ld} -m elf64_sparc"
+ ;;
+ esac
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+
+*-*-sco3.2v5*)
+ # On SCO OpenServer 5, we need -belf to get full-featured binaries.
+ SAVE_CFLAGS="$CFLAGS"
+ CFLAGS="$CFLAGS -belf"
+ { $as_echo "$as_me:${as_lineno-6217}: checking whether the C compiler needs -belf" >&5
+$as_echo_n "checking whether the C compiler needs -belf... " >&6; }
+if ${lt_cv_cc_needs_belf+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "6239"; then :
+ lt_cv_cc_needs_belf=yes
+else
+ lt_cv_cc_needs_belf=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+ ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+fi
+{ $as_echo "$as_me:${as_lineno-6253}: result: $lt_cv_cc_needs_belf" >&5
+$as_echo "$lt_cv_cc_needs_belf" >&6; }
+ if test x"$lt_cv_cc_needs_belf" != x"yes"; then
+ # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf
+ CFLAGS="$SAVE_CFLAGS"
+ fi
+ ;;
+*-*solaris*)
+ # Find out which ABI we are using.
+ echo 'int i;' > conftest.$ac_ext
+ if { { eval echo "\"\$as_me\":${as_lineno-6263}: \"$ac_compile\""; } >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-6266}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+ case `/usr/bin/file conftest.o` in
+ *64-bit*)
+ case $lt_cv_prog_gnu_ld in
+ yes*)
+ case $host in
+ i?86-*-solaris*)
+ LD="${LD-ld} -m elf_x86_64"
+ ;;
+ sparc*-*-solaris*)
+ LD="${LD-ld} -m elf64_sparc"
+ ;;
+ esac
+ # GNU ld 2.21 introduced _sol2 emulations. Use them if available.
+ if ${LD-ld} -V | grep _sol2 >/dev/null 2>&1; then
+ LD="${LD-ld}_sol2"
+ fi
+ ;;
+ *)
+ if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then
+ LD="${LD-ld} -64"
+ fi
+ ;;
+ esac
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+esac
+
+need_locks="$enable_libtool_lock"
+
+if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}mt", so it can be a program name with args.
+set dummy ${ac_tool_prefix}mt; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-6303}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_MANIFEST_TOOL+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$MANIFEST_TOOL"; then
+ ac_cv_prog_MANIFEST_TOOL="$MANIFEST_TOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_MANIFEST_TOOL="${ac_tool_prefix}mt"
+ $as_echo "$as_me:${as_lineno-6319}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+MANIFEST_TOOL=$ac_cv_prog_MANIFEST_TOOL
+if test -n "$MANIFEST_TOOL"; then
+ { $as_echo "$as_me:${as_lineno-6330}: result: $MANIFEST_TOOL" >&5
+$as_echo "$MANIFEST_TOOL" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-6333}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_MANIFEST_TOOL"; then
+ ac_ct_MANIFEST_TOOL=$MANIFEST_TOOL
+ # Extract the first word of "mt", so it can be a program name with args.
+set dummy mt; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-6343}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_MANIFEST_TOOL+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$ac_ct_MANIFEST_TOOL"; then
+ ac_cv_prog_ac_ct_MANIFEST_TOOL="$ac_ct_MANIFEST_TOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_MANIFEST_TOOL="mt"
+ $as_echo "$as_me:${as_lineno-6359}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_MANIFEST_TOOL=$ac_cv_prog_ac_ct_MANIFEST_TOOL
+if test -n "$ac_ct_MANIFEST_TOOL"; then
+ { $as_echo "$as_me:${as_lineno-6370}: result: $ac_ct_MANIFEST_TOOL" >&5
+$as_echo "$ac_ct_MANIFEST_TOOL" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-6373}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+ if test "x$ac_ct_MANIFEST_TOOL" = x; then
+ MANIFEST_TOOL=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-6382}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ MANIFEST_TOOL=$ac_ct_MANIFEST_TOOL
+ fi
+else
+ MANIFEST_TOOL="$ac_cv_prog_MANIFEST_TOOL"
+fi
+
+test -z "$MANIFEST_TOOL" && MANIFEST_TOOL=mt
+{ $as_echo "$as_me:${as_lineno-6393}: checking if $MANIFEST_TOOL is a manifest tool" >&5
+$as_echo_n "checking if $MANIFEST_TOOL is a manifest tool... " >&6; }
+if ${lt_cv_path_mainfest_tool+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ lt_cv_path_mainfest_tool=no
+ echo "$as_me:6399: $MANIFEST_TOOL '-?'" >&5
+ $MANIFEST_TOOL '-?' 2>conftest.err > conftest.out
+ cat conftest.err >&5
+ if $GREP 'Manifest Tool' conftest.out > /dev/null; then
+ lt_cv_path_mainfest_tool=yes
+ fi
+ rm -f conftest*
+fi
+{ $as_echo "$as_me:${as_lineno-6407}: result: $lt_cv_path_mainfest_tool" >&5
+$as_echo "$lt_cv_path_mainfest_tool" >&6; }
+if test "x$lt_cv_path_mainfest_tool" != xyes; then
+ MANIFEST_TOOL=:
+fi
+
+
+
+
+
+
+ case $host_os in
+ rhapsody* | darwin*)
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}dsymutil", so it can be a program name with args.
+set dummy ${ac_tool_prefix}dsymutil; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-6423}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_DSYMUTIL+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$DSYMUTIL"; then
+ ac_cv_prog_DSYMUTIL="$DSYMUTIL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_DSYMUTIL="${ac_tool_prefix}dsymutil"
+ $as_echo "$as_me:${as_lineno-6439}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+DSYMUTIL=$ac_cv_prog_DSYMUTIL
+if test -n "$DSYMUTIL"; then
+ { $as_echo "$as_me:${as_lineno-6450}: result: $DSYMUTIL" >&5
+$as_echo "$DSYMUTIL" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-6453}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_DSYMUTIL"; then
+ ac_ct_DSYMUTIL=$DSYMUTIL
+ # Extract the first word of "dsymutil", so it can be a program name with args.
+set dummy dsymutil; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-6463}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_DSYMUTIL+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$ac_ct_DSYMUTIL"; then
+ ac_cv_prog_ac_ct_DSYMUTIL="$ac_ct_DSYMUTIL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_DSYMUTIL="dsymutil"
+ $as_echo "$as_me:${as_lineno-6479}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_DSYMUTIL=$ac_cv_prog_ac_ct_DSYMUTIL
+if test -n "$ac_ct_DSYMUTIL"; then
+ { $as_echo "$as_me:${as_lineno-6490}: result: $ac_ct_DSYMUTIL" >&5
+$as_echo "$ac_ct_DSYMUTIL" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-6493}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+ if test "x$ac_ct_DSYMUTIL" = x; then
+ DSYMUTIL=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-6502}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ DSYMUTIL=$ac_ct_DSYMUTIL
+ fi
+else
+ DSYMUTIL="$ac_cv_prog_DSYMUTIL"
+fi
+
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}nmedit", so it can be a program name with args.
+set dummy ${ac_tool_prefix}nmedit; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-6515}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_NMEDIT+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$NMEDIT"; then
+ ac_cv_prog_NMEDIT="$NMEDIT" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_NMEDIT="${ac_tool_prefix}nmedit"
+ $as_echo "$as_me:${as_lineno-6531}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+NMEDIT=$ac_cv_prog_NMEDIT
+if test -n "$NMEDIT"; then
+ { $as_echo "$as_me:${as_lineno-6542}: result: $NMEDIT" >&5
+$as_echo "$NMEDIT" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-6545}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_NMEDIT"; then
+ ac_ct_NMEDIT=$NMEDIT
+ # Extract the first word of "nmedit", so it can be a program name with args.
+set dummy nmedit; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-6555}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_NMEDIT+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$ac_ct_NMEDIT"; then
+ ac_cv_prog_ac_ct_NMEDIT="$ac_ct_NMEDIT" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_NMEDIT="nmedit"
+ $as_echo "$as_me:${as_lineno-6571}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_NMEDIT=$ac_cv_prog_ac_ct_NMEDIT
+if test -n "$ac_ct_NMEDIT"; then
+ { $as_echo "$as_me:${as_lineno-6582}: result: $ac_ct_NMEDIT" >&5
+$as_echo "$ac_ct_NMEDIT" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-6585}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+ if test "x$ac_ct_NMEDIT" = x; then
+ NMEDIT=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-6594}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ NMEDIT=$ac_ct_NMEDIT
+ fi
+else
+ NMEDIT="$ac_cv_prog_NMEDIT"
+fi
+
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}lipo", so it can be a program name with args.
+set dummy ${ac_tool_prefix}lipo; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-6607}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_LIPO+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$LIPO"; then
+ ac_cv_prog_LIPO="$LIPO" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_LIPO="${ac_tool_prefix}lipo"
+ $as_echo "$as_me:${as_lineno-6623}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+LIPO=$ac_cv_prog_LIPO
+if test -n "$LIPO"; then
+ { $as_echo "$as_me:${as_lineno-6634}: result: $LIPO" >&5
+$as_echo "$LIPO" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-6637}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_LIPO"; then
+ ac_ct_LIPO=$LIPO
+ # Extract the first word of "lipo", so it can be a program name with args.
+set dummy lipo; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-6647}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_LIPO+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$ac_ct_LIPO"; then
+ ac_cv_prog_ac_ct_LIPO="$ac_ct_LIPO" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_LIPO="lipo"
+ $as_echo "$as_me:${as_lineno-6663}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_LIPO=$ac_cv_prog_ac_ct_LIPO
+if test -n "$ac_ct_LIPO"; then
+ { $as_echo "$as_me:${as_lineno-6674}: result: $ac_ct_LIPO" >&5
+$as_echo "$ac_ct_LIPO" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-6677}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+ if test "x$ac_ct_LIPO" = x; then
+ LIPO=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-6686}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ LIPO=$ac_ct_LIPO
+ fi
+else
+ LIPO="$ac_cv_prog_LIPO"
+fi
+
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}otool", so it can be a program name with args.
+set dummy ${ac_tool_prefix}otool; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-6699}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_OTOOL+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$OTOOL"; then
+ ac_cv_prog_OTOOL="$OTOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_OTOOL="${ac_tool_prefix}otool"
+ $as_echo "$as_me:${as_lineno-6715}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+OTOOL=$ac_cv_prog_OTOOL
+if test -n "$OTOOL"; then
+ { $as_echo "$as_me:${as_lineno-6726}: result: $OTOOL" >&5
+$as_echo "$OTOOL" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-6729}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_OTOOL"; then
+ ac_ct_OTOOL=$OTOOL
+ # Extract the first word of "otool", so it can be a program name with args.
+set dummy otool; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-6739}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_OTOOL+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$ac_ct_OTOOL"; then
+ ac_cv_prog_ac_ct_OTOOL="$ac_ct_OTOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_OTOOL="otool"
+ $as_echo "$as_me:${as_lineno-6755}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_OTOOL=$ac_cv_prog_ac_ct_OTOOL
+if test -n "$ac_ct_OTOOL"; then
+ { $as_echo "$as_me:${as_lineno-6766}: result: $ac_ct_OTOOL" >&5
+$as_echo "$ac_ct_OTOOL" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-6769}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+ if test "x$ac_ct_OTOOL" = x; then
+ OTOOL=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-6778}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ OTOOL=$ac_ct_OTOOL
+ fi
+else
+ OTOOL="$ac_cv_prog_OTOOL"
+fi
+
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}otool64", so it can be a program name with args.
+set dummy ${ac_tool_prefix}otool64; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-6791}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_OTOOL64+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$OTOOL64"; then
+ ac_cv_prog_OTOOL64="$OTOOL64" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_OTOOL64="${ac_tool_prefix}otool64"
+ $as_echo "$as_me:${as_lineno-6807}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+OTOOL64=$ac_cv_prog_OTOOL64
+if test -n "$OTOOL64"; then
+ { $as_echo "$as_me:${as_lineno-6818}: result: $OTOOL64" >&5
+$as_echo "$OTOOL64" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-6821}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_OTOOL64"; then
+ ac_ct_OTOOL64=$OTOOL64
+ # Extract the first word of "otool64", so it can be a program name with args.
+set dummy otool64; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-6831}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_OTOOL64+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$ac_ct_OTOOL64"; then
+ ac_cv_prog_ac_ct_OTOOL64="$ac_ct_OTOOL64" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_OTOOL64="otool64"
+ $as_echo "$as_me:${as_lineno-6847}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_OTOOL64=$ac_cv_prog_ac_ct_OTOOL64
+if test -n "$ac_ct_OTOOL64"; then
+ { $as_echo "$as_me:${as_lineno-6858}: result: $ac_ct_OTOOL64" >&5
+$as_echo "$ac_ct_OTOOL64" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-6861}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+ if test "x$ac_ct_OTOOL64" = x; then
+ OTOOL64=":"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-6870}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ OTOOL64=$ac_ct_OTOOL64
+ fi
+else
+ OTOOL64="$ac_cv_prog_OTOOL64"
+fi
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ { $as_echo "$as_me:${as_lineno-6906}: checking for -single_module linker flag" >&5
+$as_echo_n "checking for -single_module linker flag... " >&6; }
+if ${lt_cv_apple_cc_single_mod+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ lt_cv_apple_cc_single_mod=no
+ if test -z "${LT_MULTI_MODULE}"; then
+ # By default we will add the -single_module flag. You can override
+ # by either setting the environment variable LT_MULTI_MODULE
+ # non-empty at configure time, or by adding -multi_module to the
+ # link flags.
+ rm -rf libconftest.dylib*
+ echo "int foo(void){return 1;}" > conftest.c
+ echo "$LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \
+-dynamiclib -Wl,-single_module conftest.c" >&5
+ $LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \
+ -dynamiclib -Wl,-single_module conftest.c 2>conftest.err
+ _lt_result=$?
+ # If there is a non-empty error log, and "single_module"
+ # appears in it, assume the flag caused a linker warning
+ if test -s conftest.err && $GREP single_module conftest.err; then
+ cat conftest.err >&5
+ # Otherwise, if the output was created with a 0 exit code from
+ # the compiler, it worked.
+ elif test -f libconftest.dylib && test $_lt_result -eq 0; then
+ lt_cv_apple_cc_single_mod=yes
+ else
+ cat conftest.err >&5
+ fi
+ rm -rf libconftest.dylib*
+ rm -f conftest.*
+ fi
+fi
+{ $as_echo "$as_me:${as_lineno-6939}: result: $lt_cv_apple_cc_single_mod" >&5
+$as_echo "$lt_cv_apple_cc_single_mod" >&6; }
+
+ { $as_echo "$as_me:${as_lineno-6942}: checking for -exported_symbols_list linker flag" >&5
+$as_echo_n "checking for -exported_symbols_list linker flag... " >&6; }
+if ${lt_cv_ld_exported_symbols_list+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ lt_cv_ld_exported_symbols_list=no
+ save_LDFLAGS=$LDFLAGS
+ echo "_main" > conftest.sym
+ LDFLAGS="$LDFLAGS -Wl,-exported_symbols_list,conftest.sym"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "6962"; then :
+ lt_cv_ld_exported_symbols_list=yes
+else
+ lt_cv_ld_exported_symbols_list=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+ LDFLAGS="$save_LDFLAGS"
+
+fi
+{ $as_echo "$as_me:${as_lineno-6972}: result: $lt_cv_ld_exported_symbols_list" >&5
+$as_echo "$lt_cv_ld_exported_symbols_list" >&6; }
+
+ { $as_echo "$as_me:${as_lineno-6975}: checking for -force_load linker flag" >&5
+$as_echo_n "checking for -force_load linker flag... " >&6; }
+if ${lt_cv_ld_force_load+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ lt_cv_ld_force_load=no
+ cat > conftest.c << _LT_EOF
+int forced_loaded() { return 2;}
+_LT_EOF
+ echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&5
+ $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&5
+ echo "$AR cru libconftest.a conftest.o" >&5
+ $AR cru libconftest.a conftest.o 2>&5
+ echo "$RANLIB libconftest.a" >&5
+ $RANLIB libconftest.a 2>&5
+ cat > conftest.c << _LT_EOF
+int main() { return 0;}
+_LT_EOF
+ echo "$LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a" >&5
+ $LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a 2>conftest.err
+ _lt_result=$?
+ if test -s conftest.err && $GREP force_load conftest.err; then
+ cat conftest.err >&5
+ elif test -f conftest && test $_lt_result -eq 0 && $GREP forced_load conftest >/dev/null 2>&1 ; then
+ lt_cv_ld_force_load=yes
+ else
+ cat conftest.err >&5
+ fi
+ rm -f conftest.err libconftest.a conftest conftest.c
+ rm -rf conftest.dSYM
+
+fi
+{ $as_echo "$as_me:${as_lineno-7007}: result: $lt_cv_ld_force_load" >&5
+$as_echo "$lt_cv_ld_force_load" >&6; }
+ case $host_os in
+ rhapsody* | darwin1.[012])
+ _lt_dar_allow_undefined='${wl}-undefined ${wl}suppress' ;;
+ darwin1.*)
+ _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;;
+ darwin*) # darwin 5.x on
+ # if running on 10.5 or later, the deployment target defaults
+ # to the OS version, if on x86, and 10.4, the deployment
+ # target defaults to 10.4. Don't you love it?
+ case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in
+ 10.0,*86*-darwin8*|10.0,*-darwin[91]*)
+ _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;;
+ 10.[012]*)
+ _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;;
+ 10.*)
+ _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;;
+ esac
+ ;;
+ esac
+ if test "$lt_cv_apple_cc_single_mod" = "yes"; then
+ _lt_dar_single_mod='$single_module'
+ fi
+ if test "$lt_cv_ld_exported_symbols_list" = "yes"; then
+ _lt_dar_export_syms=' ${wl}-exported_symbols_list,$output_objdir/${libname}-symbols.expsym'
+ else
+ _lt_dar_export_syms='~$NMEDIT -s $output_objdir/${libname}-symbols.expsym ${lib}'
+ fi
+ if test "$DSYMUTIL" != ":" && test "$lt_cv_ld_force_load" = "no"; then
+ _lt_dsymutil='~$DSYMUTIL $lib || :'
+ else
+ _lt_dsymutil=
+ fi
+ ;;
+ esac
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+{ $as_echo "$as_me:${as_lineno-7049}: checking how to run the C preprocessor" >&5
+$as_echo_n "checking how to run the C preprocessor... " >&6; }
+# On Suns, sometimes $CPP names a directory.
+if test -n "$CPP" && test -d "$CPP"; then
+ CPP=
+fi
+if test -z "$CPP"; then
+ if ${ac_cv_prog_CPP+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ # Double quotes because CPP needs to be expanded
+ for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp"
+ do
+ ac_preproc_ok=false
+for ac_c_preproc_warn_flag in '' yes
+do
+ # Use a header file that comes with gcc, so configuring glibc
+ # with a fresh cross-compiler works.
+ # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+ # <limits.h> exists even on freestanding compilers.
+ # On the NeXT, cc -E runs the code through the compiler's parser,
+ # not just through cpp. "Syntax error" is here to catch this case.
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+ Syntax error
+_ACEOF
+if ac_fn_c_try_cpp "7080"; then :
+
+else
+ # Broken: fails on valid input.
+continue
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+ # OK, works on sane cases. Now check whether nonexistent headers
+ # can be detected and how.
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <ac_nonexistent.h>
+_ACEOF
+if ac_fn_c_try_cpp "7094"; then :
+ # Broken: success on invalid input.
+continue
+else
+ # Passes both tests.
+ac_preproc_ok=:
+break
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+done
+# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
+rm -f conftest.i conftest.err conftest.$ac_ext
+if $ac_preproc_ok; then :
+ break
+fi
+
+ done
+ ac_cv_prog_CPP=$CPP
+
+fi
+ CPP=$ac_cv_prog_CPP
+else
+ ac_cv_prog_CPP=$CPP
+fi
+{ $as_echo "$as_me:${as_lineno-7119}: result: $CPP" >&5
+$as_echo "$CPP" >&6; }
+ac_preproc_ok=false
+for ac_c_preproc_warn_flag in '' yes
+do
+ # Use a header file that comes with gcc, so configuring glibc
+ # with a fresh cross-compiler works.
+ # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+ # <limits.h> exists even on freestanding compilers.
+ # On the NeXT, cc -E runs the code through the compiler's parser,
+ # not just through cpp. "Syntax error" is here to catch this case.
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+ Syntax error
+_ACEOF
+if ac_fn_c_try_cpp "7139"; then :
+
+else
+ # Broken: fails on valid input.
+continue
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+ # OK, works on sane cases. Now check whether nonexistent headers
+ # can be detected and how.
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <ac_nonexistent.h>
+_ACEOF
+if ac_fn_c_try_cpp "7153"; then :
+ # Broken: success on invalid input.
+continue
+else
+ # Passes both tests.
+ac_preproc_ok=:
+break
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+done
+# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
+rm -f conftest.i conftest.err conftest.$ac_ext
+if $ac_preproc_ok; then :
+
+else
+ { { $as_echo "$as_me:${as_lineno-7169}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "C preprocessor \"$CPP\" fails sanity check
+See \`config.log' for more details" "7172" 5; }
+fi
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+{ $as_echo "$as_me:${as_lineno-7182}: checking for ANSI C header files" >&5
+$as_echo_n "checking for ANSI C header files... " >&6; }
+if ${ac_cv_header_stdc+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <stdlib.h>
+#include <stdarg.h>
+#include <string.h>
+#include <float.h>
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "7202"; then :
+ ac_cv_header_stdc=yes
+else
+ ac_cv_header_stdc=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+if test $ac_cv_header_stdc = yes; then
+ # SunOS 4.x string.h does not declare mem*, contrary to ANSI.
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <string.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "memchr" >/dev/null 2>&1; then :
+
+else
+ ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+fi
+
+if test $ac_cv_header_stdc = yes; then
+ # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <stdlib.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "free" >/dev/null 2>&1; then :
+
+else
+ ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+fi
+
+if test $ac_cv_header_stdc = yes; then
+ # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi.
+ if test "$cross_compiling" = yes; then :
+ :
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <ctype.h>
+#include <stdlib.h>
+#if ((' ' & 0x0FF) == 0x020)
+# define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
+# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c))
+#else
+# define ISLOWER(c) \
+ (('a' <= (c) && (c) <= 'i') \
+ || ('j' <= (c) && (c) <= 'r') \
+ || ('s' <= (c) && (c) <= 'z'))
+# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c))
+#endif
+
+#define XOR(e, f) (((e) && !(f)) || (!(e) && (f)))
+int
+main ()
+{
+ int i;
+ for (i = 0; i < 256; i++)
+ if (XOR (islower (i), ISLOWER (i))
+ || toupper (i) != TOUPPER (i))
+ return 2;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "7275"; then :
+
+else
+ ac_cv_header_stdc=no
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+ conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+
+fi
+fi
+{ $as_echo "$as_me:${as_lineno-7286}: result: $ac_cv_header_stdc" >&5
+$as_echo "$ac_cv_header_stdc" >&6; }
+if test $ac_cv_header_stdc = yes; then
+
+$as_echo "#define STDC_HEADERS 1" >>confdefs.h
+
+fi
+
+# On IRIX 5.3, sys/types and inttypes.h are conflicting.
+for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \
+ inttypes.h stdint.h unistd.h
+do :
+ as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
+ac_fn_c_check_header_compile "7299" "$ac_header" "$as_ac_Header" "$ac_includes_default
+"
+if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
+ cat >>confdefs.h <<_ACEOF
+#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
+for ac_header in dlfcn.h
+do :
+ ac_fn_c_check_header_compile "7313" "dlfcn.h" "ac_cv_header_dlfcn_h" "$ac_includes_default
+"
+if test "x$ac_cv_header_dlfcn_h" = xyes; then :
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_DLFCN_H 1
+_ACEOF
+
+fi
+
+done
+
+
+
+
+
+# Set options
+
+
+
+ enable_dlopen=no
+
+
+ enable_win32_dll=no
+
+
+ # Check whether --enable-shared was given.
+if test "${enable_shared+set}" = set; then :
+ enableval=$enable_shared; p=${PACKAGE-default}
+ case $enableval in
+ yes) enable_shared=yes ;;
+ no) enable_shared=no ;;
+ *)
+ enable_shared=no
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+ for pkg in $enableval; do
+ IFS="$lt_save_ifs"
+ if test "X$pkg" = "X$p"; then
+ enable_shared=yes
+ fi
+ done
+ IFS="$lt_save_ifs"
+ ;;
+ esac
+else
+ enable_shared=yes
+fi
+
+
+
+
+
+
+
+
+
+ # Check whether --enable-static was given.
+if test "${enable_static+set}" = set; then :
+ enableval=$enable_static; p=${PACKAGE-default}
+ case $enableval in
+ yes) enable_static=yes ;;
+ no) enable_static=no ;;
+ *)
+ enable_static=no
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+ for pkg in $enableval; do
+ IFS="$lt_save_ifs"
+ if test "X$pkg" = "X$p"; then
+ enable_static=yes
+ fi
+ done
+ IFS="$lt_save_ifs"
+ ;;
+ esac
+else
+ enable_static=yes
+fi
+
+
+
+
+
+
+
+
+
+
+# Check whether --with-pic was given.
+if test "${with_pic+set}" = set; then :
+ withval=$with_pic; lt_p=${PACKAGE-default}
+ case $withval in
+ yes|no) pic_mode=$withval ;;
+ *)
+ pic_mode=default
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+ for lt_pkg in $withval; do
+ IFS="$lt_save_ifs"
+ if test "X$lt_pkg" = "X$lt_p"; then
+ pic_mode=yes
+ fi
+ done
+ IFS="$lt_save_ifs"
+ ;;
+ esac
+else
+ pic_mode=default
+fi
+
+
+test -z "$pic_mode" && pic_mode=default
+
+
+
+
+
+
+
+ # Check whether --enable-fast-install was given.
+if test "${enable_fast_install+set}" = set; then :
+ enableval=$enable_fast_install; p=${PACKAGE-default}
+ case $enableval in
+ yes) enable_fast_install=yes ;;
+ no) enable_fast_install=no ;;
+ *)
+ enable_fast_install=no
+ # Look at the argument we got. We use all the common list separators.
+ lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+ for pkg in $enableval; do
+ IFS="$lt_save_ifs"
+ if test "X$pkg" = "X$p"; then
+ enable_fast_install=yes
+ fi
+ done
+ IFS="$lt_save_ifs"
+ ;;
+ esac
+else
+ enable_fast_install=yes
+fi
+
+
+
+
+
+
+
+
+
+
+
+# This can be used to rebuild libtool when needed
+LIBTOOL_DEPS="$ltmain"
+
+# Always use our own libtool.
+LIBTOOL='$(SHELL) $(top_builddir)/libtool'
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+test -z "$LN_S" && LN_S="ln -s"
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+if test -n "${ZSH_VERSION+set}" ; then
+ setopt NO_GLOB_SUBST
+fi
+
+{ $as_echo "$as_me:${as_lineno-7519}: checking for objdir" >&5
+$as_echo_n "checking for objdir... " >&6; }
+if ${lt_cv_objdir+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ rm -f .libs 2>/dev/null
+mkdir .libs 2>/dev/null
+if test -d .libs; then
+ lt_cv_objdir=.libs
+else
+ # MS-DOS does not allow filenames that begin with a dot.
+ lt_cv_objdir=_libs
+fi
+rmdir .libs 2>/dev/null
+fi
+{ $as_echo "$as_me:${as_lineno-7534}: result: $lt_cv_objdir" >&5
+$as_echo "$lt_cv_objdir" >&6; }
+objdir=$lt_cv_objdir
+
+
+
+
+
+cat >>confdefs.h <<_ACEOF
+#define LT_OBJDIR "$lt_cv_objdir/"
+_ACEOF
+
+
+
+
+case $host_os in
+aix3*)
+ # AIX sometimes has problems with the GCC collect2 program. For some
+ # reason, if we set the COLLECT_NAMES environment variable, the problems
+ # vanish in a puff of smoke.
+ if test "X${COLLECT_NAMES+set}" != Xset; then
+ COLLECT_NAMES=
+ export COLLECT_NAMES
+ fi
+ ;;
+esac
+
+# Global variables:
+ofile=libtool
+can_build_shared=yes
+
+# All known linkers require a `.a' archive for static linking (except MSVC,
+# which needs '.lib').
+libext=a
+
+with_gnu_ld="$lt_cv_prog_gnu_ld"
+
+old_CC="$CC"
+old_CFLAGS="$CFLAGS"
+
+# Set sane defaults for various variables
+test -z "$CC" && CC=cc
+test -z "$LTCC" && LTCC=$CC
+test -z "$LTCFLAGS" && LTCFLAGS=$CFLAGS
+test -z "$LD" && LD=ld
+test -z "$ac_objext" && ac_objext=o
+
+for cc_temp in $compiler""; do
+ case $cc_temp in
+ compile | *[\\/]compile | ccache | *[\\/]ccache ) ;;
+ distcc | *[\\/]distcc | purify | *[\\/]purify ) ;;
+ \-*) ;;
+ *) break;;
+ esac
+done
+cc_basename=`$ECHO "$cc_temp" | $SED "s%.*/%%; s%^$host_alias-%%"`
+
+
+# Only perform the check for file, if the check method requires it
+test -z "$MAGIC_CMD" && MAGIC_CMD=file
+case $deplibs_check_method in
+file_magic*)
+ if test "$file_magic_cmd" = '$MAGIC_CMD'; then
+ { $as_echo "$as_me:${as_lineno-7597}: checking for ${ac_tool_prefix}file" >&5
+$as_echo_n "checking for ${ac_tool_prefix}file... " >&6; }
+if ${lt_cv_path_MAGIC_CMD+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ case $MAGIC_CMD in
+[\\/*] | ?:[\\/]*)
+ lt_cv_path_MAGIC_CMD="$MAGIC_CMD" # Let the user override the test with a path.
+ ;;
+*)
+ lt_save_MAGIC_CMD="$MAGIC_CMD"
+ lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+ ac_dummy="/usr/bin$PATH_SEPARATOR$PATH"
+ for ac_dir in $ac_dummy; do
+ IFS="$lt_save_ifs"
+ test -z "$ac_dir" && ac_dir=.
+ if test -f $ac_dir/${ac_tool_prefix}file; then
+ lt_cv_path_MAGIC_CMD="$ac_dir/${ac_tool_prefix}file"
+ if test -n "$file_magic_test_file"; then
+ case $deplibs_check_method in
+ "file_magic "*)
+ file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"`
+ MAGIC_CMD="$lt_cv_path_MAGIC_CMD"
+ if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null |
+ $EGREP "$file_magic_regex" > /dev/null; then
+ :
+ else
+ cat <<_LT_EOF 1>&2
+
+*** Warning: the command libtool uses to detect shared libraries,
+*** $file_magic_cmd, produces output that libtool cannot recognize.
+*** The result is that libtool may fail to recognize shared libraries
+*** as such. This will affect the creation of libtool libraries that
+*** depend on shared libraries, but programs linked with such libtool
+*** libraries will work regardless of this problem. Nevertheless, you
+*** may want to report the problem to your system manager and/or to
+*** bug-libtool@gnu.org
+
+_LT_EOF
+ fi ;;
+ esac
+ fi
+ break
+ fi
+ done
+ IFS="$lt_save_ifs"
+ MAGIC_CMD="$lt_save_MAGIC_CMD"
+ ;;
+esac
+fi
+
+MAGIC_CMD="$lt_cv_path_MAGIC_CMD"
+if test -n "$MAGIC_CMD"; then
+ { $as_echo "$as_me:${as_lineno-7650}: result: $MAGIC_CMD" >&5
+$as_echo "$MAGIC_CMD" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-7653}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+
+
+
+if test -z "$lt_cv_path_MAGIC_CMD"; then
+ if test -n "$ac_tool_prefix"; then
+ { $as_echo "$as_me:${as_lineno-7663}: checking for file" >&5
+$as_echo_n "checking for file... " >&6; }
+if ${lt_cv_path_MAGIC_CMD+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ case $MAGIC_CMD in
+[\\/*] | ?:[\\/]*)
+ lt_cv_path_MAGIC_CMD="$MAGIC_CMD" # Let the user override the test with a path.
+ ;;
+*)
+ lt_save_MAGIC_CMD="$MAGIC_CMD"
+ lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+ ac_dummy="/usr/bin$PATH_SEPARATOR$PATH"
+ for ac_dir in $ac_dummy; do
+ IFS="$lt_save_ifs"
+ test -z "$ac_dir" && ac_dir=.
+ if test -f $ac_dir/file; then
+ lt_cv_path_MAGIC_CMD="$ac_dir/file"
+ if test -n "$file_magic_test_file"; then
+ case $deplibs_check_method in
+ "file_magic "*)
+ file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"`
+ MAGIC_CMD="$lt_cv_path_MAGIC_CMD"
+ if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null |
+ $EGREP "$file_magic_regex" > /dev/null; then
+ :
+ else
+ cat <<_LT_EOF 1>&2
+
+*** Warning: the command libtool uses to detect shared libraries,
+*** $file_magic_cmd, produces output that libtool cannot recognize.
+*** The result is that libtool may fail to recognize shared libraries
+*** as such. This will affect the creation of libtool libraries that
+*** depend on shared libraries, but programs linked with such libtool
+*** libraries will work regardless of this problem. Nevertheless, you
+*** may want to report the problem to your system manager and/or to
+*** bug-libtool@gnu.org
+
+_LT_EOF
+ fi ;;
+ esac
+ fi
+ break
+ fi
+ done
+ IFS="$lt_save_ifs"
+ MAGIC_CMD="$lt_save_MAGIC_CMD"
+ ;;
+esac
+fi
+
+MAGIC_CMD="$lt_cv_path_MAGIC_CMD"
+if test -n "$MAGIC_CMD"; then
+ { $as_echo "$as_me:${as_lineno-7716}: result: $MAGIC_CMD" >&5
+$as_echo "$MAGIC_CMD" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-7719}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+ else
+ MAGIC_CMD=:
+ fi
+fi
+
+ fi
+ ;;
+esac
+
+# Use C for the default configuration in the libtool script
+
+lt_save_CC="$CC"
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+# Source file extension for C test sources.
+ac_ext=c
+
+# Object file extension for compiled C test sources.
+objext=o
+objext=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code="int some_variable = 0;"
+
+# Code to be used in simple link tests
+lt_simple_link_test_code='int main(){return(0);}'
+
+
+
+
+
+
+
+# If no C compiler was specified, use CC.
+LTCC=${LTCC-"$CC"}
+
+# If no C compiler flags were specified, use CFLAGS.
+LTCFLAGS=${LTCFLAGS-"$CFLAGS"}
+
+# Allow CC to be a program name with arguments.
+compiler=$CC
+
+# Save the default compiler, since it gets overwritten when the other
+# tags are being tested, and _LT_TAGVAR(compiler, []) is a NOP.
+compiler_DEFAULT=$CC
+
+# save warnings/boilerplate of simple test code
+ac_outfile=conftest.$ac_objext
+echo "$lt_simple_compile_test_code" >conftest.$ac_ext
+eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_compiler_boilerplate=`cat conftest.err`
+$RM conftest*
+
+ac_outfile=conftest.$ac_objext
+echo "$lt_simple_link_test_code" >conftest.$ac_ext
+eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_linker_boilerplate=`cat conftest.err`
+$RM -r conftest*
+
+
+if test -n "$compiler"; then
+
+lt_prog_compiler_no_builtin_flag=
+
+if test "$GCC" = yes; then
+ case $cc_basename in
+ nvcc*)
+ lt_prog_compiler_no_builtin_flag=' -Xcompiler -fno-builtin' ;;
+ *)
+ lt_prog_compiler_no_builtin_flag=' -fno-builtin' ;;
+ esac
+
+ { $as_echo "$as_me:${as_lineno-7801}: checking if $compiler supports -fno-rtti -fno-exceptions" >&5
+$as_echo_n "checking if $compiler supports -fno-rtti -fno-exceptions... " >&6; }
+if ${lt_cv_prog_compiler_rtti_exceptions+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ lt_cv_prog_compiler_rtti_exceptions=no
+ ac_outfile=conftest.$ac_objext
+ echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+ lt_compiler_flag="-fno-rtti -fno-exceptions"
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ # The option is referenced via a variable to avoid confusing sed.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:7819: $lt_compile\"" >&5)
+ (eval "$lt_compile" 2>conftest.err)
+ ac_status=$?
+ cat conftest.err >&5
+ echo "$as_me:7823: \$? = $ac_status" >&5
+ if (exit $ac_status) && test -s "$ac_outfile"; then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings other than the usual output.
+ $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
+ lt_cv_prog_compiler_rtti_exceptions=yes
+ fi
+ fi
+ $RM conftest*
+
+fi
+{ $as_echo "$as_me:${as_lineno-7836}: result: $lt_cv_prog_compiler_rtti_exceptions" >&5
+$as_echo "$lt_cv_prog_compiler_rtti_exceptions" >&6; }
+
+if test x"$lt_cv_prog_compiler_rtti_exceptions" = xyes; then
+ lt_prog_compiler_no_builtin_flag="$lt_prog_compiler_no_builtin_flag -fno-rtti -fno-exceptions"
+else
+ :
+fi
+
+fi
+
+
+
+
+
+
+ lt_prog_compiler_wl=
+lt_prog_compiler_pic=
+lt_prog_compiler_static=
+
+
+ if test "$GCC" = yes; then
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_static='-static'
+
+ case $host_os in
+ aix*)
+ # All AIX code is PIC.
+ if test "$host_cpu" = ia64; then
+ # AIX 5 now supports IA64 processor
+ lt_prog_compiler_static='-Bstatic'
+ fi
+ ;;
+
+ amigaos*)
+ case $host_cpu in
+ powerpc)
+ # see comment about AmigaOS4 .so support
+ lt_prog_compiler_pic='-fPIC'
+ ;;
+ m68k)
+ # FIXME: we need at least 68020 code to build shared libraries, but
+ # adding the `-m68020' flag to GCC prevents building anything better,
+ # like `-m68040'.
+ lt_prog_compiler_pic='-m68020 -resident32 -malways-restore-a4'
+ ;;
+ esac
+ ;;
+
+ beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*)
+ # PIC is the default for these OSes.
+ ;;
+
+ mingw* | cygwin* | pw32* | os2* | cegcc*)
+ # This hack is so that the source file can tell whether it is being
+ # built for inclusion in a dll (and should export symbols for example).
+ # Although the cygwin gcc ignores -fPIC, still need this for old-style
+ # (--disable-auto-import) libraries
+ lt_prog_compiler_pic='-DDLL_EXPORT'
+ ;;
+
+ darwin* | rhapsody*)
+ # PIC is the default on this platform
+ # Common symbols not allowed in MH_DYLIB files
+ lt_prog_compiler_pic='-fno-common'
+ ;;
+
+ haiku*)
+ # PIC is the default for Haiku.
+ # The "-static" flag exists, but is broken.
+ lt_prog_compiler_static=
+ ;;
+
+ hpux*)
+ # PIC is the default for 64-bit PA HP-UX, but not for 32-bit
+ # PA HP-UX. On IA64 HP-UX, PIC is the default but the pic flag
+ # sets the default TLS model and affects inlining.
+ case $host_cpu in
+ hppa*64*)
+ # +Z the default
+ ;;
+ *)
+ lt_prog_compiler_pic='-fPIC'
+ ;;
+ esac
+ ;;
+
+ interix[3-9]*)
+ # Interix 3.x gcc -fpic/-fPIC options generate broken code.
+ # Instead, we relocate shared libraries at runtime.
+ ;;
+
+ msdosdjgpp*)
+ # Just because we use GCC doesn't mean we suddenly get shared libraries
+ # on systems that don't support them.
+ lt_prog_compiler_can_build_shared=no
+ enable_shared=no
+ ;;
+
+ *nto* | *qnx*)
+ # QNX uses GNU C++, but need to define -shared option too, otherwise
+ # it will coredump.
+ lt_prog_compiler_pic='-fPIC -shared'
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ lt_prog_compiler_pic=-Kconform_pic
+ fi
+ ;;
+
+ *)
+ lt_prog_compiler_pic='-fPIC'
+ ;;
+ esac
+
+ case $cc_basename in
+ nvcc*) # Cuda Compiler Driver 2.2
+ lt_prog_compiler_wl='-Xlinker '
+ if test -n "$lt_prog_compiler_pic"; then
+ lt_prog_compiler_pic="-Xcompiler $lt_prog_compiler_pic"
+ fi
+ ;;
+ esac
+ else
+ # PORTME Check for flag to pass linker flags through the system compiler.
+ case $host_os in
+ aix*)
+ lt_prog_compiler_wl='-Wl,'
+ if test "$host_cpu" = ia64; then
+ # AIX 5 now supports IA64 processor
+ lt_prog_compiler_static='-Bstatic'
+ else
+ lt_prog_compiler_static='-bnso -bI:/lib/syscalls.exp'
+ fi
+ ;;
+
+ mingw* | cygwin* | pw32* | os2* | cegcc*)
+ # This hack is so that the source file can tell whether it is being
+ # built for inclusion in a dll (and should export symbols for example).
+ lt_prog_compiler_pic='-DDLL_EXPORT'
+ ;;
+
+ hpux9* | hpux10* | hpux11*)
+ lt_prog_compiler_wl='-Wl,'
+ # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but
+ # not for PA HP-UX.
+ case $host_cpu in
+ hppa*64*|ia64*)
+ # +Z the default
+ ;;
+ *)
+ lt_prog_compiler_pic='+Z'
+ ;;
+ esac
+ # Is there a better lt_prog_compiler_static that works with the bundled CC?
+ lt_prog_compiler_static='${wl}-a ${wl}archive'
+ ;;
+
+ irix5* | irix6* | nonstopux*)
+ lt_prog_compiler_wl='-Wl,'
+ # PIC (with -KPIC) is the default.
+ lt_prog_compiler_static='-non_shared'
+ ;;
+
+ linux* | k*bsd*-gnu | kopensolaris*-gnu)
+ case $cc_basename in
+ # old Intel for x86_64 which still supported -KPIC.
+ ecc*)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-KPIC'
+ lt_prog_compiler_static='-static'
+ ;;
+ # icc used to be incompatible with GCC.
+ # ICC 10 doesn't accept -KPIC any more.
+ icc* | ifort*)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-fPIC'
+ lt_prog_compiler_static='-static'
+ ;;
+ # Lahey Fortran 8.1.
+ lf95*)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='--shared'
+ lt_prog_compiler_static='--static'
+ ;;
+ nagfor*)
+ # NAG Fortran compiler
+ lt_prog_compiler_wl='-Wl,-Wl,,'
+ lt_prog_compiler_pic='-PIC'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+ pgcc* | pgf77* | pgf90* | pgf95* | pgfortran*)
+ # Portland Group compilers (*not* the Pentium gcc compiler,
+ # which looks to be a dead project)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-fpic'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+ ccc*)
+ lt_prog_compiler_wl='-Wl,'
+ # All Alpha code is PIC.
+ lt_prog_compiler_static='-non_shared'
+ ;;
+ xl* | bgxl* | bgf* | mpixl*)
+ # IBM XL C 8.0/Fortran 10.1, 11.1 on PPC and BlueGene
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-qpic'
+ lt_prog_compiler_static='-qstaticlink'
+ ;;
+ *)
+ case `$CC -V 2>&1 | sed 5q` in
+ *Sun\ Ceres\ Fortran* | *Sun*Fortran*\ [1-7].* | *Sun*Fortran*\ 8.[0-3]*)
+ # Sun Fortran 8.3 passes all unrecognized flags to the linker
+ lt_prog_compiler_pic='-KPIC'
+ lt_prog_compiler_static='-Bstatic'
+ lt_prog_compiler_wl=''
+ ;;
+ *Sun\ F* | *Sun*Fortran*)
+ lt_prog_compiler_pic='-KPIC'
+ lt_prog_compiler_static='-Bstatic'
+ lt_prog_compiler_wl='-Qoption ld '
+ ;;
+ *Sun\ C*)
+ # Sun C 5.9
+ lt_prog_compiler_pic='-KPIC'
+ lt_prog_compiler_static='-Bstatic'
+ lt_prog_compiler_wl='-Wl,'
+ ;;
+ *Intel*\ [CF]*Compiler*)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-fPIC'
+ lt_prog_compiler_static='-static'
+ ;;
+ *Portland\ Group*)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-fpic'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+ esac
+ ;;
+ esac
+ ;;
+
+ newsos6)
+ lt_prog_compiler_pic='-KPIC'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+
+ *nto* | *qnx*)
+ # QNX uses GNU C++, but need to define -shared option too, otherwise
+ # it will coredump.
+ lt_prog_compiler_pic='-fPIC -shared'
+ ;;
+
+ osf3* | osf4* | osf5*)
+ lt_prog_compiler_wl='-Wl,'
+ # All OSF/1 code is PIC.
+ lt_prog_compiler_static='-non_shared'
+ ;;
+
+ rdos*)
+ lt_prog_compiler_static='-non_shared'
+ ;;
+
+ solaris*)
+ lt_prog_compiler_pic='-KPIC'
+ lt_prog_compiler_static='-Bstatic'
+ case $cc_basename in
+ f77* | f90* | f95* | sunf77* | sunf90* | sunf95*)
+ lt_prog_compiler_wl='-Qoption ld ';;
+ *)
+ lt_prog_compiler_wl='-Wl,';;
+ esac
+ ;;
+
+ sunos4*)
+ lt_prog_compiler_wl='-Qoption ld '
+ lt_prog_compiler_pic='-PIC'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+
+ sysv4 | sysv4.2uw2* | sysv4.3*)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-KPIC'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec ;then
+ lt_prog_compiler_pic='-Kconform_pic'
+ lt_prog_compiler_static='-Bstatic'
+ fi
+ ;;
+
+ sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-KPIC'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+
+ unicos*)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_can_build_shared=no
+ ;;
+
+ uts4*)
+ lt_prog_compiler_pic='-pic'
+ lt_prog_compiler_static='-Bstatic'
+ ;;
+
+ *)
+ lt_prog_compiler_can_build_shared=no
+ ;;
+ esac
+ fi
+
+case $host_os in
+ # For platforms which do not support PIC, -DPIC is meaningless:
+ *djgpp*)
+ lt_prog_compiler_pic=
+ ;;
+ *)
+ lt_prog_compiler_pic="$lt_prog_compiler_pic -DPIC"
+ ;;
+esac
+
+{ $as_echo "$as_me:${as_lineno-8163}: checking for $compiler option to produce PIC" >&5
+$as_echo_n "checking for $compiler option to produce PIC... " >&6; }
+if ${lt_cv_prog_compiler_pic+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ lt_cv_prog_compiler_pic=$lt_prog_compiler_pic
+fi
+{ $as_echo "$as_me:${as_lineno-8170}: result: $lt_cv_prog_compiler_pic" >&5
+$as_echo "$lt_cv_prog_compiler_pic" >&6; }
+lt_prog_compiler_pic=$lt_cv_prog_compiler_pic
+
+#
+# Check to make sure the PIC flag actually works.
+#
+if test -n "$lt_prog_compiler_pic"; then
+ { $as_echo "$as_me:${as_lineno-8178}: checking if $compiler PIC flag $lt_prog_compiler_pic works" >&5
+$as_echo_n "checking if $compiler PIC flag $lt_prog_compiler_pic works... " >&6; }
+if ${lt_cv_prog_compiler_pic_works+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ lt_cv_prog_compiler_pic_works=no
+ ac_outfile=conftest.$ac_objext
+ echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+ lt_compiler_flag="$lt_prog_compiler_pic -DPIC"
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ # The option is referenced via a variable to avoid confusing sed.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:8196: $lt_compile\"" >&5)
+ (eval "$lt_compile" 2>conftest.err)
+ ac_status=$?
+ cat conftest.err >&5
+ echo "$as_me:8200: \$? = $ac_status" >&5
+ if (exit $ac_status) && test -s "$ac_outfile"; then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings other than the usual output.
+ $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
+ lt_cv_prog_compiler_pic_works=yes
+ fi
+ fi
+ $RM conftest*
+
+fi
+{ $as_echo "$as_me:${as_lineno-8213}: result: $lt_cv_prog_compiler_pic_works" >&5
+$as_echo "$lt_cv_prog_compiler_pic_works" >&6; }
+
+if test x"$lt_cv_prog_compiler_pic_works" = xyes; then
+ case $lt_prog_compiler_pic in
+ "" | " "*) ;;
+ *) lt_prog_compiler_pic=" $lt_prog_compiler_pic" ;;
+ esac
+else
+ lt_prog_compiler_pic=
+ lt_prog_compiler_can_build_shared=no
+fi
+
+fi
+
+
+
+
+
+
+
+
+
+
+
+#
+# Check to make sure the static flag actually works.
+#
+wl=$lt_prog_compiler_wl eval lt_tmp_static_flag=\"$lt_prog_compiler_static\"
+{ $as_echo "$as_me:${as_lineno-8242}: checking if $compiler static flag $lt_tmp_static_flag works" >&5
+$as_echo_n "checking if $compiler static flag $lt_tmp_static_flag works... " >&6; }
+if ${lt_cv_prog_compiler_static_works+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ lt_cv_prog_compiler_static_works=no
+ save_LDFLAGS="$LDFLAGS"
+ LDFLAGS="$LDFLAGS $lt_tmp_static_flag"
+ echo "$lt_simple_link_test_code" > conftest.$ac_ext
+ if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then
+ # The linker can only warn and ignore the option if not recognized
+ # So say no if there are warnings
+ if test -s conftest.err; then
+ # Append any errors to the config.log.
+ cat conftest.err 1>&5
+ $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if diff conftest.exp conftest.er2 >/dev/null; then
+ lt_cv_prog_compiler_static_works=yes
+ fi
+ else
+ lt_cv_prog_compiler_static_works=yes
+ fi
+ fi
+ $RM -r conftest*
+ LDFLAGS="$save_LDFLAGS"
+
+fi
+{ $as_echo "$as_me:${as_lineno-8270}: result: $lt_cv_prog_compiler_static_works" >&5
+$as_echo "$lt_cv_prog_compiler_static_works" >&6; }
+
+if test x"$lt_cv_prog_compiler_static_works" = xyes; then
+ :
+else
+ lt_prog_compiler_static=
+fi
+
+
+
+
+
+
+
+ { $as_echo "$as_me:${as_lineno-8285}: checking if $compiler supports -c -o file.$ac_objext" >&5
+$as_echo_n "checking if $compiler supports -c -o file.$ac_objext... " >&6; }
+if ${lt_cv_prog_compiler_c_o+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ lt_cv_prog_compiler_c_o=no
+ $RM -r conftest 2>/dev/null
+ mkdir conftest
+ cd conftest
+ mkdir out
+ echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+ lt_compiler_flag="-o out/conftest2.$ac_objext"
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:8306: $lt_compile\"" >&5)
+ (eval "$lt_compile" 2>out/conftest.err)
+ ac_status=$?
+ cat out/conftest.err >&5
+ echo "$as_me:8310: \$? = $ac_status" >&5
+ if (exit $ac_status) && test -s out/conftest2.$ac_objext
+ then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings
+ $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp
+ $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2
+ if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then
+ lt_cv_prog_compiler_c_o=yes
+ fi
+ fi
+ chmod u+w . 2>&5
+ $RM conftest*
+ # SGI C++ compiler will create directory out/ii_files/ for
+ # template instantiation
+ test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files
+ $RM out/* && rmdir out
+ cd ..
+ $RM -r conftest
+ $RM conftest*
+
+fi
+{ $as_echo "$as_me:${as_lineno-8332}: result: $lt_cv_prog_compiler_c_o" >&5
+$as_echo "$lt_cv_prog_compiler_c_o" >&6; }
+
+
+
+
+
+
+ { $as_echo "$as_me:${as_lineno-8340}: checking if $compiler supports -c -o file.$ac_objext" >&5
+$as_echo_n "checking if $compiler supports -c -o file.$ac_objext... " >&6; }
+if ${lt_cv_prog_compiler_c_o+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ lt_cv_prog_compiler_c_o=no
+ $RM -r conftest 2>/dev/null
+ mkdir conftest
+ cd conftest
+ mkdir out
+ echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+ lt_compiler_flag="-o out/conftest2.$ac_objext"
+ # Insert the option either (1) after the last *FLAGS variable, or
+ # (2) before a word containing "conftest.", or (3) at the end.
+ # Note that $ac_compile itself does not contain backslashes and begins
+ # with a dollar sign (not a hyphen), so the echo should work correctly.
+ lt_compile=`echo "$ac_compile" | $SED \
+ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+ -e 's:$: $lt_compiler_flag:'`
+ (eval echo "\"\$as_me:8361: $lt_compile\"" >&5)
+ (eval "$lt_compile" 2>out/conftest.err)
+ ac_status=$?
+ cat out/conftest.err >&5
+ echo "$as_me:8365: \$? = $ac_status" >&5
+ if (exit $ac_status) && test -s out/conftest2.$ac_objext
+ then
+ # The compiler can only warn and ignore the option if not recognized
+ # So say no if there are warnings
+ $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp
+ $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2
+ if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then
+ lt_cv_prog_compiler_c_o=yes
+ fi
+ fi
+ chmod u+w . 2>&5
+ $RM conftest*
+ # SGI C++ compiler will create directory out/ii_files/ for
+ # template instantiation
+ test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files
+ $RM out/* && rmdir out
+ cd ..
+ $RM -r conftest
+ $RM conftest*
+
+fi
+{ $as_echo "$as_me:${as_lineno-8387}: result: $lt_cv_prog_compiler_c_o" >&5
+$as_echo "$lt_cv_prog_compiler_c_o" >&6; }
+
+
+
+
+hard_links="nottested"
+if test "$lt_cv_prog_compiler_c_o" = no && test "$need_locks" != no; then
+ # do not overwrite the value of need_locks provided by the user
+ { $as_echo "$as_me:${as_lineno-8396}: checking if we can lock with hard links" >&5
+$as_echo_n "checking if we can lock with hard links... " >&6; }
+ hard_links=yes
+ $RM conftest*
+ ln conftest.a conftest.b 2>/dev/null && hard_links=no
+ touch conftest.a
+ ln conftest.a conftest.b 2>&5 || hard_links=no
+ ln conftest.a conftest.b 2>/dev/null && hard_links=no
+ { $as_echo "$as_me:${as_lineno-8404}: result: $hard_links" >&5
+$as_echo "$hard_links" >&6; }
+ if test "$hard_links" = no; then
+ { $as_echo "$as_me:${as_lineno-8407}: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&5
+$as_echo "$as_me: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2;}
+ need_locks=warn
+ fi
+else
+ need_locks=no
+fi
+
+
+
+
+
+
+ { $as_echo "$as_me:${as_lineno-8420}: checking whether the $compiler linker ($LD) supports shared libraries" >&5
+$as_echo_n "checking whether the $compiler linker ($LD) supports shared libraries... " >&6; }
+
+ runpath_var=
+ allow_undefined_flag=
+ always_export_symbols=no
+ archive_cmds=
+ archive_expsym_cmds=
+ compiler_needs_object=no
+ enable_shared_with_static_runtimes=no
+ export_dynamic_flag_spec=
+ export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+ hardcode_automatic=no
+ hardcode_direct=no
+ hardcode_direct_absolute=no
+ hardcode_libdir_flag_spec=
+ hardcode_libdir_separator=
+ hardcode_minus_L=no
+ hardcode_shlibpath_var=unsupported
+ inherit_rpath=no
+ link_all_deplibs=unknown
+ module_cmds=
+ module_expsym_cmds=
+ old_archive_from_new_cmds=
+ old_archive_from_expsyms_cmds=
+ thread_safe_flag_spec=
+ whole_archive_flag_spec=
+ # include_expsyms should be a list of space-separated symbols to be *always*
+ # included in the symbol list
+ include_expsyms=
+ # exclude_expsyms can be an extended regexp of symbols to exclude
+ # it will be wrapped by ` (' and `)$', so one must not match beginning or
+ # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc',
+ # as well as any symbol that contains `d'.
+ exclude_expsyms='_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*'
+ # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out
+ # platforms (ab)use it in PIC code, but their linkers get confused if
+ # the symbol is explicitly referenced. Since portable code cannot
+ # rely on this symbol name, it's probably fine to never include it in
+ # preloaded symbol tables.
+ # Exclude shared library initialization/finalization symbols.
+ extract_expsyms_cmds=
+
+ case $host_os in
+ cygwin* | mingw* | pw32* | cegcc*)
+ # FIXME: the MSVC++ port hasn't been tested in a loooong time
+ # When not using gcc, we currently assume that we are using
+ # Microsoft Visual C++.
+ if test "$GCC" != yes; then
+ with_gnu_ld=no
+ fi
+ ;;
+ interix*)
+ # we just hope/assume this is gcc and not c89 (= MSVC++)
+ with_gnu_ld=yes
+ ;;
+ openbsd*)
+ with_gnu_ld=no
+ ;;
+ linux* | k*bsd*-gnu | gnu*)
+ link_all_deplibs=no
+ ;;
+ esac
+
+ ld_shlibs=yes
+
+ # On some targets, GNU ld is compatible enough with the native linker
+ # that we're better off using the native interface for both.
+ lt_use_gnu_ld_interface=no
+ if test "$with_gnu_ld" = yes; then
+ case $host_os in
+ aix*)
+ # The AIX port of GNU ld has always aspired to compatibility
+ # with the native linker. However, as the warning in the GNU ld
+ # block says, versions before 2.19.5* couldn't really create working
+ # shared libraries, regardless of the interface used.
+ case `$LD -v 2>&1` in
+ *\ \(GNU\ Binutils\)\ 2.19.5*) ;;
+ *\ \(GNU\ Binutils\)\ 2.[2-9]*) ;;
+ *\ \(GNU\ Binutils\)\ [3-9]*) ;;
+ *)
+ lt_use_gnu_ld_interface=yes
+ ;;
+ esac
+ ;;
+ *)
+ lt_use_gnu_ld_interface=yes
+ ;;
+ esac
+ fi
+
+ if test "$lt_use_gnu_ld_interface" = yes; then
+ # If archive_cmds runs LD, not CC, wlarc should be empty
+ wlarc='${wl}'
+
+ # Set some defaults for GNU ld with shared library support. These
+ # are reset later if shared libraries are not supported. Putting them
+ # here allows them to be overridden if necessary.
+ runpath_var=LD_RUN_PATH
+ hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ export_dynamic_flag_spec='${wl}--export-dynamic'
+ # ancient GNU ld didn't support --whole-archive et. al.
+ if $LD --help 2>&1 | $GREP 'no-whole-archive' > /dev/null; then
+ whole_archive_flag_spec="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
+ else
+ whole_archive_flag_spec=
+ fi
+ supports_anon_versioning=no
+ case `$LD -v 2>&1` in
+ *GNU\ gold*) supports_anon_versioning=yes ;;
+ *\ [01].* | *\ 2.[0-9].* | *\ 2.10.*) ;; # catch versions < 2.11
+ *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ...
+ *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ...
+ *\ 2.11.*) ;; # other 2.11 versions
+ *) supports_anon_versioning=yes ;;
+ esac
+
+ # See if GNU ld supports shared libraries.
+ case $host_os in
+ aix[3-9]*)
+ # On AIX/PPC, the GNU linker is very broken
+ if test "$host_cpu" != ia64; then
+ ld_shlibs=no
+ cat <<_LT_EOF 1>&2
+
+*** Warning: the GNU linker, at least up to release 2.19, is reported
+*** to be unable to reliably create shared libraries on AIX.
+*** Therefore, libtool is disabling shared libraries support. If you
+*** really care for shared libraries, you may want to install binutils
+*** 2.20 or above, or modify your PATH so that a non-GNU linker is found.
+*** You will then need to restart the configuration process.
+
+_LT_EOF
+ fi
+ ;;
+
+ amigaos*)
+ case $host_cpu in
+ powerpc)
+ # see comment about AmigaOS4 .so support
+ archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ archive_expsym_cmds=''
+ ;;
+ m68k)
+ archive_cmds='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_minus_L=yes
+ ;;
+ esac
+ ;;
+
+ beos*)
+ if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+ allow_undefined_flag=unsupported
+ # Joseph Beckenbach <jrb3@best.com> says some releases of gcc
+ # support --undefined. This deserves some investigation. FIXME
+ archive_cmds='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ else
+ ld_shlibs=no
+ fi
+ ;;
+
+ cygwin* | mingw* | pw32* | cegcc*)
+ # _LT_TAGVAR(hardcode_libdir_flag_spec, ) is actually meaningless,
+ # as there is no search path for DLLs.
+ hardcode_libdir_flag_spec='-L$libdir'
+ export_dynamic_flag_spec='${wl}--export-all-symbols'
+ allow_undefined_flag=unsupported
+ always_export_symbols=no
+ enable_shared_with_static_runtimes=yes
+ export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1 DATA/;s/^.*[ ]__nm__\([^ ]*\)[ ][^ ]*/\1 DATA/;/^I[ ]/d;/^[AITW][ ]/s/.* //'\'' | sort | uniq > $export_symbols'
+ exclude_expsyms='[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname'
+
+ if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then
+ archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ # If the export-symbols file already is a .def file (1st line
+ # is EXPORTS), use it as is; otherwise, prepend...
+ archive_expsym_cmds='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
+ cp $export_symbols $output_objdir/$soname.def;
+ else
+ echo EXPORTS > $output_objdir/$soname.def;
+ cat $export_symbols >> $output_objdir/$soname.def;
+ fi~
+ $CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+ else
+ ld_shlibs=no
+ fi
+ ;;
+
+ haiku*)
+ archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ link_all_deplibs=yes
+ ;;
+
+ interix[3-9]*)
+ hardcode_direct=no
+ hardcode_shlibpath_var=no
+ hardcode_libdir_flag_spec='${wl}-rpath,$libdir'
+ export_dynamic_flag_spec='${wl}-E'
+ # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc.
+ # Instead, shared libraries are loaded at an image base (0x10000000 by
+ # default) and relocated if they conflict, which is a slow very memory
+ # consuming and fragmenting process. To avoid this, we pick a random,
+ # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link
+ # time. Moving up from 0x10000000 also allows more sbrk(2) space.
+ archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ archive_expsym_cmds='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+ ;;
+
+ gnu* | linux* | tpf* | k*bsd*-gnu | kopensolaris*-gnu)
+ tmp_diet=no
+ if test "$host_os" = linux-dietlibc; then
+ case $cc_basename in
+ diet\ *) tmp_diet=yes;; # linux-dietlibc with static linking (!diet-dyn)
+ esac
+ fi
+ if $LD --help 2>&1 | $EGREP ': supported targets:.* elf' > /dev/null \
+ && test "$tmp_diet" = no
+ then
+ tmp_addflag=' $pic_flag'
+ tmp_sharedflag='-shared'
+ case $cc_basename,$host_cpu in
+ pgcc*) # Portland Group C compiler
+ whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
+ tmp_addflag=' $pic_flag'
+ ;;
+ pgf77* | pgf90* | pgf95* | pgfortran*)
+ # Portland Group f77 and f90 compilers
+ whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
+ tmp_addflag=' $pic_flag -Mnomain' ;;
+ ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64
+ tmp_addflag=' -i_dynamic' ;;
+ efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64
+ tmp_addflag=' -i_dynamic -nofor_main' ;;
+ ifc* | ifort*) # Intel Fortran compiler
+ tmp_addflag=' -nofor_main' ;;
+ lf95*) # Lahey Fortran 8.1
+ whole_archive_flag_spec=
+ tmp_sharedflag='--shared' ;;
+ xl[cC]* | bgxl[cC]* | mpixl[cC]*) # IBM XL C 8.0 on PPC (deal with xlf below)
+ tmp_sharedflag='-qmkshrobj'
+ tmp_addflag= ;;
+ nvcc*) # Cuda Compiler Driver 2.2
+ whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
+ compiler_needs_object=yes
+ ;;
+ esac
+ case `$CC -V 2>&1 | sed 5q` in
+ *Sun\ C*) # Sun C 5.9
+ whole_archive_flag_spec='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
+ compiler_needs_object=yes
+ tmp_sharedflag='-G' ;;
+ *Sun\ F*) # Sun Fortran 8.3
+ tmp_sharedflag='-G' ;;
+ esac
+ archive_cmds='$CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+
+ if test "x$supports_anon_versioning" = xyes; then
+ archive_expsym_cmds='echo "{ global:" > $output_objdir/$libname.ver~
+ cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
+ echo "local: *; };" >> $output_objdir/$libname.ver~
+ $CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib'
+ fi
+
+ case $cc_basename in
+ xlf* | bgf* | bgxlf* | mpixlf*)
+ # IBM XL Fortran 10.1 on PPC cannot create shared libs itself
+ whole_archive_flag_spec='--whole-archive$convenience --no-whole-archive'
+ hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ archive_cmds='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib'
+ if test "x$supports_anon_versioning" = xyes; then
+ archive_expsym_cmds='echo "{ global:" > $output_objdir/$libname.ver~
+ cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
+ echo "local: *; };" >> $output_objdir/$libname.ver~
+ $LD -shared $libobjs $deplibs $linker_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib'
+ fi
+ ;;
+ esac
+ else
+ ld_shlibs=no
+ fi
+ ;;
+
+ netbsd* | netbsdelf*-gnu)
+ if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+ archive_cmds='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib'
+ wlarc=
+ else
+ archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ fi
+ ;;
+
+ solaris*)
+ if $LD -v 2>&1 | $GREP 'BFD 2\.8' > /dev/null; then
+ ld_shlibs=no
+ cat <<_LT_EOF 1>&2
+
+*** Warning: The releases 2.8.* of the GNU linker cannot reliably
+*** create shared libraries on Solaris systems. Therefore, libtool
+*** is disabling shared libraries support. We urge you to upgrade GNU
+*** binutils to release 2.9.1 or newer. Another option is to modify
+*** your PATH or compiler configuration so that the native linker is
+*** used, and then restart.
+
+_LT_EOF
+ elif $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+ archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ else
+ ld_shlibs=no
+ fi
+ ;;
+
+ sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*)
+ case `$LD -v 2>&1` in
+ *\ [01].* | *\ 2.[0-9].* | *\ 2.1[0-5].*)
+ ld_shlibs=no
+ cat <<_LT_EOF 1>&2
+
+*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not
+*** reliably create shared libraries on SCO systems. Therefore, libtool
+*** is disabling shared libraries support. We urge you to upgrade GNU
+*** binutils to release 2.16.91.0.3 or newer. Another option is to modify
+*** your PATH or compiler configuration so that the native linker is
+*** used, and then restart.
+
+_LT_EOF
+ ;;
+ *)
+ # For security reasons, it is highly recommended that you always
+ # use absolute paths for naming shared libraries, and exclude the
+ # DT_RUNPATH tag from executables and libraries. But doing so
+ # requires that you compile everything twice, which is a pain.
+ if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+ hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ else
+ ld_shlibs=no
+ fi
+ ;;
+ esac
+ ;;
+
+ sunos4*)
+ archive_cmds='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+ wlarc=
+ hardcode_direct=yes
+ hardcode_shlibpath_var=no
+ ;;
+
+ *)
+ if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+ archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+ else
+ ld_shlibs=no
+ fi
+ ;;
+ esac
+
+ if test "$ld_shlibs" = no; then
+ runpath_var=
+ hardcode_libdir_flag_spec=
+ export_dynamic_flag_spec=
+ whole_archive_flag_spec=
+ fi
+ else
+ # PORTME fill in a description of your system's linker (not GNU ld)
+ case $host_os in
+ aix3*)
+ allow_undefined_flag=unsupported
+ always_export_symbols=yes
+ archive_expsym_cmds='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname'
+ # Note: this linker hardcodes the directories in LIBPATH if there
+ # are no directories specified by -L.
+ hardcode_minus_L=yes
+ if test "$GCC" = yes && test -z "$lt_prog_compiler_static"; then
+ # Neither direct hardcoding nor static linking is supported with a
+ # broken collect2.
+ hardcode_direct=unsupported
+ fi
+ ;;
+
+ aix[4-9]*)
+ if test "$host_cpu" = ia64; then
+ # On IA64, the linker does run time linking by default, so we don't
+ # have to do anything special.
+ aix_use_runtimelinking=no
+ exp_sym_flag='-Bexport'
+ no_entry_flag=""
+ else
+ # If we're using GNU nm, then we don't want the "-C" option.
+ # -C means demangle to AIX nm, but means don't demangle with GNU nm
+ # Also, AIX nm treats weak defined symbols like other global
+ # defined symbols, whereas GNU nm marks them as "W".
+ if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then
+ export_symbols_cmds='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && (substr(\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
+ else
+ export_symbols_cmds='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && (substr(\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
+ fi
+ aix_use_runtimelinking=no
+
+ # Test if we are trying to use run time linking or normal
+ # AIX style linking. If -brtl is somewhere in LDFLAGS, we
+ # need to do runtime linking.
+ case $host_os in aix4.[23]|aix4.[23].*|aix[5-9]*)
+ for ld_flag in $LDFLAGS; do
+ if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then
+ aix_use_runtimelinking=yes
+ break
+ fi
+ done
+ ;;
+ esac
+
+ exp_sym_flag='-bexport'
+ no_entry_flag='-bnoentry'
+ fi
+
+ # When large executables or shared objects are built, AIX ld can
+ # have problems creating the table of contents. If linking a library
+ # or program results in "error TOC overflow" add -mminimal-toc to
+ # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not
+ # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS.
+
+ archive_cmds=''
+ hardcode_direct=yes
+ hardcode_direct_absolute=yes
+ hardcode_libdir_separator=':'
+ link_all_deplibs=yes
+ file_list_spec='${wl}-f,'
+
+ if test "$GCC" = yes; then
+ case $host_os in aix4.[012]|aix4.[012].*)
+ # We only want to do this on AIX 4.2 and lower, the check
+ # below for broken collect2 doesn't work under 4.3+
+ collect2name=`${CC} -print-prog-name=collect2`
+ if test -f "$collect2name" &&
+ strings "$collect2name" | $GREP resolve_lib_name >/dev/null
+ then
+ # We have reworked collect2
+ :
+ else
+ # We have old collect2
+ hardcode_direct=unsupported
+ # It fails to find uninstalled libraries when the uninstalled
+ # path is not listed in the libpath. Setting hardcode_minus_L
+ # to unsupported forces relinking
+ hardcode_minus_L=yes
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_libdir_separator=
+ fi
+ ;;
+ esac
+ shared_flag='-shared'
+ if test "$aix_use_runtimelinking" = yes; then
+ shared_flag="$shared_flag "'${wl}-G'
+ fi
+ link_all_deplibs=no
+ else
+ # not using gcc
+ if test "$host_cpu" = ia64; then
+ # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release
+ # chokes on -Wl,-G. The following line is correct:
+ shared_flag='-G'
+ else
+ if test "$aix_use_runtimelinking" = yes; then
+ shared_flag='${wl}-G'
+ else
+ shared_flag='${wl}-bM:SRE'
+ fi
+ fi
+ fi
+
+ export_dynamic_flag_spec='${wl}-bexpall'
+ # It seems that -bexpall does not export symbols beginning with
+ # underscore (_), so it is better to generate a list of symbols to export.
+ always_export_symbols=yes
+ if test "$aix_use_runtimelinking" = yes; then
+ # Warning - without using the other runtime loading flags (-brtl),
+ # -berok will link without error, but may produce a broken library.
+ allow_undefined_flag='-berok'
+ # Determine the default libpath from the value encoded in an
+ # empty executable.
+ if test "${lt_cv_aix_libpath+set}" = set; then
+ aix_libpath=$lt_cv_aix_libpath
+else
+ if ${lt_cv_aix_libpath_+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "8923"; then :
+
+ lt_aix_libpath_sed='
+ /Import File Strings/,/^$/ {
+ /^0/ {
+ s/^0 *\([^ ]*\) *$/\1/
+ p
+ }
+ }'
+ lt_cv_aix_libpath_=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+ # Check for a 64-bit object if we didn't find anything.
+ if test -z "$lt_cv_aix_libpath_"; then
+ lt_cv_aix_libpath_=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+ fi
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+ if test -z "$lt_cv_aix_libpath_"; then
+ lt_cv_aix_libpath_="/usr/lib:/lib"
+ fi
+
+fi
+
+ aix_libpath=$lt_cv_aix_libpath_
+fi
+
+ hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath"
+ archive_expsym_cmds='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then func_echo_all "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
+ else
+ if test "$host_cpu" = ia64; then
+ hardcode_libdir_flag_spec='${wl}-R $libdir:/usr/lib:/lib'
+ allow_undefined_flag="-z nodefs"
+ archive_expsym_cmds="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols"
+ else
+ # Determine the default libpath from the value encoded in an
+ # empty executable.
+ if test "${lt_cv_aix_libpath+set}" = set; then
+ aix_libpath=$lt_cv_aix_libpath
+else
+ if ${lt_cv_aix_libpath_+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "8976"; then :
+
+ lt_aix_libpath_sed='
+ /Import File Strings/,/^$/ {
+ /^0/ {
+ s/^0 *\([^ ]*\) *$/\1/
+ p
+ }
+ }'
+ lt_cv_aix_libpath_=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+ # Check for a 64-bit object if we didn't find anything.
+ if test -z "$lt_cv_aix_libpath_"; then
+ lt_cv_aix_libpath_=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+ fi
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+ if test -z "$lt_cv_aix_libpath_"; then
+ lt_cv_aix_libpath_="/usr/lib:/lib"
+ fi
+
+fi
+
+ aix_libpath=$lt_cv_aix_libpath_
+fi
+
+ hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath"
+ # Warning - without using the other run time loading flags,
+ # -berok will link without error, but may produce a broken library.
+ no_undefined_flag=' ${wl}-bernotok'
+ allow_undefined_flag=' ${wl}-berok'
+ if test "$with_gnu_ld" = yes; then
+ # We only use this code for GNU lds that support --whole-archive.
+ whole_archive_flag_spec='${wl}--whole-archive$convenience ${wl}--no-whole-archive'
+ else
+ # Exported symbols can be pulled into shared objects from archives
+ whole_archive_flag_spec='$convenience'
+ fi
+ archive_cmds_need_lc=yes
+ # This is similar to how AIX traditionally builds its shared libraries.
+ archive_expsym_cmds="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname'
+ fi
+ fi
+ ;;
+
+ amigaos*)
+ case $host_cpu in
+ powerpc)
+ # see comment about AmigaOS4 .so support
+ archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ archive_expsym_cmds=''
+ ;;
+ m68k)
+ archive_cmds='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_minus_L=yes
+ ;;
+ esac
+ ;;
+
+ bsdi[45]*)
+ export_dynamic_flag_spec=-rdynamic
+ ;;
+
+ cygwin* | mingw* | pw32* | cegcc*)
+ # When not using gcc, we currently assume that we are using
+ # Microsoft Visual C++.
+ # hardcode_libdir_flag_spec is actually meaningless, as there is
+ # no search path for DLLs.
+ case $cc_basename in
+ cl*)
+ # Native MSVC
+ hardcode_libdir_flag_spec=' '
+ allow_undefined_flag=unsupported
+ always_export_symbols=yes
+ file_list_spec='@'
+ # Tell ltmain to make .lib files, not .a files.
+ libext=lib
+ # Tell ltmain to make .dll files, not .so files.
+ shrext_cmds=".dll"
+ # FIXME: Setting linknames here is a bad hack.
+ archive_cmds='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-dll~linknames='
+ archive_expsym_cmds='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
+ sed -n -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' -e '1\\\!p' < $export_symbols > $output_objdir/$soname.exp;
+ else
+ sed -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' < $export_symbols > $output_objdir/$soname.exp;
+ fi~
+ $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~
+ linknames='
+ # The linker will not automatically build a static lib if we build a DLL.
+ # _LT_TAGVAR(old_archive_from_new_cmds, )='true'
+ enable_shared_with_static_runtimes=yes
+ exclude_expsyms='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*'
+ export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1,DATA/'\'' | $SED -e '\''/^[AITW][ ]/s/.*[ ]//'\'' | sort | uniq > $export_symbols'
+ # Don't use ranlib
+ old_postinstall_cmds='chmod 644 $oldlib'
+ postlink_cmds='lt_outputfile="@OUTPUT@"~
+ lt_tool_outputfile="@TOOL_OUTPUT@"~
+ case $lt_outputfile in
+ *.exe|*.EXE) ;;
+ *)
+ lt_outputfile="$lt_outputfile.exe"
+ lt_tool_outputfile="$lt_tool_outputfile.exe"
+ ;;
+ esac~
+ if test "$MANIFEST_TOOL" != ":" && test -f "$lt_outputfile.manifest"; then
+ $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1;
+ $RM "$lt_outputfile.manifest";
+ fi'
+ ;;
+ *)
+ # Assume MSVC wrapper
+ hardcode_libdir_flag_spec=' '
+ allow_undefined_flag=unsupported
+ # Tell ltmain to make .lib files, not .a files.
+ libext=lib
+ # Tell ltmain to make .dll files, not .so files.
+ shrext_cmds=".dll"
+ # FIXME: Setting linknames here is a bad hack.
+ archive_cmds='$CC -o $lib $libobjs $compiler_flags `func_echo_all "$deplibs" | $SED '\''s/ -lc$//'\''` -link -dll~linknames='
+ # The linker will automatically build a .lib file if we build a DLL.
+ old_archive_from_new_cmds='true'
+ # FIXME: Should let the user specify the lib program.
+ old_archive_cmds='lib -OUT:$oldlib$oldobjs$old_deplibs'
+ enable_shared_with_static_runtimes=yes
+ ;;
+ esac
+ ;;
+
+ darwin* | rhapsody*)
+
+
+ archive_cmds_need_lc=no
+ hardcode_direct=no
+ hardcode_automatic=yes
+ hardcode_shlibpath_var=unsupported
+ if test "$lt_cv_ld_force_load" = "yes"; then
+ whole_archive_flag_spec='`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience ${wl}-force_load,$conv\"; done; func_echo_all \"$new_convenience\"`'
+
+ else
+ whole_archive_flag_spec=''
+ fi
+ link_all_deplibs=yes
+ allow_undefined_flag="$_lt_dar_allow_undefined"
+ case $cc_basename in
+ ifort*) _lt_dar_can_shared=yes ;;
+ *) _lt_dar_can_shared=$GCC ;;
+ esac
+ if test "$_lt_dar_can_shared" = "yes"; then
+ output_verbose_link_cmd=func_echo_all
+ archive_cmds="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}"
+ module_cmds="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}"
+ archive_expsym_cmds="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}"
+ module_expsym_cmds="sed -e 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dar_export_syms}${_lt_dsymutil}"
+
+ else
+ ld_shlibs=no
+ fi
+
+ ;;
+
+ dgux*)
+ archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_shlibpath_var=no
+ ;;
+
+ # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor
+ # support. Future versions do this automatically, but an explicit c++rt0.o
+ # does not break anything, and helps significantly (at the cost of a little
+ # extra space).
+ freebsd2.2*)
+ archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o'
+ hardcode_libdir_flag_spec='-R$libdir'
+ hardcode_direct=yes
+ hardcode_shlibpath_var=no
+ ;;
+
+ # Unfortunately, older versions of FreeBSD 2 do not have this feature.
+ freebsd2.*)
+ archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_direct=yes
+ hardcode_minus_L=yes
+ hardcode_shlibpath_var=no
+ ;;
+
+ # FreeBSD 3 and greater uses gcc -shared to do shared libraries.
+ freebsd* | dragonfly*)
+ archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+ hardcode_libdir_flag_spec='-R$libdir'
+ hardcode_direct=yes
+ hardcode_shlibpath_var=no
+ ;;
+
+ hpux9*)
+ if test "$GCC" = yes; then
+ archive_cmds='$RM $output_objdir/$soname~$CC -shared $pic_flag ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+ else
+ archive_cmds='$RM $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+ fi
+ hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir'
+ hardcode_libdir_separator=:
+ hardcode_direct=yes
+
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ hardcode_minus_L=yes
+ export_dynamic_flag_spec='${wl}-E'
+ ;;
+
+ hpux10*)
+ if test "$GCC" = yes && test "$with_gnu_ld" = no; then
+ archive_cmds='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ archive_cmds='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'
+ fi
+ if test "$with_gnu_ld" = no; then
+ hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir'
+ hardcode_libdir_separator=:
+ hardcode_direct=yes
+ hardcode_direct_absolute=yes
+ export_dynamic_flag_spec='${wl}-E'
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ hardcode_minus_L=yes
+ fi
+ ;;
+
+ hpux11*)
+ if test "$GCC" = yes && test "$with_gnu_ld" = no; then
+ case $host_cpu in
+ hppa*64*)
+ archive_cmds='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ ia64*)
+ archive_cmds='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+ archive_cmds='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ esac
+ else
+ case $host_cpu in
+ hppa*64*)
+ archive_cmds='$CC -b ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ ia64*)
+ archive_cmds='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
+ ;;
+ *)
+
+ # Older versions of the 11.00 compiler do not understand -b yet
+ # (HP92453-01 A.11.01.20 doesn't, HP92453-01 B.11.X.35175-35176.GP does)
+ { $as_echo "$as_me:${as_lineno-9229}: checking if $CC understands -b" >&5
+$as_echo_n "checking if $CC understands -b... " >&6; }
+if ${lt_cv_prog_compiler__b+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ lt_cv_prog_compiler__b=no
+ save_LDFLAGS="$LDFLAGS"
+ LDFLAGS="$LDFLAGS -b"
+ echo "$lt_simple_link_test_code" > conftest.$ac_ext
+ if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then
+ # The linker can only warn and ignore the option if not recognized
+ # So say no if there are warnings
+ if test -s conftest.err; then
+ # Append any errors to the config.log.
+ cat conftest.err 1>&5
+ $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp
+ $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+ if diff conftest.exp conftest.er2 >/dev/null; then
+ lt_cv_prog_compiler__b=yes
+ fi
+ else
+ lt_cv_prog_compiler__b=yes
+ fi
+ fi
+ $RM -r conftest*
+ LDFLAGS="$save_LDFLAGS"
+
+fi
+{ $as_echo "$as_me:${as_lineno-9257}: result: $lt_cv_prog_compiler__b" >&5
+$as_echo "$lt_cv_prog_compiler__b" >&6; }
+
+if test x"$lt_cv_prog_compiler__b" = xyes; then
+ archive_cmds='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+else
+ archive_cmds='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'
+fi
+
+ ;;
+ esac
+ fi
+ if test "$with_gnu_ld" = no; then
+ hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir'
+ hardcode_libdir_separator=:
+
+ case $host_cpu in
+ hppa*64*|ia64*)
+ hardcode_direct=no
+ hardcode_shlibpath_var=no
+ ;;
+ *)
+ hardcode_direct=yes
+ hardcode_direct_absolute=yes
+ export_dynamic_flag_spec='${wl}-E'
+
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ hardcode_minus_L=yes
+ ;;
+ esac
+ fi
+ ;;
+
+ irix5* | irix6* | nonstopux*)
+ if test "$GCC" = yes; then
+ archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ # Try to use the -exported_symbol ld option, if it does not
+ # work, assume that -exports_file does not work either and
+ # implicitly export all symbols.
+ # This should be the same for all languages, so no per-tag cache variable.
+ { $as_echo "$as_me:${as_lineno-9298}: checking whether the $host_os linker accepts -exported_symbol" >&5
+$as_echo_n "checking whether the $host_os linker accepts -exported_symbol... " >&6; }
+if ${lt_cv_irix_exported_symbol+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ save_LDFLAGS="$LDFLAGS"
+ LDFLAGS="$LDFLAGS -shared ${wl}-exported_symbol ${wl}foo ${wl}-update_registry ${wl}/dev/null"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+int foo (void) { return 0; }
+_ACEOF
+if ac_fn_c_try_link "9309"; then :
+ lt_cv_irix_exported_symbol=yes
+else
+ lt_cv_irix_exported_symbol=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+ LDFLAGS="$save_LDFLAGS"
+fi
+{ $as_echo "$as_me:${as_lineno-9318}: result: $lt_cv_irix_exported_symbol" >&5
+$as_echo "$lt_cv_irix_exported_symbol" >&6; }
+ if test "$lt_cv_irix_exported_symbol" = yes; then
+ archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations ${wl}-exports_file ${wl}$export_symbols -o $lib'
+ fi
+ else
+ archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
+ archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -exports_file $export_symbols -o $lib'
+ fi
+ archive_cmds_need_lc='no'
+ hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_separator=:
+ inherit_rpath=yes
+ link_all_deplibs=yes
+ ;;
+
+ netbsd* | netbsdelf*-gnu)
+ if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+ archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out
+ else
+ archive_cmds='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF
+ fi
+ hardcode_libdir_flag_spec='-R$libdir'
+ hardcode_direct=yes
+ hardcode_shlibpath_var=no
+ ;;
+
+ newsos6)
+ archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_direct=yes
+ hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_separator=:
+ hardcode_shlibpath_var=no
+ ;;
+
+ *nto* | *qnx*)
+ ;;
+
+ openbsd*)
+ if test -f /usr/libexec/ld.so; then
+ hardcode_direct=yes
+ hardcode_shlibpath_var=no
+ hardcode_direct_absolute=yes
+ if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols'
+ hardcode_libdir_flag_spec='${wl}-rpath,$libdir'
+ export_dynamic_flag_spec='${wl}-E'
+ else
+ case $host_os in
+ openbsd[01].* | openbsd2.[0-7] | openbsd2.[0-7].*)
+ archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_libdir_flag_spec='-R$libdir'
+ ;;
+ *)
+ archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+ hardcode_libdir_flag_spec='${wl}-rpath,$libdir'
+ ;;
+ esac
+ fi
+ else
+ ld_shlibs=no
+ fi
+ ;;
+
+ os2*)
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_minus_L=yes
+ allow_undefined_flag=unsupported
+ archive_cmds='$ECHO "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~echo DATA >> $output_objdir/$libname.def~echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def'
+ old_archive_from_new_cmds='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def'
+ ;;
+
+ osf3*)
+ if test "$GCC" = yes; then
+ allow_undefined_flag=' ${wl}-expect_unresolved ${wl}\*'
+ archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ else
+ allow_undefined_flag=' -expect_unresolved \*'
+ archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
+ fi
+ archive_cmds_need_lc='no'
+ hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_separator=:
+ ;;
+
+ osf4* | osf5*) # as osf3* with the addition of -msym flag
+ if test "$GCC" = yes; then
+ allow_undefined_flag=' ${wl}-expect_unresolved ${wl}\*'
+ archive_cmds='$CC -shared${allow_undefined_flag} $pic_flag $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ else
+ allow_undefined_flag=' -expect_unresolved \*'
+ archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
+ archive_expsym_cmds='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; printf "%s\\n" "-hidden">> $lib.exp~
+ $CC -shared${allow_undefined_flag} ${wl}-input ${wl}$lib.exp $compiler_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib~$RM $lib.exp'
+
+ # Both c and cxx compiler support -rpath directly
+ hardcode_libdir_flag_spec='-rpath $libdir'
+ fi
+ archive_cmds_need_lc='no'
+ hardcode_libdir_separator=:
+ ;;
+
+ solaris*)
+ no_undefined_flag=' -z defs'
+ if test "$GCC" = yes; then
+ wlarc='${wl}'
+ archive_cmds='$CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+ $CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp'
+ else
+ case `$CC -V 2>&1` in
+ *"Compilers 5.0"*)
+ wlarc=''
+ archive_cmds='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ archive_expsym_cmds='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+ $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$RM $lib.exp'
+ ;;
+ *)
+ wlarc='${wl}'
+ archive_cmds='$CC -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+ $CC -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp'
+ ;;
+ esac
+ fi
+ hardcode_libdir_flag_spec='-R$libdir'
+ hardcode_shlibpath_var=no
+ case $host_os in
+ solaris2.[0-5] | solaris2.[0-5].*) ;;
+ *)
+ # The compiler driver will combine and reorder linker options,
+ # but understands `-z linker_flag'. GCC discards it without `$wl',
+ # but is careful enough not to reorder.
+ # Supported since Solaris 2.6 (maybe 2.5.1?)
+ if test "$GCC" = yes; then
+ whole_archive_flag_spec='${wl}-z ${wl}allextract$convenience ${wl}-z ${wl}defaultextract'
+ else
+ whole_archive_flag_spec='-z allextract$convenience -z defaultextract'
+ fi
+ ;;
+ esac
+ link_all_deplibs=yes
+ ;;
+
+ sunos4*)
+ if test "x$host_vendor" = xsequent; then
+ # Use $CC to link under sequent, because it throws in some extra .o
+ # files that make .init and .fini sections work.
+ archive_cmds='$CC -G ${wl}-h $soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ archive_cmds='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags'
+ fi
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_direct=yes
+ hardcode_minus_L=yes
+ hardcode_shlibpath_var=no
+ ;;
+
+ sysv4)
+ case $host_vendor in
+ sni)
+ archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_direct=yes # is this really true???
+ ;;
+ siemens)
+ ## LD is ld it makes a PLAMLIB
+ ## CC just makes a GrossModule.
+ archive_cmds='$LD -G -o $lib $libobjs $deplibs $linker_flags'
+ reload_cmds='$CC -r -o $output$reload_objs'
+ hardcode_direct=no
+ ;;
+ motorola)
+ archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_direct=no #Motorola manual says yes, but my tests say they lie
+ ;;
+ esac
+ runpath_var='LD_RUN_PATH'
+ hardcode_shlibpath_var=no
+ ;;
+
+ sysv4.3*)
+ archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_shlibpath_var=no
+ export_dynamic_flag_spec='-Bexport'
+ ;;
+
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_shlibpath_var=no
+ runpath_var=LD_RUN_PATH
+ hardcode_runpath_var=yes
+ ld_shlibs=yes
+ fi
+ ;;
+
+ sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7* | sco3.2v5.0.[024]*)
+ no_undefined_flag='${wl}-z,text'
+ archive_cmds_need_lc=no
+ hardcode_shlibpath_var=no
+ runpath_var='LD_RUN_PATH'
+
+ if test "$GCC" = yes; then
+ archive_cmds='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ archive_cmds='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ fi
+ ;;
+
+ sysv5* | sco3.2v5* | sco5v6*)
+ # Note: We can NOT use -z defs as we might desire, because we do not
+ # link with -lc, and that would cause any symbols used from libc to
+ # always be unresolved, which means just about no library would
+ # ever link correctly. If we're not using GNU ld we use -z text
+ # though, which does catch some bad symbols but isn't as heavy-handed
+ # as -z defs.
+ no_undefined_flag='${wl}-z,text'
+ allow_undefined_flag='${wl}-z,nodefs'
+ archive_cmds_need_lc=no
+ hardcode_shlibpath_var=no
+ hardcode_libdir_flag_spec='${wl}-R,$libdir'
+ hardcode_libdir_separator=':'
+ link_all_deplibs=yes
+ export_dynamic_flag_spec='${wl}-Bexport'
+ runpath_var='LD_RUN_PATH'
+
+ if test "$GCC" = yes; then
+ archive_cmds='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ else
+ archive_cmds='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ archive_expsym_cmds='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ fi
+ ;;
+
+ uts4*)
+ archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_shlibpath_var=no
+ ;;
+
+ *)
+ ld_shlibs=no
+ ;;
+ esac
+
+ if test x$host_vendor = xsni; then
+ case $host in
+ sysv4 | sysv4.2uw2* | sysv4.3* | sysv5*)
+ export_dynamic_flag_spec='${wl}-Blargedynsym'
+ ;;
+ esac
+ fi
+ fi
+
+{ $as_echo "$as_me:${as_lineno-9577}: result: $ld_shlibs" >&5
+$as_echo "$ld_shlibs" >&6; }
+test "$ld_shlibs" = no && can_build_shared=no
+
+with_gnu_ld=$with_gnu_ld
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+#
+# Do we need to explicitly link libc?
+#
+case "x$archive_cmds_need_lc" in
+x|xyes)
+ # Assume -lc should be added
+ archive_cmds_need_lc=yes
+
+ if test "$enable_shared" = yes && test "$GCC" = yes; then
+ case $archive_cmds in
+ *'~'*)
+ # FIXME: we may have to deal with multi-command sequences.
+ ;;
+ '$CC '*)
+ # Test whether the compiler implicitly links with -lc since on some
+ # systems, -lgcc has to come before -lc. If gcc already passes -lc
+ # to ld, don't add -lc before -lgcc.
+ { $as_echo "$as_me:${as_lineno-9614}: checking whether -lc should be explicitly linked in" >&5
+$as_echo_n "checking whether -lc should be explicitly linked in... " >&6; }
+if ${lt_cv_archive_cmds_need_lc+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ $RM conftest*
+ echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+ if { { eval echo "\"\$as_me\":${as_lineno-9622}: \"$ac_compile\""; } >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-9625}: \$? = $ac_status" >&5
+ test $ac_status = 0; } 2>conftest.err; then
+ soname=conftest
+ lib=conftest
+ libobjs=conftest.$ac_objext
+ deplibs=
+ wl=$lt_prog_compiler_wl
+ pic_flag=$lt_prog_compiler_pic
+ compiler_flags=-v
+ linker_flags=-v
+ verstring=
+ output_objdir=.
+ libname=conftest
+ lt_save_allow_undefined_flag=$allow_undefined_flag
+ allow_undefined_flag=
+ if { { eval echo "\"\$as_me\":${as_lineno-9640}: \"$archive_cmds 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1\""; } >&5
+ (eval $archive_cmds 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-9643}: \$? = $ac_status" >&5
+ test $ac_status = 0; }
+ then
+ lt_cv_archive_cmds_need_lc=no
+ else
+ lt_cv_archive_cmds_need_lc=yes
+ fi
+ allow_undefined_flag=$lt_save_allow_undefined_flag
+ else
+ cat conftest.err 1>&5
+ fi
+ $RM conftest*
+
+fi
+{ $as_echo "$as_me:${as_lineno-9657}: result: $lt_cv_archive_cmds_need_lc" >&5
+$as_echo "$lt_cv_archive_cmds_need_lc" >&6; }
+ archive_cmds_need_lc=$lt_cv_archive_cmds_need_lc
+ ;;
+ esac
+ fi
+ ;;
+esac
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ { $as_echo "$as_me:${as_lineno-9817}: checking dynamic linker characteristics" >&5
+$as_echo_n "checking dynamic linker characteristics... " >&6; }
+
+if test "$GCC" = yes; then
+ case $host_os in
+ darwin*) lt_awk_arg="/^libraries:/,/LR/" ;;
+ *) lt_awk_arg="/^libraries:/" ;;
+ esac
+ case $host_os in
+ mingw* | cegcc*) lt_sed_strip_eq="s,=\([A-Za-z]:\),\1,g" ;;
+ *) lt_sed_strip_eq="s,=/,/,g" ;;
+ esac
+ lt_search_path_spec=`$CC -print-search-dirs | awk $lt_awk_arg | $SED -e "s/^libraries://" -e $lt_sed_strip_eq`
+ case $lt_search_path_spec in
+ *\;*)
+ # if the path contains ";" then we assume it to be the separator
+ # otherwise default to the standard path separator (i.e. ":") - it is
+ # assumed that no part of a normal pathname contains ";" but that should
+ # okay in the real world where ";" in dirpaths is itself problematic.
+ lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED 's/;/ /g'`
+ ;;
+ *)
+ lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED "s/$PATH_SEPARATOR/ /g"`
+ ;;
+ esac
+ # Ok, now we have the path, separated by spaces, we can step through it
+ # and add multilib dir if necessary.
+ lt_tmp_lt_search_path_spec=
+ lt_multi_os_dir=`$CC $CPPFLAGS $CFLAGS $LDFLAGS -print-multi-os-directory 2>/dev/null`
+ for lt_sys_path in $lt_search_path_spec; do
+ if test -d "$lt_sys_path/$lt_multi_os_dir"; then
+ lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path/$lt_multi_os_dir"
+ else
+ test -d "$lt_sys_path" && \
+ lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path"
+ fi
+ done
+ lt_search_path_spec=`$ECHO "$lt_tmp_lt_search_path_spec" | awk '
+BEGIN {RS=" "; FS="/|\n";} {
+ lt_foo="";
+ lt_count=0;
+ for (lt_i = NF; lt_i > 0; lt_i--) {
+ if ($lt_i != "" && $lt_i != ".") {
+ if ($lt_i == "..") {
+ lt_count++;
+ } else {
+ if (lt_count == 0) {
+ lt_foo="/" $lt_i lt_foo;
+ } else {
+ lt_count--;
+ }
+ }
+ }
+ }
+ if (lt_foo != "") { lt_freq[lt_foo]++; }
+ if (lt_freq[lt_foo] == 1) { print lt_foo; }
+}'`
+ # AWK program above erroneously prepends '/' to C:/dos/paths
+ # for these hosts.
+ case $host_os in
+ mingw* | cegcc*) lt_search_path_spec=`$ECHO "$lt_search_path_spec" |\
+ $SED 's,/\([A-Za-z]:\),\1,g'` ;;
+ esac
+ sys_lib_search_path_spec=`$ECHO "$lt_search_path_spec" | $lt_NL2SP`
+else
+ sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib"
+fi
+library_names_spec=
+libname_spec='lib$name'
+soname_spec=
+shrext_cmds=".so"
+postinstall_cmds=
+postuninstall_cmds=
+finish_cmds=
+finish_eval=
+shlibpath_var=
+shlibpath_overrides_runpath=unknown
+version_type=none
+dynamic_linker="$host_os ld.so"
+sys_lib_dlsearch_path_spec="/lib /usr/lib"
+need_lib_prefix=unknown
+hardcode_into_libs=no
+
+# when you set need_version to no, make sure it does not cause -set_version
+# flags to be left without arguments
+need_version=unknown
+
+case $host_os in
+aix3*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a'
+ shlibpath_var=LIBPATH
+
+ # AIX 3 has no versioning support, so we append a major version to the name.
+ soname_spec='${libname}${release}${shared_ext}$major'
+ ;;
+
+aix[4-9]*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_lib_prefix=no
+ need_version=no
+ hardcode_into_libs=yes
+ if test "$host_cpu" = ia64; then
+ # AIX 5 supports IA64
+ library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ else
+ # With GCC up to 2.95.x, collect2 would create an import file
+ # for dependence libraries. The import file would start with
+ # the line `#! .'. This would cause the generated library to
+ # depend on `.', always an invalid library. This was fixed in
+ # development snapshots of GCC prior to 3.0.
+ case $host_os in
+ aix4 | aix4.[01] | aix4.[01].*)
+ if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)'
+ echo ' yes '
+ echo '#endif'; } | ${CC} -E - | $GREP yes > /dev/null; then
+ :
+ else
+ can_build_shared=no
+ fi
+ ;;
+ esac
+ # AIX (on Power*) has no versioning support, so currently we can not hardcode correct
+ # soname into executable. Probably we can add versioning support to
+ # collect2, so additional links can be useful in future.
+ if test "$aix_use_runtimelinking" = yes; then
+ # If using run time linking (on AIX 4.2 or later) use lib<name>.so
+ # instead of lib<name>.a to let people know that these are not
+ # typical AIX shared libraries.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ else
+ # We preserve .a as extension for shared libraries through AIX4.2
+ # and later when we are not doing run time linking.
+ library_names_spec='${libname}${release}.a $libname.a'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ fi
+ shlibpath_var=LIBPATH
+ fi
+ ;;
+
+amigaos*)
+ case $host_cpu in
+ powerpc)
+ # Since July 2007 AmigaOS4 officially supports .so libraries.
+ # When compiling the executable, add -use-dynld -Lsobjs: to the compileline.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ ;;
+ m68k)
+ library_names_spec='$libname.ixlibrary $libname.a'
+ # Create ${libname}_ixlibrary.a entries in /sys/libs.
+ finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`func_echo_all "$lib" | $SED '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; test $RM /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done'
+ ;;
+ esac
+ ;;
+
+beos*)
+ library_names_spec='${libname}${shared_ext}'
+ dynamic_linker="$host_os ld.so"
+ shlibpath_var=LIBRARY_PATH
+ ;;
+
+bsdi[45]*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib"
+ sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib"
+ # the default ld.so.conf also contains /usr/contrib/lib and
+ # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow
+ # libtool to hard-code these into programs
+ ;;
+
+cygwin* | mingw* | pw32* | cegcc*)
+ version_type=windows
+ shrext_cmds=".dll"
+ need_version=no
+ need_lib_prefix=no
+
+ case $GCC,$cc_basename in
+ yes,*)
+ # gcc
+ library_names_spec='$libname.dll.a'
+ # DLL is installed to $(libdir)/../bin by postinstall_cmds
+ postinstall_cmds='base_file=`basename \${file}`~
+ dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~
+ dldir=$destdir/`dirname \$dlpath`~
+ test -d \$dldir || mkdir -p \$dldir~
+ $install_prog $dir/$dlname \$dldir/$dlname~
+ chmod a+x \$dldir/$dlname~
+ if test -n '\''$stripme'\'' && test -n '\''$striplib'\''; then
+ eval '\''$striplib \$dldir/$dlname'\'' || exit \$?;
+ fi'
+ postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~
+ dlpath=$dir/\$dldll~
+ $RM \$dlpath'
+ shlibpath_overrides_runpath=yes
+
+ case $host_os in
+ cygwin*)
+ # Cygwin DLLs use 'cyg' prefix rather than 'lib'
+ soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+
+ sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/lib/w32api"
+ ;;
+ mingw* | cegcc*)
+ # MinGW DLLs use traditional 'lib' prefix
+ soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+ ;;
+ pw32*)
+ # pw32 DLLs use 'pw' prefix rather than 'lib'
+ library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+ ;;
+ esac
+ dynamic_linker='Win32 ld.exe'
+ ;;
+
+ *,cl*)
+ # Native MSVC
+ libname_spec='$name'
+ soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+ library_names_spec='${libname}.dll.lib'
+
+ case $build_os in
+ mingw*)
+ sys_lib_search_path_spec=
+ lt_save_ifs=$IFS
+ IFS=';'
+ for lt_path in $LIB
+ do
+ IFS=$lt_save_ifs
+ # Let DOS variable expansion print the short 8.3 style file name.
+ lt_path=`cd "$lt_path" 2>/dev/null && cmd //C "for %i in (".") do @echo %~si"`
+ sys_lib_search_path_spec="$sys_lib_search_path_spec $lt_path"
+ done
+ IFS=$lt_save_ifs
+ # Convert to MSYS style.
+ sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | sed -e 's|\\\\|/|g' -e 's| \\([a-zA-Z]\\):| /\\1|g' -e 's|^ ||'`
+ ;;
+ cygwin*)
+ # Convert to unix form, then to dos form, then back to unix form
+ # but this time dos style (no spaces!) so that the unix form looks
+ # like /cygdrive/c/PROGRA~1:/cygdr...
+ sys_lib_search_path_spec=`cygpath --path --unix "$LIB"`
+ sys_lib_search_path_spec=`cygpath --path --dos "$sys_lib_search_path_spec" 2>/dev/null`
+ sys_lib_search_path_spec=`cygpath --path --unix "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+ ;;
+ *)
+ sys_lib_search_path_spec="$LIB"
+ if $ECHO "$sys_lib_search_path_spec" | $GREP ';[c-zC-Z]:/' >/dev/null; then
+ # It is most probably a Windows format PATH.
+ sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
+ else
+ sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+ fi
+ # FIXME: find the short name or the path components, as spaces are
+ # common. (e.g. "Program Files" -> "PROGRA~1")
+ ;;
+ esac
+
+ # DLL is installed to $(libdir)/../bin by postinstall_cmds
+ postinstall_cmds='base_file=`basename \${file}`~
+ dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~
+ dldir=$destdir/`dirname \$dlpath`~
+ test -d \$dldir || mkdir -p \$dldir~
+ $install_prog $dir/$dlname \$dldir/$dlname'
+ postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~
+ dlpath=$dir/\$dldll~
+ $RM \$dlpath'
+ shlibpath_overrides_runpath=yes
+ dynamic_linker='Win32 link.exe'
+ ;;
+
+ *)
+ # Assume MSVC wrapper
+ library_names_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext} $libname.lib'
+ dynamic_linker='Win32 ld.exe'
+ ;;
+ esac
+ # FIXME: first we should search . and the directory the executable is in
+ shlibpath_var=PATH
+ ;;
+
+darwin* | rhapsody*)
+ dynamic_linker="$host_os dyld"
+ version_type=darwin
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext'
+ soname_spec='${libname}${release}${major}$shared_ext'
+ shlibpath_overrides_runpath=yes
+ shlibpath_var=DYLD_LIBRARY_PATH
+ shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`'
+
+ sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/local/lib"
+ sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib'
+ ;;
+
+dgux*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ ;;
+
+freebsd* | dragonfly*)
+ # DragonFly does not have aout. When/if they implement a new
+ # versioning mechanism, adjust this.
+ if test -x /usr/bin/objformat; then
+ objformat=`/usr/bin/objformat`
+ else
+ case $host_os in
+ freebsd[23].*) objformat=aout ;;
+ *) objformat=elf ;;
+ esac
+ fi
+ version_type=freebsd-$objformat
+ case $version_type in
+ freebsd-elf*)
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
+ need_version=no
+ need_lib_prefix=no
+ ;;
+ freebsd-*)
+ library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix'
+ need_version=yes
+ ;;
+ esac
+ shlibpath_var=LD_LIBRARY_PATH
+ case $host_os in
+ freebsd2.*)
+ shlibpath_overrides_runpath=yes
+ ;;
+ freebsd3.[01]* | freebsdelf3.[01]*)
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+ freebsd3.[2-9]* | freebsdelf3.[2-9]* | \
+ freebsd4.[0-5] | freebsdelf4.[0-5] | freebsd4.1.1 | freebsdelf4.1.1)
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+ *) # from 4.6 on, and DragonFly
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+ esac
+ ;;
+
+gnu*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+
+haiku*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_lib_prefix=no
+ need_version=no
+ dynamic_linker="$host_os runtime_loader"
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ sys_lib_dlsearch_path_spec='/boot/home/config/lib /boot/common/lib /boot/system/lib'
+ hardcode_into_libs=yes
+ ;;
+
+hpux9* | hpux10* | hpux11*)
+ # Give a soname corresponding to the major version so that dld.sl refuses to
+ # link against other versions.
+ version_type=sunos
+ need_lib_prefix=no
+ need_version=no
+ case $host_cpu in
+ ia64*)
+ shrext_cmds='.so'
+ hardcode_into_libs=yes
+ dynamic_linker="$host_os dld.so"
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ if test "X$HPUX_IA64_MODE" = X32; then
+ sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib"
+ else
+ sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64"
+ fi
+ sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+ ;;
+ hppa*64*)
+ shrext_cmds='.sl'
+ hardcode_into_libs=yes
+ dynamic_linker="$host_os dld.sl"
+ shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH
+ shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64"
+ sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+ ;;
+ *)
+ shrext_cmds='.sl'
+ dynamic_linker="$host_os dld.sl"
+ shlibpath_var=SHLIB_PATH
+ shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ ;;
+ esac
+ # HP-UX runs *really* slowly unless shared libraries are mode 555, ...
+ postinstall_cmds='chmod 555 $lib'
+ # or fails outright, so override atomically:
+ install_override_mode=555
+ ;;
+
+interix[3-9]*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+
+irix5* | irix6* | nonstopux*)
+ case $host_os in
+ nonstopux*) version_type=nonstopux ;;
+ *)
+ if test "$lt_cv_prog_gnu_ld" = yes; then
+ version_type=linux # correct to gnu/linux during the next big refactor
+ else
+ version_type=irix
+ fi ;;
+ esac
+ need_lib_prefix=no
+ need_version=no
+ soname_spec='${libname}${release}${shared_ext}$major'
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}'
+ case $host_os in
+ irix5* | nonstopux*)
+ libsuff= shlibsuff=
+ ;;
+ *)
+ case $LD in # libtool.m4 will add one of these switches to LD
+ *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ")
+ libsuff= shlibsuff= libmagic=32-bit;;
+ *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ")
+ libsuff=32 shlibsuff=N32 libmagic=N32;;
+ *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ")
+ libsuff=64 shlibsuff=64 libmagic=64-bit;;
+ *) libsuff= shlibsuff= libmagic=never-match;;
+ esac
+ ;;
+ esac
+ shlibpath_var=LD_LIBRARY${shlibsuff}_PATH
+ shlibpath_overrides_runpath=no
+ sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}"
+ sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}"
+ hardcode_into_libs=yes
+ ;;
+
+# No shared lib support for Linux oldld, aout, or coff.
+linux*oldld* | linux*aout* | linux*coff*)
+ dynamic_linker=no
+ ;;
+
+# This must be glibc/ELF.
+linux* | k*bsd*-gnu | kopensolaris*-gnu)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+
+ # Some binutils ld are patched to set DT_RUNPATH
+ if ${lt_cv_shlibpath_overrides_runpath+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ lt_cv_shlibpath_overrides_runpath=no
+ save_LDFLAGS=$LDFLAGS
+ save_libdir=$libdir
+ eval "libdir=/foo; wl=\"$lt_prog_compiler_wl\"; \
+ LDFLAGS=\"\$LDFLAGS $hardcode_libdir_flag_spec\""
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "10328"; then :
+ if ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null; then :
+ lt_cv_shlibpath_overrides_runpath=yes
+fi
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+ LDFLAGS=$save_LDFLAGS
+ libdir=$save_libdir
+
+fi
+
+ shlibpath_overrides_runpath=$lt_cv_shlibpath_overrides_runpath
+
+ # This implies no fast_install, which is unacceptable.
+ # Some rework will be needed to allow for fast_install
+ # before this can be enabled.
+ hardcode_into_libs=yes
+
+ # Append ld.so.conf contents to the search path
+ if test -f /etc/ld.so.conf; then
+ lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '`
+ sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
+ fi
+
+ # We used to test for /lib/ld.so.1 and disable shared libraries on
+ # powerpc, because MkLinux only supported shared libraries with the
+ # GNU dynamic linker. Since this was broken with cross compilers,
+ # most powerpc-linux boxes support dynamic linking these days and
+ # people can always --disable-shared, the test was removed, and we
+ # assume the GNU/Linux dynamic linker is in use.
+ dynamic_linker='GNU/Linux ld.so'
+ ;;
+
+netbsdelf*-gnu)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ dynamic_linker='NetBSD ld.elf_so'
+ ;;
+
+netbsd*)
+ version_type=sunos
+ need_lib_prefix=no
+ need_version=no
+ if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+ dynamic_linker='NetBSD (a.out) ld.so'
+ else
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ dynamic_linker='NetBSD ld.elf_so'
+ fi
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ ;;
+
+newsos6)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ ;;
+
+*nto* | *qnx*)
+ version_type=qnx
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ dynamic_linker='ldqnx.so'
+ ;;
+
+openbsd*)
+ version_type=sunos
+ sys_lib_dlsearch_path_spec="/usr/lib"
+ need_lib_prefix=no
+ # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs.
+ case $host_os in
+ openbsd3.3 | openbsd3.3.*) need_version=yes ;;
+ *) need_version=no ;;
+ esac
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+ finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ case $host_os in
+ openbsd2.[89] | openbsd2.[89].*)
+ shlibpath_overrides_runpath=no
+ ;;
+ *)
+ shlibpath_overrides_runpath=yes
+ ;;
+ esac
+ else
+ shlibpath_overrides_runpath=yes
+ fi
+ ;;
+
+os2*)
+ libname_spec='$name'
+ shrext_cmds=".dll"
+ need_lib_prefix=no
+ library_names_spec='$libname${shared_ext} $libname.a'
+ dynamic_linker='OS/2 ld.exe'
+ shlibpath_var=LIBPATH
+ ;;
+
+osf3* | osf4* | osf5*)
+ version_type=osf
+ need_lib_prefix=no
+ need_version=no
+ soname_spec='${libname}${release}${shared_ext}$major'
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib"
+ sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec"
+ ;;
+
+rdos*)
+ dynamic_linker=no
+ ;;
+
+solaris*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ # ldd complains unless libraries are executable
+ postinstall_cmds='chmod +x $lib'
+ ;;
+
+sunos4*)
+ version_type=sunos
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+ finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ if test "$with_gnu_ld" = yes; then
+ need_lib_prefix=no
+ fi
+ need_version=yes
+ ;;
+
+sysv4 | sysv4.3*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ case $host_vendor in
+ sni)
+ shlibpath_overrides_runpath=no
+ need_lib_prefix=no
+ runpath_var=LD_RUN_PATH
+ ;;
+ siemens)
+ need_lib_prefix=no
+ ;;
+ motorola)
+ need_lib_prefix=no
+ need_version=no
+ shlibpath_overrides_runpath=no
+ sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib'
+ ;;
+ esac
+ ;;
+
+sysv4*MP*)
+ if test -d /usr/nec ;then
+ version_type=linux # correct to gnu/linux during the next big refactor
+ library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}'
+ soname_spec='$libname${shared_ext}.$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ fi
+ ;;
+
+sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+ version_type=freebsd-elf
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ hardcode_into_libs=yes
+ if test "$with_gnu_ld" = yes; then
+ sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib'
+ else
+ sys_lib_search_path_spec='/usr/ccs/lib /usr/lib'
+ case $host_os in
+ sco3.2v5*)
+ sys_lib_search_path_spec="$sys_lib_search_path_spec /lib"
+ ;;
+ esac
+ fi
+ sys_lib_dlsearch_path_spec='/usr/lib'
+ ;;
+
+tpf*)
+ # TPF is a cross-target only. Preferred cross-host = GNU/Linux.
+ version_type=linux # correct to gnu/linux during the next big refactor
+ need_lib_prefix=no
+ need_version=no
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ shlibpath_var=LD_LIBRARY_PATH
+ shlibpath_overrides_runpath=no
+ hardcode_into_libs=yes
+ ;;
+
+uts4*)
+ version_type=linux # correct to gnu/linux during the next big refactor
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LD_LIBRARY_PATH
+ ;;
+
+*)
+ dynamic_linker=no
+ ;;
+esac
+{ $as_echo "$as_me:${as_lineno-10562}: result: $dynamic_linker" >&5
+$as_echo "$dynamic_linker" >&6; }
+test "$dynamic_linker" = no && can_build_shared=no
+
+variables_saved_for_relink="PATH $shlibpath_var $runpath_var"
+if test "$GCC" = yes; then
+ variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH"
+fi
+
+if test "${lt_cv_sys_lib_search_path_spec+set}" = set; then
+ sys_lib_search_path_spec="$lt_cv_sys_lib_search_path_spec"
+fi
+if test "${lt_cv_sys_lib_dlsearch_path_spec+set}" = set; then
+ sys_lib_dlsearch_path_spec="$lt_cv_sys_lib_dlsearch_path_spec"
+fi
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ { $as_echo "$as_me:${as_lineno-10669}: checking how to hardcode library paths into programs" >&5
+$as_echo_n "checking how to hardcode library paths into programs... " >&6; }
+hardcode_action=
+if test -n "$hardcode_libdir_flag_spec" ||
+ test -n "$runpath_var" ||
+ test "X$hardcode_automatic" = "Xyes" ; then
+
+ # We can hardcode non-existent directories.
+ if test "$hardcode_direct" != no &&
+ # If the only mechanism to avoid hardcoding is shlibpath_var, we
+ # have to relink, otherwise we might link with an installed library
+ # when we should be linking with a yet-to-be-installed one
+ ## test "$_LT_TAGVAR(hardcode_shlibpath_var, )" != no &&
+ test "$hardcode_minus_L" != no; then
+ # Linking always hardcodes the temporary library directory.
+ hardcode_action=relink
+ else
+ # We can link without hardcoding, and we can hardcode nonexisting dirs.
+ hardcode_action=immediate
+ fi
+else
+ # We cannot hardcode anything, or else we can only hardcode existing
+ # directories.
+ hardcode_action=unsupported
+fi
+{ $as_echo "$as_me:${as_lineno-10694}: result: $hardcode_action" >&5
+$as_echo "$hardcode_action" >&6; }
+
+if test "$hardcode_action" = relink ||
+ test "$inherit_rpath" = yes; then
+ # Fast installation is not supported
+ enable_fast_install=no
+elif test "$shlibpath_overrides_runpath" = yes ||
+ test "$enable_shared" = no; then
+ # Fast installation is not necessary
+ enable_fast_install=needless
+fi
+
+
+
+
+
+
+ if test "x$enable_dlopen" != xyes; then
+ enable_dlopen=unknown
+ enable_dlopen_self=unknown
+ enable_dlopen_self_static=unknown
+else
+ lt_cv_dlopen=no
+ lt_cv_dlopen_libs=
+
+ case $host_os in
+ beos*)
+ lt_cv_dlopen="load_add_on"
+ lt_cv_dlopen_libs=
+ lt_cv_dlopen_self=yes
+ ;;
+
+ mingw* | pw32* | cegcc*)
+ lt_cv_dlopen="LoadLibrary"
+ lt_cv_dlopen_libs=
+ ;;
+
+ cygwin*)
+ lt_cv_dlopen="dlopen"
+ lt_cv_dlopen_libs=
+ ;;
+
+ darwin*)
+ # if libdl is installed we need to link against it
+ { $as_echo "$as_me:${as_lineno-10739}: checking for dlopen in -ldl" >&5
+$as_echo_n "checking for dlopen in -ldl... " >&6; }
+if ${ac_cv_lib_dl_dlopen+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-ldl $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char dlopen ();
+int
+main ()
+{
+return dlopen ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "10764"; then :
+ ac_cv_lib_dl_dlopen=yes
+else
+ ac_cv_lib_dl_dlopen=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-10773}: result: $ac_cv_lib_dl_dlopen" >&5
+$as_echo "$ac_cv_lib_dl_dlopen" >&6; }
+if test "x$ac_cv_lib_dl_dlopen" = xyes; then :
+ lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"
+else
+
+ lt_cv_dlopen="dyld"
+ lt_cv_dlopen_libs=
+ lt_cv_dlopen_self=yes
+
+fi
+
+ ;;
+
+ *)
+ ac_fn_c_check_func "10788" "shl_load" "ac_cv_func_shl_load"
+if test "x$ac_cv_func_shl_load" = xyes; then :
+ lt_cv_dlopen="shl_load"
+else
+ { $as_echo "$as_me:${as_lineno-10792}: checking for shl_load in -ldld" >&5
+$as_echo_n "checking for shl_load in -ldld... " >&6; }
+if ${ac_cv_lib_dld_shl_load+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-ldld $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char shl_load ();
+int
+main ()
+{
+return shl_load ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "10817"; then :
+ ac_cv_lib_dld_shl_load=yes
+else
+ ac_cv_lib_dld_shl_load=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-10826}: result: $ac_cv_lib_dld_shl_load" >&5
+$as_echo "$ac_cv_lib_dld_shl_load" >&6; }
+if test "x$ac_cv_lib_dld_shl_load" = xyes; then :
+ lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-ldld"
+else
+ ac_fn_c_check_func "10831" "dlopen" "ac_cv_func_dlopen"
+if test "x$ac_cv_func_dlopen" = xyes; then :
+ lt_cv_dlopen="dlopen"
+else
+ { $as_echo "$as_me:${as_lineno-10835}: checking for dlopen in -ldl" >&5
+$as_echo_n "checking for dlopen in -ldl... " >&6; }
+if ${ac_cv_lib_dl_dlopen+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-ldl $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char dlopen ();
+int
+main ()
+{
+return dlopen ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "10860"; then :
+ ac_cv_lib_dl_dlopen=yes
+else
+ ac_cv_lib_dl_dlopen=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-10869}: result: $ac_cv_lib_dl_dlopen" >&5
+$as_echo "$ac_cv_lib_dl_dlopen" >&6; }
+if test "x$ac_cv_lib_dl_dlopen" = xyes; then :
+ lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"
+else
+ { $as_echo "$as_me:${as_lineno-10874}: checking for dlopen in -lsvld" >&5
+$as_echo_n "checking for dlopen in -lsvld... " >&6; }
+if ${ac_cv_lib_svld_dlopen+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lsvld $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char dlopen ();
+int
+main ()
+{
+return dlopen ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "10899"; then :
+ ac_cv_lib_svld_dlopen=yes
+else
+ ac_cv_lib_svld_dlopen=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-10908}: result: $ac_cv_lib_svld_dlopen" >&5
+$as_echo "$ac_cv_lib_svld_dlopen" >&6; }
+if test "x$ac_cv_lib_svld_dlopen" = xyes; then :
+ lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld"
+else
+ { $as_echo "$as_me:${as_lineno-10913}: checking for dld_link in -ldld" >&5
+$as_echo_n "checking for dld_link in -ldld... " >&6; }
+if ${ac_cv_lib_dld_dld_link+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-ldld $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char dld_link ();
+int
+main ()
+{
+return dld_link ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "10938"; then :
+ ac_cv_lib_dld_dld_link=yes
+else
+ ac_cv_lib_dld_dld_link=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-10947}: result: $ac_cv_lib_dld_dld_link" >&5
+$as_echo "$ac_cv_lib_dld_dld_link" >&6; }
+if test "x$ac_cv_lib_dld_dld_link" = xyes; then :
+ lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-ldld"
+fi
+
+
+fi
+
+
+fi
+
+
+fi
+
+
+fi
+
+
+fi
+
+ ;;
+ esac
+
+ if test "x$lt_cv_dlopen" != xno; then
+ enable_dlopen=yes
+ else
+ enable_dlopen=no
+ fi
+
+ case $lt_cv_dlopen in
+ dlopen)
+ save_CPPFLAGS="$CPPFLAGS"
+ test "x$ac_cv_header_dlfcn_h" = xyes && CPPFLAGS="$CPPFLAGS -DHAVE_DLFCN_H"
+
+ save_LDFLAGS="$LDFLAGS"
+ wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $export_dynamic_flag_spec\"
+
+ save_LIBS="$LIBS"
+ LIBS="$lt_cv_dlopen_libs $LIBS"
+
+ { $as_echo "$as_me:${as_lineno-10988}: checking whether a program can dlopen itself" >&5
+$as_echo_n "checking whether a program can dlopen itself... " >&6; }
+if ${lt_cv_dlopen_self+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test "$cross_compiling" = yes; then :
+ lt_cv_dlopen_self=cross
+else
+ lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
+ lt_status=$lt_dlunknown
+ cat > conftest.$ac_ext <<_LT_EOF
+#line 10999 "configure"
+#include "confdefs.h"
+
+#if HAVE_DLFCN_H
+#include <dlfcn.h>
+#endif
+
+#include <stdio.h>
+
+#ifdef RTLD_GLOBAL
+# define LT_DLGLOBAL RTLD_GLOBAL
+#else
+# ifdef DL_GLOBAL
+# define LT_DLGLOBAL DL_GLOBAL
+# else
+# define LT_DLGLOBAL 0
+# endif
+#endif
+
+/* We may have to define LT_DLLAZY_OR_NOW in the command line if we
+ find out it does not work in some platform. */
+#ifndef LT_DLLAZY_OR_NOW
+# ifdef RTLD_LAZY
+# define LT_DLLAZY_OR_NOW RTLD_LAZY
+# else
+# ifdef DL_LAZY
+# define LT_DLLAZY_OR_NOW DL_LAZY
+# else
+# ifdef RTLD_NOW
+# define LT_DLLAZY_OR_NOW RTLD_NOW
+# else
+# ifdef DL_NOW
+# define LT_DLLAZY_OR_NOW DL_NOW
+# else
+# define LT_DLLAZY_OR_NOW 0
+# endif
+# endif
+# endif
+# endif
+#endif
+
+/* When -fvisbility=hidden is used, assume the code has been annotated
+ correspondingly for the symbols needed. */
+#if defined(__GNUC__) && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3))
+int fnord () __attribute__((visibility("default")));
+#endif
+
+int fnord () { return 42; }
+int main ()
+{
+ void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW);
+ int status = $lt_dlunknown;
+
+ if (self)
+ {
+ if (dlsym (self,"fnord")) status = $lt_dlno_uscore;
+ else
+ {
+ if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore;
+ else puts (dlerror ());
+ }
+ /* dlclose (self); */
+ }
+ else
+ puts (dlerror ());
+
+ return status;
+}
+_LT_EOF
+ if { { eval echo "\"\$as_me\":${as_lineno-11068}: \"$ac_link\""; } >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-11071}: \$? = $ac_status" >&5
+ test $ac_status = 0; } && test -s conftest${ac_exeext} 2>/dev/null; then
+ (./conftest; exit; ) >&5 2>/dev/null
+ lt_status=$?
+ case x$lt_status in
+ x$lt_dlno_uscore) lt_cv_dlopen_self=yes ;;
+ x$lt_dlneed_uscore) lt_cv_dlopen_self=yes ;;
+ x$lt_dlunknown|x*) lt_cv_dlopen_self=no ;;
+ esac
+ else :
+ # compilation failed
+ lt_cv_dlopen_self=no
+ fi
+fi
+rm -fr conftest*
+
+
+fi
+{ $as_echo "$as_me:${as_lineno-11089}: result: $lt_cv_dlopen_self" >&5
+$as_echo "$lt_cv_dlopen_self" >&6; }
+
+ if test "x$lt_cv_dlopen_self" = xyes; then
+ wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\"
+ { $as_echo "$as_me:${as_lineno-11094}: checking whether a statically linked program can dlopen itself" >&5
+$as_echo_n "checking whether a statically linked program can dlopen itself... " >&6; }
+if ${lt_cv_dlopen_self_static+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test "$cross_compiling" = yes; then :
+ lt_cv_dlopen_self_static=cross
+else
+ lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
+ lt_status=$lt_dlunknown
+ cat > conftest.$ac_ext <<_LT_EOF
+#line 11105 "configure"
+#include "confdefs.h"
+
+#if HAVE_DLFCN_H
+#include <dlfcn.h>
+#endif
+
+#include <stdio.h>
+
+#ifdef RTLD_GLOBAL
+# define LT_DLGLOBAL RTLD_GLOBAL
+#else
+# ifdef DL_GLOBAL
+# define LT_DLGLOBAL DL_GLOBAL
+# else
+# define LT_DLGLOBAL 0
+# endif
+#endif
+
+/* We may have to define LT_DLLAZY_OR_NOW in the command line if we
+ find out it does not work in some platform. */
+#ifndef LT_DLLAZY_OR_NOW
+# ifdef RTLD_LAZY
+# define LT_DLLAZY_OR_NOW RTLD_LAZY
+# else
+# ifdef DL_LAZY
+# define LT_DLLAZY_OR_NOW DL_LAZY
+# else
+# ifdef RTLD_NOW
+# define LT_DLLAZY_OR_NOW RTLD_NOW
+# else
+# ifdef DL_NOW
+# define LT_DLLAZY_OR_NOW DL_NOW
+# else
+# define LT_DLLAZY_OR_NOW 0
+# endif
+# endif
+# endif
+# endif
+#endif
+
+/* When -fvisbility=hidden is used, assume the code has been annotated
+ correspondingly for the symbols needed. */
+#if defined(__GNUC__) && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3))
+int fnord () __attribute__((visibility("default")));
+#endif
+
+int fnord () { return 42; }
+int main ()
+{
+ void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW);
+ int status = $lt_dlunknown;
+
+ if (self)
+ {
+ if (dlsym (self,"fnord")) status = $lt_dlno_uscore;
+ else
+ {
+ if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore;
+ else puts (dlerror ());
+ }
+ /* dlclose (self); */
+ }
+ else
+ puts (dlerror ());
+
+ return status;
+}
+_LT_EOF
+ if { { eval echo "\"\$as_me\":${as_lineno-11174}: \"$ac_link\""; } >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-11177}: \$? = $ac_status" >&5
+ test $ac_status = 0; } && test -s conftest${ac_exeext} 2>/dev/null; then
+ (./conftest; exit; ) >&5 2>/dev/null
+ lt_status=$?
+ case x$lt_status in
+ x$lt_dlno_uscore) lt_cv_dlopen_self_static=yes ;;
+ x$lt_dlneed_uscore) lt_cv_dlopen_self_static=yes ;;
+ x$lt_dlunknown|x*) lt_cv_dlopen_self_static=no ;;
+ esac
+ else :
+ # compilation failed
+ lt_cv_dlopen_self_static=no
+ fi
+fi
+rm -fr conftest*
+
+
+fi
+{ $as_echo "$as_me:${as_lineno-11195}: result: $lt_cv_dlopen_self_static" >&5
+$as_echo "$lt_cv_dlopen_self_static" >&6; }
+ fi
+
+ CPPFLAGS="$save_CPPFLAGS"
+ LDFLAGS="$save_LDFLAGS"
+ LIBS="$save_LIBS"
+ ;;
+ esac
+
+ case $lt_cv_dlopen_self in
+ yes|no) enable_dlopen_self=$lt_cv_dlopen_self ;;
+ *) enable_dlopen_self=unknown ;;
+ esac
+
+ case $lt_cv_dlopen_self_static in
+ yes|no) enable_dlopen_self_static=$lt_cv_dlopen_self_static ;;
+ *) enable_dlopen_self_static=unknown ;;
+ esac
+fi
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+striplib=
+old_striplib=
+{ $as_echo "$as_me:${as_lineno-11234}: checking whether stripping libraries is possible" >&5
+$as_echo_n "checking whether stripping libraries is possible... " >&6; }
+if test -n "$STRIP" && $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then
+ test -z "$old_striplib" && old_striplib="$STRIP --strip-debug"
+ test -z "$striplib" && striplib="$STRIP --strip-unneeded"
+ { $as_echo "$as_me:${as_lineno-11239}: result: yes" >&5
+$as_echo "yes" >&6; }
+else
+# FIXME - insert some real tests, host_os isn't really good enough
+ case $host_os in
+ darwin*)
+ if test -n "$STRIP" ; then
+ striplib="$STRIP -x"
+ old_striplib="$STRIP -S"
+ { $as_echo "$as_me:${as_lineno-11248}: result: yes" >&5
+$as_echo "yes" >&6; }
+ else
+ { $as_echo "$as_me:${as_lineno-11251}: result: no" >&5
+$as_echo "no" >&6; }
+ fi
+ ;;
+ *)
+ { $as_echo "$as_me:${as_lineno-11256}: result: no" >&5
+$as_echo "no" >&6; }
+ ;;
+ esac
+fi
+
+
+
+
+
+
+
+
+
+
+
+
+ # Report which library types will actually be built
+ { $as_echo "$as_me:${as_lineno-11274}: checking if libtool supports shared libraries" >&5
+$as_echo_n "checking if libtool supports shared libraries... " >&6; }
+ { $as_echo "$as_me:${as_lineno-11276}: result: $can_build_shared" >&5
+$as_echo "$can_build_shared" >&6; }
+
+ { $as_echo "$as_me:${as_lineno-11279}: checking whether to build shared libraries" >&5
+$as_echo_n "checking whether to build shared libraries... " >&6; }
+ test "$can_build_shared" = "no" && enable_shared=no
+
+ # On AIX, shared libraries and static libraries use the same namespace, and
+ # are all built from PIC.
+ case $host_os in
+ aix3*)
+ test "$enable_shared" = yes && enable_static=no
+ if test -n "$RANLIB"; then
+ archive_cmds="$archive_cmds~\$RANLIB \$lib"
+ postinstall_cmds='$RANLIB $lib'
+ fi
+ ;;
+
+ aix[4-9]*)
+ if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then
+ test "$enable_shared" = yes && enable_static=no
+ fi
+ ;;
+ esac
+ { $as_echo "$as_me:${as_lineno-11300}: result: $enable_shared" >&5
+$as_echo "$enable_shared" >&6; }
+
+ { $as_echo "$as_me:${as_lineno-11303}: checking whether to build static libraries" >&5
+$as_echo_n "checking whether to build static libraries... " >&6; }
+ # Make sure either enable_shared or enable_static is yes.
+ test "$enable_shared" = yes || enable_static=yes
+ { $as_echo "$as_me:${as_lineno-11307}: result: $enable_static" >&5
+$as_echo "$enable_static" >&6; }
+
+
+
+
+fi
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+CC="$lt_save_CC"
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ ac_config_commands="$ac_config_commands libtool"
+
+
+
+
+# Only expand once:
+
+
+#AC_CANONICAL_HOST
+
+CFLAGS=
+default_fink_path=/sw
+case $host_os in
+ darwin*)
+ { $as_echo "$as_me:${as_lineno-11350}: checking for a fink installation at $default_fink_path" >&5
+$as_echo_n "checking for a fink installation at $default_fink_path... " >&6; }
+ if test -d $default_fink_path; then
+ { $as_echo "$as_me:${as_lineno-11353}: result: found it!" >&5
+$as_echo "found it!" >&6; }
+ { $as_echo "$as_me:${as_lineno-11355}: Adding -I$default_fink_path/include to CPPFLAGS" >&5
+$as_echo "$as_me: Adding -I$default_fink_path/include to CPPFLAGS" >&6;}
+ CPPFLAGS="-I$default_fink_path/include $CPPFLAGS"
+ { $as_echo "$as_me:${as_lineno-11358}: Adding -L$default_fink_path/lib to LDFLAGS" >&5
+$as_echo "$as_me: Adding -L$default_fink_path/lib to LDFLAGS" >&6;}
+ LDFLAGS="-L$default_fink_path/lib $LDFLAGS"
+ else
+ { $as_echo "$as_me:${as_lineno-11362}: result: none" >&5
+$as_echo "none" >&6; }
+ { $as_echo "$as_me:${as_lineno-11364}: You may need to add set CPPFLAGS and LDFLAGS for gmp, etc." >&5
+$as_echo "$as_me: You may need to add set CPPFLAGS and LDFLAGS for gmp, etc." >&6;}
+ fi
+ ;;
+esac
+
+############################
+# Configs for Windows DLLs.
+# Framework for the below was extracted and
+# modeled after the libgmp configure script.
+
+enable_win32_dll=yes
+
+case $host in
+*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-cegcc*)
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}as", so it can be a program name with args.
+set dummy ${ac_tool_prefix}as; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-11382}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_AS+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$AS"; then
+ ac_cv_prog_AS="$AS" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_AS="${ac_tool_prefix}as"
+ $as_echo "$as_me:${as_lineno-11398}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+AS=$ac_cv_prog_AS
+if test -n "$AS"; then
+ { $as_echo "$as_me:${as_lineno-11409}: result: $AS" >&5
+$as_echo "$AS" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-11412}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_AS"; then
+ ac_ct_AS=$AS
+ # Extract the first word of "as", so it can be a program name with args.
+set dummy as; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-11422}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_AS+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$ac_ct_AS"; then
+ ac_cv_prog_ac_ct_AS="$ac_ct_AS" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_AS="as"
+ $as_echo "$as_me:${as_lineno-11438}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_AS=$ac_cv_prog_ac_ct_AS
+if test -n "$ac_ct_AS"; then
+ { $as_echo "$as_me:${as_lineno-11449}: result: $ac_ct_AS" >&5
+$as_echo "$ac_ct_AS" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-11452}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+ if test "x$ac_ct_AS" = x; then
+ AS="false"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-11461}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ AS=$ac_ct_AS
+ fi
+else
+ AS="$ac_cv_prog_AS"
+fi
+
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}dlltool", so it can be a program name with args.
+set dummy ${ac_tool_prefix}dlltool; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-11474}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_DLLTOOL+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$DLLTOOL"; then
+ ac_cv_prog_DLLTOOL="$DLLTOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_DLLTOOL="${ac_tool_prefix}dlltool"
+ $as_echo "$as_me:${as_lineno-11490}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+DLLTOOL=$ac_cv_prog_DLLTOOL
+if test -n "$DLLTOOL"; then
+ { $as_echo "$as_me:${as_lineno-11501}: result: $DLLTOOL" >&5
+$as_echo "$DLLTOOL" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-11504}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_DLLTOOL"; then
+ ac_ct_DLLTOOL=$DLLTOOL
+ # Extract the first word of "dlltool", so it can be a program name with args.
+set dummy dlltool; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-11514}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_DLLTOOL+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$ac_ct_DLLTOOL"; then
+ ac_cv_prog_ac_ct_DLLTOOL="$ac_ct_DLLTOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_DLLTOOL="dlltool"
+ $as_echo "$as_me:${as_lineno-11530}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_DLLTOOL=$ac_cv_prog_ac_ct_DLLTOOL
+if test -n "$ac_ct_DLLTOOL"; then
+ { $as_echo "$as_me:${as_lineno-11541}: result: $ac_ct_DLLTOOL" >&5
+$as_echo "$ac_ct_DLLTOOL" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-11544}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+ if test "x$ac_ct_DLLTOOL" = x; then
+ DLLTOOL="false"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-11553}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ DLLTOOL=$ac_ct_DLLTOOL
+ fi
+else
+ DLLTOOL="$ac_cv_prog_DLLTOOL"
+fi
+
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}objdump", so it can be a program name with args.
+set dummy ${ac_tool_prefix}objdump; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-11566}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_OBJDUMP+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$OBJDUMP"; then
+ ac_cv_prog_OBJDUMP="$OBJDUMP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump"
+ $as_echo "$as_me:${as_lineno-11582}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+OBJDUMP=$ac_cv_prog_OBJDUMP
+if test -n "$OBJDUMP"; then
+ { $as_echo "$as_me:${as_lineno-11593}: result: $OBJDUMP" >&5
+$as_echo "$OBJDUMP" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-11596}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_OBJDUMP"; then
+ ac_ct_OBJDUMP=$OBJDUMP
+ # Extract the first word of "objdump", so it can be a program name with args.
+set dummy objdump; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-11606}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_OBJDUMP+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$ac_ct_OBJDUMP"; then
+ ac_cv_prog_ac_ct_OBJDUMP="$ac_ct_OBJDUMP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_OBJDUMP="objdump"
+ $as_echo "$as_me:${as_lineno-11622}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_OBJDUMP=$ac_cv_prog_ac_ct_OBJDUMP
+if test -n "$ac_ct_OBJDUMP"; then
+ { $as_echo "$as_me:${as_lineno-11633}: result: $ac_ct_OBJDUMP" >&5
+$as_echo "$ac_ct_OBJDUMP" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-11636}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+ if test "x$ac_ct_OBJDUMP" = x; then
+ OBJDUMP="false"
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-11645}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ OBJDUMP=$ac_ct_OBJDUMP
+ fi
+else
+ OBJDUMP="$ac_cv_prog_OBJDUMP"
+fi
+
+ ;;
+esac
+
+test -z "$AS" && AS=as
+
+
+
+
+
+test -z "$DLLTOOL" && DLLTOOL=dlltool
+
+
+test -z "$OBJDUMP" && OBJDUMP=objdump
+
+
+
+
+LIBPBC_DLL=0
+
+
+case $host in
+ *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2*)
+ if test -z "$enable_shared"; then
+ enable_shared=no
+ fi
+ # Don't allow both static and DLL.
+ if test "$enable_shared" != no && test "$enable_static" != no; then
+ as_fn_error $? "cannot build both static and DLL, since gmp.h is different for each.
+Use \"--disable-static --enable-shared\" to build just a DLL." "11683" 5
+ fi
+
+ # "-no-undefined" is required when building a DLL, see documentation on
+ # AC_LIBTOOL_WIN32_DLL. Also, -no-undefined needs a version number
+ # or it will complain about not having a nonnegative integer.
+ if test "$enable_shared" = yes; then
+ PBC_LDFLAGS="$PBC_LDFLAGS -no-undefined 0 -Wl,--export-all-symbols"
+ LIBPBC_LDFLAGS="$LIBPBC_LDFLAGS -Wl,--output-def,.libs/libpbc.dll.def"
+ LIBPBC_DLL=1
+ fi
+ ;;
+esac
+case $host in
+ *-*-mingw*)
+ gcc_cflags_optlist="$gcc_cflags_optlist nocygwin"
+ gcc_cflags_nocygwin="-mno-cygwin"
+ ;;
+esac
+
+
+
+############################
+
+# Checks for programs.
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args.
+set dummy ${ac_tool_prefix}gcc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-11716}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$CC"; then
+ ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_CC="${ac_tool_prefix}gcc"
+ $as_echo "$as_me:${as_lineno-11732}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+ { $as_echo "$as_me:${as_lineno-11743}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-11746}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_CC"; then
+ ac_ct_CC=$CC
+ # Extract the first word of "gcc", so it can be a program name with args.
+set dummy gcc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-11756}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_CC+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$ac_ct_CC"; then
+ ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_CC="gcc"
+ $as_echo "$as_me:${as_lineno-11772}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_CC=$ac_cv_prog_ac_ct_CC
+if test -n "$ac_ct_CC"; then
+ { $as_echo "$as_me:${as_lineno-11783}: result: $ac_ct_CC" >&5
+$as_echo "$ac_ct_CC" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-11786}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+ if test "x$ac_ct_CC" = x; then
+ CC=""
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-11795}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ CC=$ac_ct_CC
+ fi
+else
+ CC="$ac_cv_prog_CC"
+fi
+
+if test -z "$CC"; then
+ if test -n "$ac_tool_prefix"; then
+ # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args.
+set dummy ${ac_tool_prefix}cc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-11809}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$CC"; then
+ ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_CC="${ac_tool_prefix}cc"
+ $as_echo "$as_me:${as_lineno-11825}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+ { $as_echo "$as_me:${as_lineno-11836}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-11839}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+ fi
+fi
+if test -z "$CC"; then
+ # Extract the first word of "cc", so it can be a program name with args.
+set dummy cc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-11849}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$CC"; then
+ ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+ ac_prog_rejected=no
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then
+ ac_prog_rejected=yes
+ continue
+ fi
+ ac_cv_prog_CC="cc"
+ $as_echo "$as_me:${as_lineno-11870}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+if test $ac_prog_rejected = yes; then
+ # We found a bogon in the path, so make sure we never use it.
+ set dummy $ac_cv_prog_CC
+ shift
+ if test $# != 0; then
+ # We chose a different compiler from the bogus one.
+ # However, it has the same basename, so the bogon will be chosen
+ # first if we set CC to just the basename; use the full file name.
+ shift
+ ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@"
+ fi
+fi
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+ { $as_echo "$as_me:${as_lineno-11893}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-11896}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$CC"; then
+ if test -n "$ac_tool_prefix"; then
+ for ac_prog in cl.exe
+ do
+ # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
+set dummy $ac_tool_prefix$ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-11908}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$CC"; then
+ ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_CC="$ac_tool_prefix$ac_prog"
+ $as_echo "$as_me:${as_lineno-11924}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+ { $as_echo "$as_me:${as_lineno-11935}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-11938}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+ test -n "$CC" && break
+ done
+fi
+if test -z "$CC"; then
+ ac_ct_CC=$CC
+ for ac_prog in cl.exe
+do
+ # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-11952}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_CC+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$ac_ct_CC"; then
+ ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_ac_ct_CC="$ac_prog"
+ $as_echo "$as_me:${as_lineno-11968}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_CC=$ac_cv_prog_ac_ct_CC
+if test -n "$ac_ct_CC"; then
+ { $as_echo "$as_me:${as_lineno-11979}: result: $ac_ct_CC" >&5
+$as_echo "$ac_ct_CC" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-11982}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+ test -n "$ac_ct_CC" && break
+done
+
+ if test "x$ac_ct_CC" = x; then
+ CC=""
+ else
+ case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-11995}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+ CC=$ac_ct_CC
+ fi
+fi
+
+fi
+
+
+test -z "$CC" && { { $as_echo "$as_me:${as_lineno-12006}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "no acceptable C compiler found in \$PATH
+See \`config.log' for more details" "12009" 5; }
+
+# Provide some information about the compiler.
+$as_echo "$as_me:${as_lineno-12012}: checking for C compiler version" >&5
+set X $ac_compile
+ac_compiler=$2
+for ac_option in --version -v -V -qversion; do
+ { { ac_try="$ac_compiler $ac_option >&5"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-12021}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+ (eval "$ac_compiler $ac_option >&5") 2>conftest.err
+ ac_status=$?
+ if test -s conftest.err; then
+ sed '10a\
+... rest of stderr output deleted ...
+ 10q' conftest.err >conftest.er1
+ cat conftest.er1 >&5
+ fi
+ rm -f conftest.er1 conftest.err
+ $as_echo "$as_me:${as_lineno-12032}: \$? = $ac_status" >&5
+ test $ac_status = 0; }
+done
+
+{ $as_echo "$as_me:${as_lineno-12036}: checking whether we are using the GNU C compiler" >&5
+$as_echo_n "checking whether we are using the GNU C compiler... " >&6; }
+if ${ac_cv_c_compiler_gnu+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main ()
+{
+#ifndef __GNUC__
+ choke me
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "12055"; then :
+ ac_compiler_gnu=yes
+else
+ ac_compiler_gnu=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ac_cv_c_compiler_gnu=$ac_compiler_gnu
+
+fi
+{ $as_echo "$as_me:${as_lineno-12064}: result: $ac_cv_c_compiler_gnu" >&5
+$as_echo "$ac_cv_c_compiler_gnu" >&6; }
+if test $ac_compiler_gnu = yes; then
+ GCC=yes
+else
+ GCC=
+fi
+ac_test_CFLAGS=${CFLAGS+set}
+ac_save_CFLAGS=$CFLAGS
+{ $as_echo "$as_me:${as_lineno-12073}: checking whether $CC accepts -g" >&5
+$as_echo_n "checking whether $CC accepts -g... " >&6; }
+if ${ac_cv_prog_cc_g+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_save_c_werror_flag=$ac_c_werror_flag
+ ac_c_werror_flag=yes
+ ac_cv_prog_cc_g=no
+ CFLAGS="-g"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "12093"; then :
+ ac_cv_prog_cc_g=yes
+else
+ CFLAGS=""
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "12108"; then :
+
+else
+ ac_c_werror_flag=$ac_save_c_werror_flag
+ CFLAGS="-g"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "12124"; then :
+ ac_cv_prog_cc_g=yes
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ ac_c_werror_flag=$ac_save_c_werror_flag
+fi
+{ $as_echo "$as_me:${as_lineno-12134}: result: $ac_cv_prog_cc_g" >&5
+$as_echo "$ac_cv_prog_cc_g" >&6; }
+if test "$ac_test_CFLAGS" = set; then
+ CFLAGS=$ac_save_CFLAGS
+elif test $ac_cv_prog_cc_g = yes; then
+ if test "$GCC" = yes; then
+ CFLAGS="-g -O2"
+ else
+ CFLAGS="-g"
+ fi
+else
+ if test "$GCC" = yes; then
+ CFLAGS="-O2"
+ else
+ CFLAGS=
+ fi
+fi
+{ $as_echo "$as_me:${as_lineno-12151}: checking for $CC option to accept ISO C89" >&5
+$as_echo_n "checking for $CC option to accept ISO C89... " >&6; }
+if ${ac_cv_prog_cc_c89+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_cv_prog_cc_c89=no
+ac_save_CC=$CC
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <stdarg.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */
+struct buf { int x; };
+FILE * (*rcsopen) (struct buf *, struct stat *, int);
+static char *e (p, i)
+ char **p;
+ int i;
+{
+ return p[i];
+}
+static char *f (char * (*g) (char **, int), char **p, ...)
+{
+ char *s;
+ va_list v;
+ va_start (v,p);
+ s = g (p, va_arg (v,int));
+ va_end (v);
+ return s;
+}
+
+/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has
+ function prototypes and stuff, but not '\xHH' hex character constants.
+ These don't provoke an error unfortunately, instead are silently treated
+ as 'x'. The following induces an error, until -std is added to get
+ proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an
+ array size at least. It's necessary to write '\x00'==0 to get something
+ that's true only with -std. */
+int osf4_cc_array ['\x00' == 0 ? 1 : -1];
+
+/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters
+ inside strings and character constants. */
+#define FOO(x) 'x'
+int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1];
+
+int test (int i, double x);
+struct s1 {int (*f) (int a);};
+struct s2 {int (*f) (double a);};
+int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int);
+int argc;
+char **argv;
+int
+main ()
+{
+return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1];
+ ;
+ return 0;
+}
+_ACEOF
+for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \
+ -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__"
+do
+ CC="$ac_save_CC $ac_arg"
+ if ac_fn_c_try_compile "12215"; then :
+ ac_cv_prog_cc_c89=$ac_arg
+fi
+rm -f core conftest.err conftest.$ac_objext
+ test "x$ac_cv_prog_cc_c89" != "xno" && break
+done
+rm -f conftest.$ac_ext
+CC=$ac_save_CC
+
+fi
+# AC_CACHE_VAL
+case "x$ac_cv_prog_cc_c89" in
+ x)
+ { $as_echo "$as_me:${as_lineno-12228}: result: none needed" >&5
+$as_echo "none needed" >&6; } ;;
+ xno)
+ { $as_echo "$as_me:${as_lineno-12231}: result: unsupported" >&5
+$as_echo "unsupported" >&6; } ;;
+ *)
+ CC="$CC $ac_cv_prog_cc_c89"
+ { $as_echo "$as_me:${as_lineno-12235}: result: $ac_cv_prog_cc_c89" >&5
+$as_echo "$ac_cv_prog_cc_c89" >&6; } ;;
+esac
+if test "x$ac_cv_prog_cc_c89" != xno; then :
+
+fi
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+depcc="$CC" am_compiler_list=
+
+{ $as_echo "$as_me:${as_lineno-12250}: checking dependency style of $depcc" >&5
+$as_echo_n "checking dependency style of $depcc... " >&6; }
+if ${am_cv_CC_dependencies_compiler_type+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then
+ # We make a subdir and do the tests there. Otherwise we can end up
+ # making bogus files that we don't know about and never remove. For
+ # instance it was reported that on HP-UX the gcc test will end up
+ # making a dummy file named `D' -- because `-MD' means `put the output
+ # in D'.
+ rm -rf conftest.dir
+ mkdir conftest.dir
+ # Copy depcomp to subdir because otherwise we won't find it if we're
+ # using a relative directory.
+ cp "$am_depcomp" conftest.dir
+ cd conftest.dir
+ # We will build objects and dependencies in a subdirectory because
+ # it helps to detect inapplicable dependency modes. For instance
+ # both Tru64's cc and ICC support -MD to output dependencies as a
+ # side effect of compilation, but ICC will put the dependencies in
+ # the current directory while Tru64 will put them in the object
+ # directory.
+ mkdir sub
+
+ am_cv_CC_dependencies_compiler_type=none
+ if test "$am_compiler_list" = ""; then
+ am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp`
+ fi
+ am__universal=false
+ case " $depcc " in #(
+ *\ -arch\ *\ -arch\ *) am__universal=true ;;
+ esac
+
+ for depmode in $am_compiler_list; do
+ # Setup a source with many dependencies, because some compilers
+ # like to wrap large dependency lists on column 80 (with \), and
+ # we should not choose a depcomp mode which is confused by this.
+ #
+ # We need to recreate these files for each test, as the compiler may
+ # overwrite some of them when testing with obscure command lines.
+ # This happens at least with the AIX C compiler.
+ : > sub/conftest.c
+ for i in 1 2 3 4 5 6; do
+ echo '#include "conftst'$i'.h"' >> sub/conftest.c
+ # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with
+ # Solaris 8's {/usr,}/bin/sh.
+ touch sub/conftst$i.h
+ done
+ echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf
+
+ # We check with `-c' and `-o' for the sake of the "dashmstdout"
+ # mode. It turns out that the SunPro C++ compiler does not properly
+ # handle `-M -o', and we need to detect this. Also, some Intel
+ # versions had trouble with output in subdirs
+ am__obj=sub/conftest.${OBJEXT-o}
+ am__minus_obj="-o $am__obj"
+ case $depmode in
+ gcc)
+ # This depmode causes a compiler race in universal mode.
+ test "$am__universal" = false || continue
+ ;;
+ nosideeffect)
+ # after this tag, mechanisms are not by side-effect, so they'll
+ # only be used when explicitly requested
+ if test "x$enable_dependency_tracking" = xyes; then
+ continue
+ else
+ break
+ fi
+ ;;
+ msvc7 | msvc7msys | msvisualcpp | msvcmsys)
+ # This compiler won't grok `-c -o', but also, the minuso test has
+ # not run yet. These depmodes are late enough in the game, and
+ # so weak that their functioning should not be impacted.
+ am__obj=conftest.${OBJEXT-o}
+ am__minus_obj=
+ ;;
+ none) break ;;
+ esac
+ if depmode=$depmode \
+ source=sub/conftest.c object=$am__obj \
+ depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \
+ $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \
+ >/dev/null 2>conftest.err &&
+ grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 &&
+ grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 &&
+ grep $am__obj sub/conftest.Po > /dev/null 2>&1 &&
+ ${MAKE-make} -s -f confmf > /dev/null 2>&1; then
+ # icc doesn't choke on unknown options, it will just issue warnings
+ # or remarks (even with -Werror). So we grep stderr for any message
+ # that says an option was ignored or not supported.
+ # When given -MP, icc 7.0 and 7.1 complain thusly:
+ # icc: Command line warning: ignoring option '-M'; no argument required
+ # The diagnosis changed in icc 8.0:
+ # icc: Command line remark: option '-MP' not supported
+ if (grep 'ignoring option' conftest.err ||
+ grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else
+ am_cv_CC_dependencies_compiler_type=$depmode
+ break
+ fi
+ fi
+ done
+
+ cd ..
+ rm -rf conftest.dir
+else
+ am_cv_CC_dependencies_compiler_type=none
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-12361}: result: $am_cv_CC_dependencies_compiler_type" >&5
+$as_echo "$am_cv_CC_dependencies_compiler_type" >&6; }
+CCDEPMODE=depmode=$am_cv_CC_dependencies_compiler_type
+
+ if
+ test "x$enable_dependency_tracking" != xno \
+ && test "$am_cv_CC_dependencies_compiler_type" = gcc3; then
+ am__fastdepCC_TRUE=
+ am__fastdepCC_FALSE='#'
+else
+ am__fastdepCC_TRUE='#'
+ am__fastdepCC_FALSE=
+fi
+
+
+if test "x$CC" != xcc; then
+ { $as_echo "$as_me:${as_lineno-12377}: checking whether $CC and cc understand -c and -o together" >&5
+$as_echo_n "checking whether $CC and cc understand -c and -o together... " >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-12380}: checking whether cc understands -c and -o together" >&5
+$as_echo_n "checking whether cc understands -c and -o together... " >&6; }
+fi
+set dummy $CC; ac_cc=`$as_echo "$2" |
+ sed 's/[^a-zA-Z0-9_]/_/g;s/^[0-9]/_/'`
+if eval \${ac_cv_prog_cc_${ac_cc}_c_o+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+# Make sure it works both with $CC and with simple cc.
+# We do the test twice because some compilers refuse to overwrite an
+# existing .o file with -o, though they will create one.
+ac_try='$CC -c conftest.$ac_ext -o conftest2.$ac_objext >&5'
+rm -f conftest2.*
+if { { case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-12408}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+ (eval "$ac_try") 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-12412}: \$? = $ac_status" >&5
+ test $ac_status = 0; } &&
+ test -f conftest2.$ac_objext && { { case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-12418}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+ (eval "$ac_try") 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-12422}: \$? = $ac_status" >&5
+ test $ac_status = 0; };
+then
+ eval ac_cv_prog_cc_${ac_cc}_c_o=yes
+ if test "x$CC" != xcc; then
+ # Test first that cc exists at all.
+ if { ac_try='cc -c conftest.$ac_ext >&5'
+ { { case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-12433}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+ (eval "$ac_try") 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-12437}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; }; then
+ ac_try='cc -c conftest.$ac_ext -o conftest2.$ac_objext >&5'
+ rm -f conftest2.*
+ if { { case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-12445}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+ (eval "$ac_try") 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-12449}: \$? = $ac_status" >&5
+ test $ac_status = 0; } &&
+ test -f conftest2.$ac_objext && { { case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-12455}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+ (eval "$ac_try") 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-12459}: \$? = $ac_status" >&5
+ test $ac_status = 0; };
+ then
+ # cc works too.
+ :
+ else
+ # cc exists but doesn't like -o.
+ eval ac_cv_prog_cc_${ac_cc}_c_o=no
+ fi
+ fi
+ fi
+else
+ eval ac_cv_prog_cc_${ac_cc}_c_o=no
+fi
+rm -f core conftest*
+
+fi
+if eval test \$ac_cv_prog_cc_${ac_cc}_c_o = yes; then
+ { $as_echo "$as_me:${as_lineno-12477}: result: yes" >&5
+$as_echo "yes" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-12480}: result: no" >&5
+$as_echo "no" >&6; }
+
+$as_echo "#define NO_MINUS_C_MINUS_O 1" >>confdefs.h
+
+fi
+
+# FIXME: we rely on the cache variable name because
+# there is no other way.
+set dummy $CC
+am_cc=`echo $2 | sed 's/[^a-zA-Z0-9_]/_/g;s/^[0-9]/_/'`
+eval am_t=\$ac_cv_prog_cc_${am_cc}_c_o
+if test "$am_t" != yes; then
+ # Losing compiler, so override with the script.
+ # FIXME: It is wrong to rewrite CC.
+ # But if we don't then we get into trouble of one sort or another.
+ # A longer-term fix would be to have automake use am__CC in this case,
+ # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)"
+ CC="$am_aux_dir/compile $CC"
+fi
+
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+{ $as_echo "$as_me:${as_lineno-12507}: checking how to run the C preprocessor" >&5
+$as_echo_n "checking how to run the C preprocessor... " >&6; }
+# On Suns, sometimes $CPP names a directory.
+if test -n "$CPP" && test -d "$CPP"; then
+ CPP=
+fi
+if test -z "$CPP"; then
+ if ${ac_cv_prog_CPP+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ # Double quotes because CPP needs to be expanded
+ for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp"
+ do
+ ac_preproc_ok=false
+for ac_c_preproc_warn_flag in '' yes
+do
+ # Use a header file that comes with gcc, so configuring glibc
+ # with a fresh cross-compiler works.
+ # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+ # <limits.h> exists even on freestanding compilers.
+ # On the NeXT, cc -E runs the code through the compiler's parser,
+ # not just through cpp. "Syntax error" is here to catch this case.
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+ Syntax error
+_ACEOF
+if ac_fn_c_try_cpp "12538"; then :
+
+else
+ # Broken: fails on valid input.
+continue
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+ # OK, works on sane cases. Now check whether nonexistent headers
+ # can be detected and how.
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <ac_nonexistent.h>
+_ACEOF
+if ac_fn_c_try_cpp "12552"; then :
+ # Broken: success on invalid input.
+continue
+else
+ # Passes both tests.
+ac_preproc_ok=:
+break
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+done
+# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
+rm -f conftest.i conftest.err conftest.$ac_ext
+if $ac_preproc_ok; then :
+ break
+fi
+
+ done
+ ac_cv_prog_CPP=$CPP
+
+fi
+ CPP=$ac_cv_prog_CPP
+else
+ ac_cv_prog_CPP=$CPP
+fi
+{ $as_echo "$as_me:${as_lineno-12577}: result: $CPP" >&5
+$as_echo "$CPP" >&6; }
+ac_preproc_ok=false
+for ac_c_preproc_warn_flag in '' yes
+do
+ # Use a header file that comes with gcc, so configuring glibc
+ # with a fresh cross-compiler works.
+ # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+ # <limits.h> exists even on freestanding compilers.
+ # On the NeXT, cc -E runs the code through the compiler's parser,
+ # not just through cpp. "Syntax error" is here to catch this case.
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+ Syntax error
+_ACEOF
+if ac_fn_c_try_cpp "12597"; then :
+
+else
+ # Broken: fails on valid input.
+continue
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+ # OK, works on sane cases. Now check whether nonexistent headers
+ # can be detected and how.
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <ac_nonexistent.h>
+_ACEOF
+if ac_fn_c_try_cpp "12611"; then :
+ # Broken: success on invalid input.
+continue
+else
+ # Passes both tests.
+ac_preproc_ok=:
+break
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+done
+# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
+rm -f conftest.i conftest.err conftest.$ac_ext
+if $ac_preproc_ok; then :
+
+else
+ { { $as_echo "$as_me:${as_lineno-12627}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "C preprocessor \"$CPP\" fails sanity check
+See \`config.log' for more details" "12630" 5; }
+fi
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+{ $as_echo "$as_me:${as_lineno-12640}: checking whether ln -s works" >&5
+$as_echo_n "checking whether ln -s works... " >&6; }
+LN_S=$as_ln_s
+if test "$LN_S" = "ln -s"; then
+ { $as_echo "$as_me:${as_lineno-12644}: result: yes" >&5
+$as_echo "yes" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-12647}: result: no, using $LN_S" >&5
+$as_echo "no, using $LN_S" >&6; }
+fi
+
+{ $as_echo "$as_me:${as_lineno-12651}: checking whether ${MAKE-make} sets \$(MAKE)" >&5
+$as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; }
+set x ${MAKE-make}
+ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'`
+if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat >conftest.make <<\_ACEOF
+SHELL = /bin/sh
+all:
+ @echo '@@@%%%=$(MAKE)=@@@%%%'
+_ACEOF
+# GNU make sometimes prints "make[1]: Entering ...", which would confuse us.
+case `${MAKE-make} -f conftest.make 2>/dev/null` in
+ *@@@%%%=?*=@@@%%%*)
+ eval ac_cv_prog_make_${ac_make}_set=yes;;
+ *)
+ eval ac_cv_prog_make_${ac_make}_set=no;;
+esac
+rm -f conftest.make
+fi
+if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then
+ { $as_echo "$as_me:${as_lineno-12673}: result: yes" >&5
+$as_echo "yes" >&6; }
+ SET_MAKE=
+else
+ { $as_echo "$as_me:${as_lineno-12677}: result: no" >&5
+$as_echo "no" >&6; }
+ SET_MAKE="MAKE=${MAKE-make}"
+fi
+
+
+for ac_prog in flex lex
+do
+ # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-12687}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_LEX+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$LEX"; then
+ ac_cv_prog_LEX="$LEX" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_LEX="$ac_prog"
+ $as_echo "$as_me:${as_lineno-12703}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+LEX=$ac_cv_prog_LEX
+if test -n "$LEX"; then
+ { $as_echo "$as_me:${as_lineno-12714}: result: $LEX" >&5
+$as_echo "$LEX" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-12717}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+ test -n "$LEX" && break
+done
+test -n "$LEX" || LEX=":"
+
+if test "x$LEX" != "x:"; then
+ cat >conftest.l <<_ACEOF
+%%
+a { ECHO; }
+b { REJECT; }
+c { yymore (); }
+d { yyless (1); }
+e { yyless (input () != 0); }
+f { unput (yytext[0]); }
+. { BEGIN INITIAL; }
+%%
+#ifdef YYTEXT_POINTER
+extern char *yytext;
+#endif
+int
+main (void)
+{
+ return ! yylex () + ! yywrap ();
+}
+_ACEOF
+{ { ac_try="$LEX conftest.l"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-12751}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+ (eval "$LEX conftest.l") 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-12755}: \$? = $ac_status" >&5
+ test $ac_status = 0; }
+{ $as_echo "$as_me:${as_lineno-12757}: checking lex output file root" >&5
+$as_echo_n "checking lex output file root... " >&6; }
+if ${ac_cv_prog_lex_root+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+
+if test -f lex.yy.c; then
+ ac_cv_prog_lex_root=lex.yy
+elif test -f lexyy.c; then
+ ac_cv_prog_lex_root=lexyy
+else
+ as_fn_error $? "cannot find output from $LEX; giving up" "12768" 5
+fi
+fi
+{ $as_echo "$as_me:${as_lineno-12771}: result: $ac_cv_prog_lex_root" >&5
+$as_echo "$ac_cv_prog_lex_root" >&6; }
+LEX_OUTPUT_ROOT=$ac_cv_prog_lex_root
+
+if test -z "${LEXLIB+set}"; then
+ { $as_echo "$as_me:${as_lineno-12776}: checking lex library" >&5
+$as_echo_n "checking lex library... " >&6; }
+if ${ac_cv_lib_lex+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+
+ ac_save_LIBS=$LIBS
+ ac_cv_lib_lex='none needed'
+ for ac_lib in '' -lfl -ll; do
+ LIBS="$ac_lib $ac_save_LIBS"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+`cat $LEX_OUTPUT_ROOT.c`
+_ACEOF
+if ac_fn_c_try_link "12790"; then :
+ ac_cv_lib_lex=$ac_lib
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+ test "$ac_cv_lib_lex" != 'none needed' && break
+ done
+ LIBS=$ac_save_LIBS
+
+fi
+{ $as_echo "$as_me:${as_lineno-12800}: result: $ac_cv_lib_lex" >&5
+$as_echo "$ac_cv_lib_lex" >&6; }
+ test "$ac_cv_lib_lex" != 'none needed' && LEXLIB=$ac_cv_lib_lex
+fi
+
+
+{ $as_echo "$as_me:${as_lineno-12806}: checking whether yytext is a pointer" >&5
+$as_echo_n "checking whether yytext is a pointer... " >&6; }
+if ${ac_cv_prog_lex_yytext_pointer+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ # POSIX says lex can declare yytext either as a pointer or an array; the
+# default is implementation-dependent. Figure out which it is, since
+# not all implementations provide the %pointer and %array declarations.
+ac_cv_prog_lex_yytext_pointer=no
+ac_save_LIBS=$LIBS
+LIBS="$LEXLIB $ac_save_LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+ #define YYTEXT_POINTER 1
+`cat $LEX_OUTPUT_ROOT.c`
+_ACEOF
+if ac_fn_c_try_link "12823"; then :
+ ac_cv_prog_lex_yytext_pointer=yes
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_save_LIBS
+
+fi
+{ $as_echo "$as_me:${as_lineno-12831}: result: $ac_cv_prog_lex_yytext_pointer" >&5
+$as_echo "$ac_cv_prog_lex_yytext_pointer" >&6; }
+if test $ac_cv_prog_lex_yytext_pointer = yes; then
+
+$as_echo "#define YYTEXT_POINTER 1" >>confdefs.h
+
+fi
+rm -f conftest.l $LEX_OUTPUT_ROOT.c
+
+fi
+if test "x$LEX" != xflex; then
+ echo "************************"
+ echo "flex not found"
+ echo "************************"
+ exit -1
+fi
+
+for ac_prog in 'bison -y' byacc
+do
+ # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-12852}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_YACC+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test -n "$YACC"; then
+ ac_cv_prog_YACC="$YACC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_prog_YACC="$ac_prog"
+ $as_echo "$as_me:${as_lineno-12868}: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
+ fi
+done
+ done
+IFS=$as_save_IFS
+
+fi
+fi
+YACC=$ac_cv_prog_YACC
+if test -n "$YACC"; then
+ { $as_echo "$as_me:${as_lineno-12879}: result: $YACC" >&5
+$as_echo "$YACC" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-12882}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+ test -n "$YACC" && break
+done
+test -n "$YACC" || YACC="yacc"
+
+if test "x$YACC" != "xbison -y"; then
+ echo "************************"
+ echo "bison not found"
+ echo "************************"
+ exit -1
+fi
+
+# Checks for libraries.
+lib_err_msg="add its path to LDFLAGS\nsee ./configure --help"
+{ $as_echo "$as_me:${as_lineno-12900}: checking for pow in -lm" >&5
+$as_echo_n "checking for pow in -lm... " >&6; }
+if ${ac_cv_lib_m_pow+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lm $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char pow ();
+int
+main ()
+{
+return pow ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "12925"; then :
+ ac_cv_lib_m_pow=yes
+else
+ ac_cv_lib_m_pow=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-12934}: result: $ac_cv_lib_m_pow" >&5
+$as_echo "$ac_cv_lib_m_pow" >&6; }
+if test "x$ac_cv_lib_m_pow" = xyes; then :
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_LIBM 1
+_ACEOF
+
+ LIBS="-lm $LIBS"
+
+else
+
+ echo "************************"
+ echo "m library not found"
+ echo -e $lib_err_msg
+ echo "************************"
+ exit -1
+
+fi
+
+{ $as_echo "$as_me:${as_lineno-12953}: checking for __gmpz_init in -lgmp" >&5
+$as_echo_n "checking for __gmpz_init in -lgmp... " >&6; }
+if ${ac_cv_lib_gmp___gmpz_init+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lgmp $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char __gmpz_init ();
+int
+main ()
+{
+return __gmpz_init ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "12978"; then :
+ ac_cv_lib_gmp___gmpz_init=yes
+else
+ ac_cv_lib_gmp___gmpz_init=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-12987}: result: $ac_cv_lib_gmp___gmpz_init" >&5
+$as_echo "$ac_cv_lib_gmp___gmpz_init" >&6; }
+if test "x$ac_cv_lib_gmp___gmpz_init" = xyes; then :
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_LIBGMP 1
+_ACEOF
+
+ LIBS="-lgmp $LIBS"
+
+else
+
+ echo "************************"
+ echo "gmp library not found"
+ echo -e $lib_err_msg
+ echo "************************"
+ exit -1
+
+fi
+
+LIBS=
+
+# Checks for header files.
+ac_fn_c_check_type "13009" "size_t" "ac_cv_type_size_t" "$ac_includes_default"
+if test "x$ac_cv_type_size_t" = xyes; then :
+
+else
+
+cat >>confdefs.h <<_ACEOF
+#define size_t unsigned int
+_ACEOF
+
+fi
+
+# The Ultrix 4.2 mips builtin alloca declared by alloca.h only works
+# for constant arguments. Useless!
+{ $as_echo "$as_me:${as_lineno-13022}: checking for working alloca.h" >&5
+$as_echo_n "checking for working alloca.h... " >&6; }
+if ${ac_cv_working_alloca_h+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <alloca.h>
+int
+main ()
+{
+char *p = (char *) alloca (2 * sizeof (int));
+ if (p) return 0;
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "13039"; then :
+ ac_cv_working_alloca_h=yes
+else
+ ac_cv_working_alloca_h=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+fi
+{ $as_echo "$as_me:${as_lineno-13047}: result: $ac_cv_working_alloca_h" >&5
+$as_echo "$ac_cv_working_alloca_h" >&6; }
+if test $ac_cv_working_alloca_h = yes; then
+
+$as_echo "#define HAVE_ALLOCA_H 1" >>confdefs.h
+
+fi
+
+{ $as_echo "$as_me:${as_lineno-13055}: checking for alloca" >&5
+$as_echo_n "checking for alloca... " >&6; }
+if ${ac_cv_func_alloca_works+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#ifdef __GNUC__
+# define alloca __builtin_alloca
+#else
+# ifdef _MSC_VER
+# include <malloc.h>
+# define alloca _alloca
+# else
+# ifdef HAVE_ALLOCA_H
+# include <alloca.h>
+# else
+# ifdef _AIX
+ #pragma alloca
+# else
+# ifndef alloca /* predefined by HP cc +Olibcalls */
+void *alloca (size_t);
+# endif
+# endif
+# endif
+# endif
+#endif
+
+int
+main ()
+{
+char *p = (char *) alloca (1);
+ if (p) return 0;
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "13092"; then :
+ ac_cv_func_alloca_works=yes
+else
+ ac_cv_func_alloca_works=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+fi
+{ $as_echo "$as_me:${as_lineno-13100}: result: $ac_cv_func_alloca_works" >&5
+$as_echo "$ac_cv_func_alloca_works" >&6; }
+
+if test $ac_cv_func_alloca_works = yes; then
+
+$as_echo "#define HAVE_ALLOCA 1" >>confdefs.h
+
+else
+ # The SVR3 libPW and SVR4 libucb both contain incompatible functions
+# that cause trouble. Some versions do not even contain alloca or
+# contain a buggy version. If you still want to use their alloca,
+# use ar to extract alloca.o from them instead of compiling alloca.c.
+
+ALLOCA=\${LIBOBJDIR}alloca.$ac_objext
+
+$as_echo "#define C_ALLOCA 1" >>confdefs.h
+
+
+{ $as_echo "$as_me:${as_lineno-13118}: checking whether \`alloca.c' needs Cray hooks" >&5
+$as_echo_n "checking whether \`alloca.c' needs Cray hooks... " >&6; }
+if ${ac_cv_os_cray+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#if defined CRAY && ! defined CRAY2
+webecray
+#else
+wenotbecray
+#endif
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "webecray" >/dev/null 2>&1; then :
+ ac_cv_os_cray=yes
+else
+ ac_cv_os_cray=no
+fi
+rm -f conftest*
+
+fi
+{ $as_echo "$as_me:${as_lineno-13141}: result: $ac_cv_os_cray" >&5
+$as_echo "$ac_cv_os_cray" >&6; }
+if test $ac_cv_os_cray = yes; then
+ for ac_func in _getb67 GETB67 getb67; do
+ as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
+ac_fn_c_check_func "13146" "$ac_func" "$as_ac_var"
+if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
+
+cat >>confdefs.h <<_ACEOF
+#define CRAY_STACKSEG_END $ac_func
+_ACEOF
+
+ break
+fi
+
+ done
+fi
+
+{ $as_echo "$as_me:${as_lineno-13159}: checking stack direction for C alloca" >&5
+$as_echo_n "checking stack direction for C alloca... " >&6; }
+if ${ac_cv_c_stack_direction+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test "$cross_compiling" = yes; then :
+ ac_cv_c_stack_direction=0
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$ac_includes_default
+int
+find_stack_direction ()
+{
+ static char *addr = 0;
+ auto char dummy;
+ if (addr == 0)
+ {
+ addr = &dummy;
+ return find_stack_direction ();
+ }
+ else
+ return (&dummy > addr) ? 1 : -1;
+}
+
+int
+main ()
+{
+ return find_stack_direction () < 0;
+}
+_ACEOF
+if ac_fn_c_try_run "13190"; then :
+ ac_cv_c_stack_direction=1
+else
+ ac_cv_c_stack_direction=-1
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+ conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-13200}: result: $ac_cv_c_stack_direction" >&5
+$as_echo "$ac_cv_c_stack_direction" >&6; }
+cat >>confdefs.h <<_ACEOF
+#define STACK_DIRECTION $ac_cv_c_stack_direction
+_ACEOF
+
+
+fi
+
+{ $as_echo "$as_me:${as_lineno-13209}: checking for ANSI C header files" >&5
+$as_echo_n "checking for ANSI C header files... " >&6; }
+if ${ac_cv_header_stdc+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <stdlib.h>
+#include <stdarg.h>
+#include <string.h>
+#include <float.h>
+
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "13229"; then :
+ ac_cv_header_stdc=yes
+else
+ ac_cv_header_stdc=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+if test $ac_cv_header_stdc = yes; then
+ # SunOS 4.x string.h does not declare mem*, contrary to ANSI.
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <string.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "memchr" >/dev/null 2>&1; then :
+
+else
+ ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+fi
+
+if test $ac_cv_header_stdc = yes; then
+ # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <stdlib.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ $EGREP "free" >/dev/null 2>&1; then :
+
+else
+ ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+fi
+
+if test $ac_cv_header_stdc = yes; then
+ # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi.
+ if test "$cross_compiling" = yes; then :
+ :
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <ctype.h>
+#include <stdlib.h>
+#if ((' ' & 0x0FF) == 0x020)
+# define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
+# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c))
+#else
+# define ISLOWER(c) \
+ (('a' <= (c) && (c) <= 'i') \
+ || ('j' <= (c) && (c) <= 'r') \
+ || ('s' <= (c) && (c) <= 'z'))
+# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c))
+#endif
+
+#define XOR(e, f) (((e) && !(f)) || (!(e) && (f)))
+int
+main ()
+{
+ int i;
+ for (i = 0; i < 256; i++)
+ if (XOR (islower (i), ISLOWER (i))
+ || toupper (i) != TOUPPER (i))
+ return 2;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "13302"; then :
+
+else
+ ac_cv_header_stdc=no
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+ conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+
+fi
+fi
+{ $as_echo "$as_me:${as_lineno-13313}: result: $ac_cv_header_stdc" >&5
+$as_echo "$ac_cv_header_stdc" >&6; }
+if test $ac_cv_header_stdc = yes; then
+
+$as_echo "#define STDC_HEADERS 1" >>confdefs.h
+
+fi
+
+for ac_header in stdlib.h string.h sys/time.h
+do :
+ as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
+ac_fn_c_check_header_mongrel "13324" "$ac_header" "$as_ac_Header" "$ac_includes_default"
+if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
+ cat >>confdefs.h <<_ACEOF
+#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
+# Checks for typedefs, structures, and compiler characteristics.
+{ $as_echo "$as_me:${as_lineno-13336}: checking for an ANSI C-conforming const" >&5
+$as_echo_n "checking for an ANSI C-conforming const... " >&6; }
+if ${ac_cv_c_const+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+int
+main ()
+{
+/* FIXME: Include the comments suggested by Paul. */
+#ifndef __cplusplus
+ /* Ultrix mips cc rejects this. */
+ typedef int charset[2];
+ const charset cs;
+ /* SunOS 4.1.1 cc rejects this. */
+ char const *const *pcpcc;
+ char **ppc;
+ /* NEC SVR4.0.2 mips cc rejects this. */
+ struct point {int x, y;};
+ static struct point const zero = {0,0};
+ /* AIX XL C 1.02.0.0 rejects this.
+ It does not let you subtract one const X* pointer from another in
+ an arm of an if-expression whose if-part is not a constant
+ expression */
+ const char *g = "string";
+ pcpcc = &g + (g ? g-g : 0);
+ /* HPUX 7.0 cc rejects these. */
+ ++pcpcc;
+ ppc = (char**) pcpcc;
+ pcpcc = (char const *const *) ppc;
+ { /* SCO 3.2v4 cc rejects this. */
+ char *t;
+ char const *s = 0 ? (char *) 0 : (char const *) 0;
+
+ *t++ = 0;
+ if (s) return 0;
+ }
+ { /* Someone thinks the Sun supposedly-ANSI compiler will reject this. */
+ int x[] = {25, 17};
+ const int *foo = &x[0];
+ ++foo;
+ }
+ { /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */
+ typedef const int *iptr;
+ iptr p = 0;
+ ++p;
+ }
+ { /* AIX XL C 1.02.0.0 rejects this saying
+ "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */
+ struct s { int j; const int *ap[3]; };
+ struct s *b; b->j = 5;
+ }
+ { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */
+ const int foo = 10;
+ if (!foo) return 0;
+ }
+ return !cs[0] && !zero.x;
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "13401"; then :
+ ac_cv_c_const=yes
+else
+ ac_cv_c_const=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+{ $as_echo "$as_me:${as_lineno-13408}: result: $ac_cv_c_const" >&5
+$as_echo "$ac_cv_c_const" >&6; }
+if test $ac_cv_c_const = no; then
+
+$as_echo "#define const /**/" >>confdefs.h
+
+fi
+
+{ $as_echo "$as_me:${as_lineno-13416}: checking for inline" >&5
+$as_echo_n "checking for inline... " >&6; }
+if ${ac_cv_c_inline+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_cv_c_inline=no
+for ac_kw in inline __inline__ __inline; do
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#ifndef __cplusplus
+typedef int foo_t;
+static $ac_kw foo_t static_foo () {return 0; }
+$ac_kw foo_t foo () {return 0; }
+#endif
+
+_ACEOF
+if ac_fn_c_try_compile "13432"; then :
+ ac_cv_c_inline=$ac_kw
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ test "$ac_cv_c_inline" != no && break
+done
+
+fi
+{ $as_echo "$as_me:${as_lineno-13440}: result: $ac_cv_c_inline" >&5
+$as_echo "$ac_cv_c_inline" >&6; }
+
+case $ac_cv_c_inline in
+ inline | yes) ;;
+ *)
+ case $ac_cv_c_inline in
+ no) ac_val=;;
+ *) ac_val=$ac_cv_c_inline;;
+ esac
+ cat >>confdefs.h <<_ACEOF
+#ifndef __cplusplus
+#define inline $ac_val
+#endif
+_ACEOF
+ ;;
+esac
+
+ac_fn_c_check_type "13458" "size_t" "ac_cv_type_size_t" "$ac_includes_default"
+if test "x$ac_cv_type_size_t" = xyes; then :
+
+else
+
+cat >>confdefs.h <<_ACEOF
+#define size_t unsigned int
+_ACEOF
+
+fi
+
+{ $as_echo "$as_me:${as_lineno-13469}: checking whether time.h and sys/time.h may both be included" >&5
+$as_echo_n "checking whether time.h and sys/time.h may both be included... " >&6; }
+if ${ac_cv_header_time+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <sys/types.h>
+#include <sys/time.h>
+#include <time.h>
+
+int
+main ()
+{
+if ((struct tm *) 0)
+return 0;
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "13489"; then :
+ ac_cv_header_time=yes
+else
+ ac_cv_header_time=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+{ $as_echo "$as_me:${as_lineno-13496}: result: $ac_cv_header_time" >&5
+$as_echo "$ac_cv_header_time" >&6; }
+if test $ac_cv_header_time = yes; then
+
+$as_echo "#define TIME_WITH_SYS_TIME 1" >>confdefs.h
+
+fi
+
+
+with_enable_optimized="no"
+# Check whether --enable-optimized was given.
+if test "${enable_optimized+set}" = set; then :
+ enableval=$enable_optimized; with_enable_optimized="$withval"
+else
+ with_enable_optimized="no"
+fi
+
+
+
+with_safe_clean=n
+# Check whether --enable-safe-clean was given.
+if test "${enable_safe_clean+set}" = set; then :
+ enableval=$enable_safe_clean; with_safe_clean=y
+else
+ with_safe_clean=n
+fi
+
+
+with_debug=n
+# Check whether --enable-debug was given.
+if test "${enable_debug+set}" = set; then :
+ enableval=$enable_debug; with_debug=y
+else
+ with_debug=n
+fi
+
+
+CFLAGS="$CFLAGS -Wall -W -Wfloat-equal -Wpointer-arith -Wcast-align -Wstrict-prototypes -Wredundant-decls \
+-Wendif-labels -Wshadow -pipe -ffast-math -U__STRICT_ANSI__ -std=gnu99"
+if test "$with_debug" == "y"; then
+ CFLAGS="$CFLAGS -g3 -O0"
+elif test "$with_enable_optimized" != "no"; then
+ CFLAGS="$CFLAGS -g -O2"
+else
+ CFLAGS="$CFLAGS -fomit-frame-pointer -O3"
+fi
+
+if test "$with_safe_clean" != "n"; then
+ CFLAGS="$CFLAGS -DSAFE_CLEAN"
+fi
+
+# Checks for library functions.
+for ac_header in stdlib.h
+do :
+ ac_fn_c_check_header_mongrel "13550" "stdlib.h" "ac_cv_header_stdlib_h" "$ac_includes_default"
+if test "x$ac_cv_header_stdlib_h" = xyes; then :
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_STDLIB_H 1
+_ACEOF
+
+fi
+
+done
+
+{ $as_echo "$as_me:${as_lineno-13560}: checking for GNU libc compatible malloc" >&5
+$as_echo_n "checking for GNU libc compatible malloc... " >&6; }
+if ${ac_cv_func_malloc_0_nonnull+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test "$cross_compiling" = yes; then :
+ ac_cv_func_malloc_0_nonnull=no
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#if defined STDC_HEADERS || defined HAVE_STDLIB_H
+# include <stdlib.h>
+#else
+char *malloc ();
+#endif
+
+int
+main ()
+{
+return ! malloc (0);
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "13584"; then :
+ ac_cv_func_malloc_0_nonnull=yes
+else
+ ac_cv_func_malloc_0_nonnull=no
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+ conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-13594}: result: $ac_cv_func_malloc_0_nonnull" >&5
+$as_echo "$ac_cv_func_malloc_0_nonnull" >&6; }
+if test $ac_cv_func_malloc_0_nonnull = yes; then :
+
+$as_echo "#define HAVE_MALLOC 1" >>confdefs.h
+
+else
+ $as_echo "#define HAVE_MALLOC 0" >>confdefs.h
+
+ case " $LIBOBJS " in
+ *" malloc.$ac_objext "* ) ;;
+ *) LIBOBJS="$LIBOBJS malloc.$ac_objext"
+ ;;
+esac
+
+
+$as_echo "#define malloc rpl_malloc" >>confdefs.h
+
+fi
+
+
+for ac_header in stdlib.h
+do :
+ ac_fn_c_check_header_mongrel "13617" "stdlib.h" "ac_cv_header_stdlib_h" "$ac_includes_default"
+if test "x$ac_cv_header_stdlib_h" = xyes; then :
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_STDLIB_H 1
+_ACEOF
+
+fi
+
+done
+
+{ $as_echo "$as_me:${as_lineno-13627}: checking for GNU libc compatible realloc" >&5
+$as_echo_n "checking for GNU libc compatible realloc... " >&6; }
+if ${ac_cv_func_realloc_0_nonnull+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if test "$cross_compiling" = yes; then :
+ ac_cv_func_realloc_0_nonnull=no
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#if defined STDC_HEADERS || defined HAVE_STDLIB_H
+# include <stdlib.h>
+#else
+char *realloc ();
+#endif
+
+int
+main ()
+{
+return ! realloc (0, 0);
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "13651"; then :
+ ac_cv_func_realloc_0_nonnull=yes
+else
+ ac_cv_func_realloc_0_nonnull=no
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+ conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-13661}: result: $ac_cv_func_realloc_0_nonnull" >&5
+$as_echo "$ac_cv_func_realloc_0_nonnull" >&6; }
+if test $ac_cv_func_realloc_0_nonnull = yes; then :
+
+$as_echo "#define HAVE_REALLOC 1" >>confdefs.h
+
+else
+ $as_echo "#define HAVE_REALLOC 0" >>confdefs.h
+
+ case " $LIBOBJS " in
+ *" realloc.$ac_objext "* ) ;;
+ *) LIBOBJS="$LIBOBJS realloc.$ac_objext"
+ ;;
+esac
+
+
+$as_echo "#define realloc rpl_realloc" >>confdefs.h
+
+fi
+
+
+for ac_func in floor gettimeofday memmove memset pow sqrt strchr strdup
+do :
+ as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
+ac_fn_c_check_func "13685" "$ac_func" "$as_ac_var"
+if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
+ cat >>confdefs.h <<_ACEOF
+#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
+
+ac_config_files="$ac_config_files Makefile example/Makefile gen/Makefile"
+
+cat >confcache <<\_ACEOF
+# This file is a shell script that caches the results of configure
+# tests run on this system so they can be shared between configure
+# scripts and configure runs, see configure's option --config-cache.
+# It is not useful on other systems. If it contains results you don't
+# want to keep, you may remove or edit it.
+#
+# config.status only pays attention to the cache file if you give it
+# the --recheck option to rerun configure.
+#
+# `ac_cv_env_foo' variables (set or unset) will be overridden when
+# loading this file, other *unset* `ac_cv_foo' will be assigned the
+# following values.
+
+_ACEOF
+
+# The following way of writing the cache mishandles newlines in values,
+# but we know of no workaround that is simple, portable, and efficient.
+# So, we kill variables containing newlines.
+# Ultrix sh set writes to stderr and can't be redirected directly,
+# and sets the high bit in the cache file unless we assign to the vars.
+(
+ for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do
+ eval ac_val=\$$ac_var
+ case $ac_val in #(
+ *${as_nl}*)
+ case $ac_var in #(
+ *_cv_*) { $as_echo "$as_me:${as_lineno-13724}: WARNING: cache variable $ac_var contains a newline" >&5
+$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;;
+ esac
+ case $ac_var in #(
+ _ | IFS | as_nl) ;; #(
+ BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #(
+ *) { eval $ac_var=; unset $ac_var;} ;;
+ esac ;;
+ esac
+ done
+
+ (set) 2>&1 |
+ case $as_nl`(ac_space=' '; set) 2>&1` in #(
+ *${as_nl}ac_space=\ *)
+ # `set' does not quote correctly, so add quotes: double-quote
+ # substitution turns \\\\ into \\, and sed turns \\ into \.
+ sed -n \
+ "s/'/'\\\\''/g;
+ s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p"
+ ;; #(
+ *)
+ # `set' quotes correctly as required by POSIX, so do not add quotes.
+ sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p"
+ ;;
+ esac |
+ sort
+) |
+ sed '
+ /^ac_cv_env_/b end
+ t clear
+ :clear
+ s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/
+ t end
+ s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/
+ :end' >>confcache
+if diff "$cache_file" confcache >/dev/null 2>&1; then :; else
+ if test -w "$cache_file"; then
+ if test "x$cache_file" != "x/dev/null"; then
+ { $as_echo "$as_me:${as_lineno-13762}: updating cache $cache_file" >&5
+$as_echo "$as_me: updating cache $cache_file" >&6;}
+ if test ! -f "$cache_file" || test -h "$cache_file"; then
+ cat confcache >"$cache_file"
+ else
+ case $cache_file in #(
+ */* | ?:*)
+ mv -f confcache "$cache_file"$$ &&
+ mv -f "$cache_file"$$ "$cache_file" ;; #(
+ *)
+ mv -f confcache "$cache_file" ;;
+ esac
+ fi
+ fi
+ else
+ { $as_echo "$as_me:${as_lineno-13777}: not updating unwritable cache $cache_file" >&5
+$as_echo "$as_me: not updating unwritable cache $cache_file" >&6;}
+ fi
+fi
+rm -f confcache
+
+test "x$prefix" = xNONE && prefix=$ac_default_prefix
+# Let make expand exec_prefix.
+test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
+
+DEFS=-DHAVE_CONFIG_H
+
+ac_libobjs=
+ac_ltlibobjs=
+U=
+for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue
+ # 1. Remove the extension, and $U if already installed.
+ ac_script='s/\$U\././;s/\.o$//;s/\.obj$//'
+ ac_i=`$as_echo "$ac_i" | sed "$ac_script"`
+ # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR
+ # will be set to the directory where LIBOBJS objects are built.
+ as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext"
+ as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo'
+done
+LIBOBJS=$ac_libobjs
+
+LTLIBOBJS=$ac_ltlibobjs
+
+
+ if test -n "$EXEEXT"; then
+ am__EXEEXT_TRUE=
+ am__EXEEXT_FALSE='#'
+else
+ am__EXEEXT_TRUE='#'
+ am__EXEEXT_FALSE=
+fi
+
+if test -z "${AMDEP_TRUE}" && test -z "${AMDEP_FALSE}"; then
+ as_fn_error $? "conditional \"AMDEP\" was never defined.
+Usually this means the macro was only invoked conditionally." "13816" 5
+fi
+if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then
+ as_fn_error $? "conditional \"am__fastdepCC\" was never defined.
+Usually this means the macro was only invoked conditionally." "13820" 5
+fi
+if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then
+ as_fn_error $? "conditional \"am__fastdepCC\" was never defined.
+Usually this means the macro was only invoked conditionally." "13824" 5
+fi
+
+: "${CONFIG_STATUS=./config.status}"
+ac_write_fail=0
+ac_clean_files_save=$ac_clean_files
+ac_clean_files="$ac_clean_files $CONFIG_STATUS"
+{ $as_echo "$as_me:${as_lineno-13831}: creating $CONFIG_STATUS" >&5
+$as_echo "$as_me: creating $CONFIG_STATUS" >&6;}
+as_write_fail=0
+cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1
+#! $SHELL
+# Generated by $as_me.
+# Run this file to recreate the current configuration.
+# Compiler output produced by configure, useful for debugging
+# configure, is in config.log if it exists.
+
+debug=false
+ac_cs_recheck=false
+ac_cs_silent=false
+
+SHELL=\${CONFIG_SHELL-$SHELL}
+export SHELL
+_ASEOF
+cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1
+## -------------------- ##
+## M4sh Initialization. ##
+## -------------------- ##
+
+# Be more Bourne compatible
+DUALCASE=1; export DUALCASE # for MKS sh
+if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then :
+ emulate sh
+ NULLCMD=:
+ # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
+ # is contrary to our usage. Disable this feature.
+ alias -g '${1+"$@"}'='"$@"'
+ setopt NO_GLOB_SUBST
+else
+ case `(set -o) 2>/dev/null` in #(
+ *posix*) :
+ set -o posix ;; #(
+ *) :
+ ;;
+esac
+fi
+
+
+as_nl='
+'
+export as_nl
+# Printing a long string crashes Solaris 7 /usr/bin/printf.
+as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo
+as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo
+# Prefer a ksh shell builtin over an external printf program on Solaris,
+# but without wasting forks for bash or zsh.
+if test -z "$BASH_VERSION$ZSH_VERSION" \
+ && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then
+ as_echo='print -r --'
+ as_echo_n='print -rn --'
+elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then
+ as_echo='printf %s\n'
+ as_echo_n='printf %s'
+else
+ if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then
+ as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"'
+ as_echo_n='/usr/ucb/echo -n'
+ else
+ as_echo_body='eval expr "X$1" : "X\\(.*\\)"'
+ as_echo_n_body='eval
+ arg=$1;
+ case $arg in #(
+ *"$as_nl"*)
+ expr "X$arg" : "X\\(.*\\)$as_nl";
+ arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;;
+ esac;
+ expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl"
+ '
+ export as_echo_n_body
+ as_echo_n='sh -c $as_echo_n_body as_echo'
+ fi
+ export as_echo_body
+ as_echo='sh -c $as_echo_body as_echo'
+fi
+
+# The user is always right.
+if test "${PATH_SEPARATOR+set}" != set; then
+ PATH_SEPARATOR=:
+ (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
+ (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
+ PATH_SEPARATOR=';'
+ }
+fi
+
+
+# IFS
+# We need space, tab and new line, in precisely that order. Quoting is
+# there to prevent editors from complaining about space-tab.
+# (If _AS_PATH_WALK were called with IFS unset, it would disable word
+# splitting by setting IFS to empty value.)
+IFS=" "" $as_nl"
+
+# Find who we are. Look in the path if we contain no directory separator.
+as_myself=
+case $0 in #((
+ *[\\/]* ) as_myself=$0 ;;
+ *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
+ done
+IFS=$as_save_IFS
+
+ ;;
+esac
+# We did not find ourselves, most probably we were run as `sh COMMAND'
+# in which case we are not to be found in the path.
+if test "x$as_myself" = x; then
+ as_myself=$0
+fi
+if test ! -f "$as_myself"; then
+ $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
+ exit 1
+fi
+
+# Unset variables that we do not need and which cause bugs (e.g. in
+# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1"
+# suppresses any "Segmentation fault" message there. '((' could
+# trigger a bug in pdksh 5.2.14.
+for as_var in BASH_ENV ENV MAIL MAILPATH
+do eval test x\${$as_var+set} = xset \
+ && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || :
+done
+PS1='$ '
+PS2='> '
+PS4='+ '
+
+# NLS nuisances.
+LC_ALL=C
+export LC_ALL
+LANGUAGE=C
+export LANGUAGE
+
+# CDPATH.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+
+# as_fn_error STATUS ERROR [LINENO LOG_FD]
+# ----------------------------------------
+# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are
+# provided, also output the error to LOG_FD, referencing LINENO. Then exit the
+# script with STATUS, using 1 if that was 0.
+as_fn_error ()
+{
+ as_status=$1; test $as_status -eq 0 && as_status=1
+ if test "$4"; then
+ as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ $as_echo "$as_me:${as_lineno-13984}: error: $2" >&$4
+ fi
+ $as_echo "$as_me: error: $2" >&2
+ as_fn_exit $as_status
+} # as_fn_error
+
+
+# as_fn_set_status STATUS
+# -----------------------
+# Set $? to STATUS, without forking.
+as_fn_set_status ()
+{
+ return $1
+} # as_fn_set_status
+
+# as_fn_exit STATUS
+# -----------------
+# Exit the shell with STATUS, even in a "trap 0" or "set -e" context.
+as_fn_exit ()
+{
+ set +e
+ as_fn_set_status $1
+ exit $1
+} # as_fn_exit
+
+# as_fn_unset VAR
+# ---------------
+# Portably unset VAR.
+as_fn_unset ()
+{
+ { eval $1=; unset $1;}
+}
+as_unset=as_fn_unset
+# as_fn_append VAR VALUE
+# ----------------------
+# Append the text in VALUE to the end of the definition contained in VAR. Take
+# advantage of any shell optimizations that allow amortized linear growth over
+# repeated appends, instead of the typical quadratic growth present in naive
+# implementations.
+if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then :
+ eval 'as_fn_append ()
+ {
+ eval $1+=\$2
+ }'
+else
+ as_fn_append ()
+ {
+ eval $1=\$$1\$2
+ }
+fi # as_fn_append
+
+# as_fn_arith ARG...
+# ------------------
+# Perform arithmetic evaluation on the ARGs, and store the result in the
+# global $as_val. Take advantage of shells that can avoid forks. The arguments
+# must be portable across $(()) and expr.
+if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then :
+ eval 'as_fn_arith ()
+ {
+ as_val=$(( $* ))
+ }'
+else
+ as_fn_arith ()
+ {
+ as_val=`expr "$@" || test $? -eq 1`
+ }
+fi # as_fn_arith
+
+
+if expr a : '\(a\)' >/dev/null 2>&1 &&
+ test "X`expr 00001 : '.*\(...\)'`" = X001; then
+ as_expr=expr
+else
+ as_expr=false
+fi
+
+if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then
+ as_basename=basename
+else
+ as_basename=false
+fi
+
+if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then
+ as_dirname=dirname
+else
+ as_dirname=false
+fi
+
+as_me=`$as_basename -- "$0" ||
+$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
+ X"$0" : 'X\(//\)$' \| \
+ X"$0" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X/"$0" |
+ sed '/^.*\/\([^/][^/]*\)\/*$/{
+ s//\1/
+ q
+ }
+ /^X\/\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\/\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
+
+# Avoid depending upon Character Ranges.
+as_cr_letters='abcdefghijklmnopqrstuvwxyz'
+as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
+as_cr_Letters=$as_cr_letters$as_cr_LETTERS
+as_cr_digits='0123456789'
+as_cr_alnum=$as_cr_Letters$as_cr_digits
+
+ECHO_C= ECHO_N= ECHO_T=
+case `echo -n x` in #(((((
+-n*)
+ case `echo 'xy\c'` in
+ *c*) ECHO_T=' ';; # ECHO_T is single tab character.
+ xy) ECHO_C='\c';;
+ *) echo `echo ksh88 bug on AIX 6.1` > /dev/null
+ ECHO_T=' ';;
+ esac;;
+*)
+ ECHO_N='-n';;
+esac
+
+rm -f conf$$ conf$$.exe conf$$.file
+if test -d conf$$.dir; then
+ rm -f conf$$.dir/conf$$.file
+else
+ rm -f conf$$.dir
+ mkdir conf$$.dir 2>/dev/null
+fi
+if (echo >conf$$.file) 2>/dev/null; then
+ if ln -s conf$$.file conf$$ 2>/dev/null; then
+ as_ln_s='ln -s'
+ # ... but there are two gotchas:
+ # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
+ # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
+ # In both cases, we have to default to `cp -p'.
+ ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
+ as_ln_s='cp -p'
+ elif ln conf$$.file conf$$ 2>/dev/null; then
+ as_ln_s=ln
+ else
+ as_ln_s='cp -p'
+ fi
+else
+ as_ln_s='cp -p'
+fi
+rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
+rmdir conf$$.dir 2>/dev/null
+
+
+# as_fn_mkdir_p
+# -------------
+# Create "$as_dir" as a directory, including parents if necessary.
+as_fn_mkdir_p ()
+{
+
+ case $as_dir in #(
+ -*) as_dir=./$as_dir;;
+ esac
+ test -d "$as_dir" || eval $as_mkdir_p || {
+ as_dirs=
+ while :; do
+ case $as_dir in #(
+ *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'(
+ *) as_qdir=$as_dir;;
+ esac
+ as_dirs="'$as_qdir' $as_dirs"
+ as_dir=`$as_dirname -- "$as_dir" ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$as_dir" : 'X\(//\)[^/]' \| \
+ X"$as_dir" : 'X\(//\)$' \| \
+ X"$as_dir" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$as_dir" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)[^/].*/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
+ test -d "$as_dir" && break
+ done
+ test -z "$as_dirs" || eval "mkdir $as_dirs"
+ } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir"
+
+
+} # as_fn_mkdir_p
+if mkdir -p . 2>/dev/null; then
+ as_mkdir_p='mkdir -p "$as_dir"'
+else
+ test -d ./-p && rmdir ./-p
+ as_mkdir_p=false
+fi
+
+if test -x / >/dev/null 2>&1; then
+ as_test_x='test -x'
+else
+ if ls -dL / >/dev/null 2>&1; then
+ as_ls_L_option=L
+ else
+ as_ls_L_option=
+ fi
+ as_test_x='
+ eval sh -c '\''
+ if test -d "$1"; then
+ test -d "$1/.";
+ else
+ case $1 in #(
+ -*)set "./$1";;
+ esac;
+ case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #((
+ ???[sx]*):;;*)false;;esac;fi
+ '\'' sh
+ '
+fi
+as_executable_p=$as_test_x
+
+# Sed expression to map a string onto a valid CPP name.
+as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
+
+# Sed expression to map a string onto a valid variable name.
+as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
+
+
+exec 6>&1
+## ----------------------------------- ##
+## Main body of $CONFIG_STATUS script. ##
+## ----------------------------------- ##
+_ASEOF
+test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+# Save the log message, to keep $0 and so on meaningful, and to
+# report actual input values of CONFIG_FILES etc. instead of their
+# values after options handling.
+ac_log="
+This file was extended by pbc $as_me 0.5.14, which was
+generated by GNU Autoconf 2.68. Invocation command line was
+
+ CONFIG_FILES = $CONFIG_FILES
+ CONFIG_HEADERS = $CONFIG_HEADERS
+ CONFIG_LINKS = $CONFIG_LINKS
+ CONFIG_COMMANDS = $CONFIG_COMMANDS
+ $ $0 $@
+
+on `(hostname || uname -n) 2>/dev/null | sed 1q`
+"
+
+_ACEOF
+
+case $ac_config_files in *"
+"*) set x $ac_config_files; shift; ac_config_files=$*;;
+esac
+
+case $ac_config_headers in *"
+"*) set x $ac_config_headers; shift; ac_config_headers=$*;;
+esac
+
+
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+# Files that config.status was made for.
+config_files="$ac_config_files"
+config_headers="$ac_config_headers"
+config_commands="$ac_config_commands"
+
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+ac_cs_usage="\
+\`$as_me' instantiates files and other configuration actions
+from templates according to the current configuration. Unless the files
+and actions are specified as TAGs, all are instantiated by default.
+
+Usage: $0 [OPTION]... [TAG]...
+
+ -h, --help print this help, then exit
+ -V, --version print version number and configuration settings, then exit
+ --config print configuration, then exit
+ -q, --quiet, --silent
+ do not print progress messages
+ -d, --debug don't remove temporary files
+ --recheck update $as_me by reconfiguring in the same conditions
+ --file=FILE[:TEMPLATE]
+ instantiate the configuration file FILE
+ --header=FILE[:TEMPLATE]
+ instantiate the configuration header FILE
+
+Configuration files:
+$config_files
+
+Configuration headers:
+$config_headers
+
+Configuration commands:
+$config_commands
+
+Report bugs to <blynn@cs.stanford.edu>."
+
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
+ac_cs_version="\\
+pbc config.status 0.5.14
+configured by $0, generated by GNU Autoconf 2.68,
+ with options \\"\$ac_cs_config\\"
+
+Copyright (C) 2010 Free Software Foundation, Inc.
+This config.status script is free software; the Free Software Foundation
+gives unlimited permission to copy, distribute and modify it."
+
+ac_pwd='$ac_pwd'
+srcdir='$srcdir'
+INSTALL='$INSTALL'
+MKDIR_P='$MKDIR_P'
+AWK='$AWK'
+test -n "\$AWK" || AWK=awk
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+# The default lists apply if the user does not specify any file.
+ac_need_defaults=:
+while test $# != 0
+do
+ case $1 in
+ --*=?*)
+ ac_option=`expr "X$1" : 'X\([^=]*\)='`
+ ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'`
+ ac_shift=:
+ ;;
+ --*=)
+ ac_option=`expr "X$1" : 'X\([^=]*\)='`
+ ac_optarg=
+ ac_shift=:
+ ;;
+ *)
+ ac_option=$1
+ ac_optarg=$2
+ ac_shift=shift
+ ;;
+ esac
+
+ case $ac_option in
+ # Handling of the options.
+ -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
+ ac_cs_recheck=: ;;
+ --version | --versio | --versi | --vers | --ver | --ve | --v | -V )
+ $as_echo "$ac_cs_version"; exit ;;
+ --config | --confi | --conf | --con | --co | --c )
+ $as_echo "$ac_cs_config"; exit ;;
+ --debug | --debu | --deb | --de | --d | -d )
+ debug=: ;;
+ --file | --fil | --fi | --f )
+ $ac_shift
+ case $ac_optarg in
+ *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;;
+ '') as_fn_error $? "missing file argument" ;;
+ esac
+ as_fn_append CONFIG_FILES " '$ac_optarg'"
+ ac_need_defaults=false;;
+ --header | --heade | --head | --hea )
+ $ac_shift
+ case $ac_optarg in
+ *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;;
+ esac
+ as_fn_append CONFIG_HEADERS " '$ac_optarg'"
+ ac_need_defaults=false;;
+ --he | --h)
+ # Conflict between --help and --header
+ as_fn_error $? "ambiguous option: \`$1'
+Try \`$0 --help' for more information.";;
+ --help | --hel | -h )
+ $as_echo "$ac_cs_usage"; exit ;;
+ -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+ | -silent | --silent | --silen | --sile | --sil | --si | --s)
+ ac_cs_silent=: ;;
+
+ # This is an error.
+ -*) as_fn_error $? "unrecognized option: \`$1'
+Try \`$0 --help' for more information." ;;
+
+ *) as_fn_append ac_config_targets " $1"
+ ac_need_defaults=false ;;
+
+ esac
+ shift
+done
+
+ac_configure_extra_args=
+
+if $ac_cs_silent; then
+ exec 6>/dev/null
+ ac_configure_extra_args="$ac_configure_extra_args --silent"
+fi
+
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+if \$ac_cs_recheck; then
+ set X '$SHELL' '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion
+ shift
+ \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6
+ CONFIG_SHELL='$SHELL'
+ export CONFIG_SHELL
+ exec "\$@"
+fi
+
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+exec 5>>config.log
+{
+ echo
+ sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX
+## Running $as_me. ##
+_ASBOX
+ $as_echo "$ac_log"
+} >&5
+
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+#
+# INIT-COMMANDS
+#
+AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir"
+
+
+# The HP-UX ksh and POSIX shell print the target directory to stdout
+# if CDPATH is set.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+sed_quote_subst='$sed_quote_subst'
+double_quote_subst='$double_quote_subst'
+delay_variable_subst='$delay_variable_subst'
+macro_version='`$ECHO "$macro_version" | $SED "$delay_single_quote_subst"`'
+macro_revision='`$ECHO "$macro_revision" | $SED "$delay_single_quote_subst"`'
+enable_shared='`$ECHO "$enable_shared" | $SED "$delay_single_quote_subst"`'
+enable_static='`$ECHO "$enable_static" | $SED "$delay_single_quote_subst"`'
+pic_mode='`$ECHO "$pic_mode" | $SED "$delay_single_quote_subst"`'
+enable_fast_install='`$ECHO "$enable_fast_install" | $SED "$delay_single_quote_subst"`'
+SHELL='`$ECHO "$SHELL" | $SED "$delay_single_quote_subst"`'
+ECHO='`$ECHO "$ECHO" | $SED "$delay_single_quote_subst"`'
+PATH_SEPARATOR='`$ECHO "$PATH_SEPARATOR" | $SED "$delay_single_quote_subst"`'
+host_alias='`$ECHO "$host_alias" | $SED "$delay_single_quote_subst"`'
+host='`$ECHO "$host" | $SED "$delay_single_quote_subst"`'
+host_os='`$ECHO "$host_os" | $SED "$delay_single_quote_subst"`'
+build_alias='`$ECHO "$build_alias" | $SED "$delay_single_quote_subst"`'
+build='`$ECHO "$build" | $SED "$delay_single_quote_subst"`'
+build_os='`$ECHO "$build_os" | $SED "$delay_single_quote_subst"`'
+SED='`$ECHO "$SED" | $SED "$delay_single_quote_subst"`'
+Xsed='`$ECHO "$Xsed" | $SED "$delay_single_quote_subst"`'
+GREP='`$ECHO "$GREP" | $SED "$delay_single_quote_subst"`'
+EGREP='`$ECHO "$EGREP" | $SED "$delay_single_quote_subst"`'
+FGREP='`$ECHO "$FGREP" | $SED "$delay_single_quote_subst"`'
+LD='`$ECHO "$LD" | $SED "$delay_single_quote_subst"`'
+NM='`$ECHO "$NM" | $SED "$delay_single_quote_subst"`'
+LN_S='`$ECHO "$LN_S" | $SED "$delay_single_quote_subst"`'
+max_cmd_len='`$ECHO "$max_cmd_len" | $SED "$delay_single_quote_subst"`'
+ac_objext='`$ECHO "$ac_objext" | $SED "$delay_single_quote_subst"`'
+exeext='`$ECHO "$exeext" | $SED "$delay_single_quote_subst"`'
+lt_unset='`$ECHO "$lt_unset" | $SED "$delay_single_quote_subst"`'
+lt_SP2NL='`$ECHO "$lt_SP2NL" | $SED "$delay_single_quote_subst"`'
+lt_NL2SP='`$ECHO "$lt_NL2SP" | $SED "$delay_single_quote_subst"`'
+lt_cv_to_host_file_cmd='`$ECHO "$lt_cv_to_host_file_cmd" | $SED "$delay_single_quote_subst"`'
+lt_cv_to_tool_file_cmd='`$ECHO "$lt_cv_to_tool_file_cmd" | $SED "$delay_single_quote_subst"`'
+reload_flag='`$ECHO "$reload_flag" | $SED "$delay_single_quote_subst"`'
+reload_cmds='`$ECHO "$reload_cmds" | $SED "$delay_single_quote_subst"`'
+OBJDUMP='`$ECHO "$OBJDUMP" | $SED "$delay_single_quote_subst"`'
+deplibs_check_method='`$ECHO "$deplibs_check_method" | $SED "$delay_single_quote_subst"`'
+file_magic_cmd='`$ECHO "$file_magic_cmd" | $SED "$delay_single_quote_subst"`'
+file_magic_glob='`$ECHO "$file_magic_glob" | $SED "$delay_single_quote_subst"`'
+want_nocaseglob='`$ECHO "$want_nocaseglob" | $SED "$delay_single_quote_subst"`'
+DLLTOOL='`$ECHO "$DLLTOOL" | $SED "$delay_single_quote_subst"`'
+sharedlib_from_linklib_cmd='`$ECHO "$sharedlib_from_linklib_cmd" | $SED "$delay_single_quote_subst"`'
+AR='`$ECHO "$AR" | $SED "$delay_single_quote_subst"`'
+AR_FLAGS='`$ECHO "$AR_FLAGS" | $SED "$delay_single_quote_subst"`'
+archiver_list_spec='`$ECHO "$archiver_list_spec" | $SED "$delay_single_quote_subst"`'
+STRIP='`$ECHO "$STRIP" | $SED "$delay_single_quote_subst"`'
+RANLIB='`$ECHO "$RANLIB" | $SED "$delay_single_quote_subst"`'
+old_postinstall_cmds='`$ECHO "$old_postinstall_cmds" | $SED "$delay_single_quote_subst"`'
+old_postuninstall_cmds='`$ECHO "$old_postuninstall_cmds" | $SED "$delay_single_quote_subst"`'
+old_archive_cmds='`$ECHO "$old_archive_cmds" | $SED "$delay_single_quote_subst"`'
+lock_old_archive_extraction='`$ECHO "$lock_old_archive_extraction" | $SED "$delay_single_quote_subst"`'
+CC='`$ECHO "$CC" | $SED "$delay_single_quote_subst"`'
+CFLAGS='`$ECHO "$CFLAGS" | $SED "$delay_single_quote_subst"`'
+compiler='`$ECHO "$compiler" | $SED "$delay_single_quote_subst"`'
+GCC='`$ECHO "$GCC" | $SED "$delay_single_quote_subst"`'
+lt_cv_sys_global_symbol_pipe='`$ECHO "$lt_cv_sys_global_symbol_pipe" | $SED "$delay_single_quote_subst"`'
+lt_cv_sys_global_symbol_to_cdecl='`$ECHO "$lt_cv_sys_global_symbol_to_cdecl" | $SED "$delay_single_quote_subst"`'
+lt_cv_sys_global_symbol_to_c_name_address='`$ECHO "$lt_cv_sys_global_symbol_to_c_name_address" | $SED "$delay_single_quote_subst"`'
+lt_cv_sys_global_symbol_to_c_name_address_lib_prefix='`$ECHO "$lt_cv_sys_global_symbol_to_c_name_address_lib_prefix" | $SED "$delay_single_quote_subst"`'
+nm_file_list_spec='`$ECHO "$nm_file_list_spec" | $SED "$delay_single_quote_subst"`'
+lt_sysroot='`$ECHO "$lt_sysroot" | $SED "$delay_single_quote_subst"`'
+objdir='`$ECHO "$objdir" | $SED "$delay_single_quote_subst"`'
+MAGIC_CMD='`$ECHO "$MAGIC_CMD" | $SED "$delay_single_quote_subst"`'
+lt_prog_compiler_no_builtin_flag='`$ECHO "$lt_prog_compiler_no_builtin_flag" | $SED "$delay_single_quote_subst"`'
+lt_prog_compiler_pic='`$ECHO "$lt_prog_compiler_pic" | $SED "$delay_single_quote_subst"`'
+lt_prog_compiler_wl='`$ECHO "$lt_prog_compiler_wl" | $SED "$delay_single_quote_subst"`'
+lt_prog_compiler_static='`$ECHO "$lt_prog_compiler_static" | $SED "$delay_single_quote_subst"`'
+lt_cv_prog_compiler_c_o='`$ECHO "$lt_cv_prog_compiler_c_o" | $SED "$delay_single_quote_subst"`'
+need_locks='`$ECHO "$need_locks" | $SED "$delay_single_quote_subst"`'
+MANIFEST_TOOL='`$ECHO "$MANIFEST_TOOL" | $SED "$delay_single_quote_subst"`'
+DSYMUTIL='`$ECHO "$DSYMUTIL" | $SED "$delay_single_quote_subst"`'
+NMEDIT='`$ECHO "$NMEDIT" | $SED "$delay_single_quote_subst"`'
+LIPO='`$ECHO "$LIPO" | $SED "$delay_single_quote_subst"`'
+OTOOL='`$ECHO "$OTOOL" | $SED "$delay_single_quote_subst"`'
+OTOOL64='`$ECHO "$OTOOL64" | $SED "$delay_single_quote_subst"`'
+libext='`$ECHO "$libext" | $SED "$delay_single_quote_subst"`'
+shrext_cmds='`$ECHO "$shrext_cmds" | $SED "$delay_single_quote_subst"`'
+extract_expsyms_cmds='`$ECHO "$extract_expsyms_cmds" | $SED "$delay_single_quote_subst"`'
+archive_cmds_need_lc='`$ECHO "$archive_cmds_need_lc" | $SED "$delay_single_quote_subst"`'
+enable_shared_with_static_runtimes='`$ECHO "$enable_shared_with_static_runtimes" | $SED "$delay_single_quote_subst"`'
+export_dynamic_flag_spec='`$ECHO "$export_dynamic_flag_spec" | $SED "$delay_single_quote_subst"`'
+whole_archive_flag_spec='`$ECHO "$whole_archive_flag_spec" | $SED "$delay_single_quote_subst"`'
+compiler_needs_object='`$ECHO "$compiler_needs_object" | $SED "$delay_single_quote_subst"`'
+old_archive_from_new_cmds='`$ECHO "$old_archive_from_new_cmds" | $SED "$delay_single_quote_subst"`'
+old_archive_from_expsyms_cmds='`$ECHO "$old_archive_from_expsyms_cmds" | $SED "$delay_single_quote_subst"`'
+archive_cmds='`$ECHO "$archive_cmds" | $SED "$delay_single_quote_subst"`'
+archive_expsym_cmds='`$ECHO "$archive_expsym_cmds" | $SED "$delay_single_quote_subst"`'
+module_cmds='`$ECHO "$module_cmds" | $SED "$delay_single_quote_subst"`'
+module_expsym_cmds='`$ECHO "$module_expsym_cmds" | $SED "$delay_single_quote_subst"`'
+with_gnu_ld='`$ECHO "$with_gnu_ld" | $SED "$delay_single_quote_subst"`'
+allow_undefined_flag='`$ECHO "$allow_undefined_flag" | $SED "$delay_single_quote_subst"`'
+no_undefined_flag='`$ECHO "$no_undefined_flag" | $SED "$delay_single_quote_subst"`'
+hardcode_libdir_flag_spec='`$ECHO "$hardcode_libdir_flag_spec" | $SED "$delay_single_quote_subst"`'
+hardcode_libdir_separator='`$ECHO "$hardcode_libdir_separator" | $SED "$delay_single_quote_subst"`'
+hardcode_direct='`$ECHO "$hardcode_direct" | $SED "$delay_single_quote_subst"`'
+hardcode_direct_absolute='`$ECHO "$hardcode_direct_absolute" | $SED "$delay_single_quote_subst"`'
+hardcode_minus_L='`$ECHO "$hardcode_minus_L" | $SED "$delay_single_quote_subst"`'
+hardcode_shlibpath_var='`$ECHO "$hardcode_shlibpath_var" | $SED "$delay_single_quote_subst"`'
+hardcode_automatic='`$ECHO "$hardcode_automatic" | $SED "$delay_single_quote_subst"`'
+inherit_rpath='`$ECHO "$inherit_rpath" | $SED "$delay_single_quote_subst"`'
+link_all_deplibs='`$ECHO "$link_all_deplibs" | $SED "$delay_single_quote_subst"`'
+always_export_symbols='`$ECHO "$always_export_symbols" | $SED "$delay_single_quote_subst"`'
+export_symbols_cmds='`$ECHO "$export_symbols_cmds" | $SED "$delay_single_quote_subst"`'
+exclude_expsyms='`$ECHO "$exclude_expsyms" | $SED "$delay_single_quote_subst"`'
+include_expsyms='`$ECHO "$include_expsyms" | $SED "$delay_single_quote_subst"`'
+prelink_cmds='`$ECHO "$prelink_cmds" | $SED "$delay_single_quote_subst"`'
+postlink_cmds='`$ECHO "$postlink_cmds" | $SED "$delay_single_quote_subst"`'
+file_list_spec='`$ECHO "$file_list_spec" | $SED "$delay_single_quote_subst"`'
+variables_saved_for_relink='`$ECHO "$variables_saved_for_relink" | $SED "$delay_single_quote_subst"`'
+need_lib_prefix='`$ECHO "$need_lib_prefix" | $SED "$delay_single_quote_subst"`'
+need_version='`$ECHO "$need_version" | $SED "$delay_single_quote_subst"`'
+version_type='`$ECHO "$version_type" | $SED "$delay_single_quote_subst"`'
+runpath_var='`$ECHO "$runpath_var" | $SED "$delay_single_quote_subst"`'
+shlibpath_var='`$ECHO "$shlibpath_var" | $SED "$delay_single_quote_subst"`'
+shlibpath_overrides_runpath='`$ECHO "$shlibpath_overrides_runpath" | $SED "$delay_single_quote_subst"`'
+libname_spec='`$ECHO "$libname_spec" | $SED "$delay_single_quote_subst"`'
+library_names_spec='`$ECHO "$library_names_spec" | $SED "$delay_single_quote_subst"`'
+soname_spec='`$ECHO "$soname_spec" | $SED "$delay_single_quote_subst"`'
+install_override_mode='`$ECHO "$install_override_mode" | $SED "$delay_single_quote_subst"`'
+postinstall_cmds='`$ECHO "$postinstall_cmds" | $SED "$delay_single_quote_subst"`'
+postuninstall_cmds='`$ECHO "$postuninstall_cmds" | $SED "$delay_single_quote_subst"`'
+finish_cmds='`$ECHO "$finish_cmds" | $SED "$delay_single_quote_subst"`'
+finish_eval='`$ECHO "$finish_eval" | $SED "$delay_single_quote_subst"`'
+hardcode_into_libs='`$ECHO "$hardcode_into_libs" | $SED "$delay_single_quote_subst"`'
+sys_lib_search_path_spec='`$ECHO "$sys_lib_search_path_spec" | $SED "$delay_single_quote_subst"`'
+sys_lib_dlsearch_path_spec='`$ECHO "$sys_lib_dlsearch_path_spec" | $SED "$delay_single_quote_subst"`'
+hardcode_action='`$ECHO "$hardcode_action" | $SED "$delay_single_quote_subst"`'
+enable_dlopen='`$ECHO "$enable_dlopen" | $SED "$delay_single_quote_subst"`'
+enable_dlopen_self='`$ECHO "$enable_dlopen_self" | $SED "$delay_single_quote_subst"`'
+enable_dlopen_self_static='`$ECHO "$enable_dlopen_self_static" | $SED "$delay_single_quote_subst"`'
+old_striplib='`$ECHO "$old_striplib" | $SED "$delay_single_quote_subst"`'
+striplib='`$ECHO "$striplib" | $SED "$delay_single_quote_subst"`'
+AS='`$ECHO "$AS" | $SED "$delay_single_quote_subst"`'
+
+LTCC='$LTCC'
+LTCFLAGS='$LTCFLAGS'
+compiler='$compiler_DEFAULT'
+
+# A function that is used when there is no print builtin or printf.
+func_fallback_echo ()
+{
+ eval 'cat <<_LTECHO_EOF
+\$1
+_LTECHO_EOF'
+}
+
+# Quote evaled strings.
+for var in SHELL \
+ECHO \
+PATH_SEPARATOR \
+SED \
+GREP \
+EGREP \
+FGREP \
+LD \
+NM \
+LN_S \
+lt_SP2NL \
+lt_NL2SP \
+reload_flag \
+OBJDUMP \
+deplibs_check_method \
+file_magic_cmd \
+file_magic_glob \
+want_nocaseglob \
+DLLTOOL \
+sharedlib_from_linklib_cmd \
+AR \
+AR_FLAGS \
+archiver_list_spec \
+STRIP \
+RANLIB \
+CC \
+CFLAGS \
+compiler \
+lt_cv_sys_global_symbol_pipe \
+lt_cv_sys_global_symbol_to_cdecl \
+lt_cv_sys_global_symbol_to_c_name_address \
+lt_cv_sys_global_symbol_to_c_name_address_lib_prefix \
+nm_file_list_spec \
+lt_prog_compiler_no_builtin_flag \
+lt_prog_compiler_pic \
+lt_prog_compiler_wl \
+lt_prog_compiler_static \
+lt_cv_prog_compiler_c_o \
+need_locks \
+MANIFEST_TOOL \
+DSYMUTIL \
+NMEDIT \
+LIPO \
+OTOOL \
+OTOOL64 \
+shrext_cmds \
+export_dynamic_flag_spec \
+whole_archive_flag_spec \
+compiler_needs_object \
+with_gnu_ld \
+allow_undefined_flag \
+no_undefined_flag \
+hardcode_libdir_flag_spec \
+hardcode_libdir_separator \
+exclude_expsyms \
+include_expsyms \
+file_list_spec \
+variables_saved_for_relink \
+libname_spec \
+library_names_spec \
+soname_spec \
+install_override_mode \
+finish_eval \
+old_striplib \
+striplib \
+AS; do
+ case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in
+ *[\\\\\\\`\\"\\\$]*)
+ eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED \\"\\\$sed_quote_subst\\"\\\`\\\\\\""
+ ;;
+ *)
+ eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\""
+ ;;
+ esac
+done
+
+# Double-quote double-evaled strings.
+for var in reload_cmds \
+old_postinstall_cmds \
+old_postuninstall_cmds \
+old_archive_cmds \
+extract_expsyms_cmds \
+old_archive_from_new_cmds \
+old_archive_from_expsyms_cmds \
+archive_cmds \
+archive_expsym_cmds \
+module_cmds \
+module_expsym_cmds \
+export_symbols_cmds \
+prelink_cmds \
+postlink_cmds \
+postinstall_cmds \
+postuninstall_cmds \
+finish_cmds \
+sys_lib_search_path_spec \
+sys_lib_dlsearch_path_spec; do
+ case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in
+ *[\\\\\\\`\\"\\\$]*)
+ eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\""
+ ;;
+ *)
+ eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\""
+ ;;
+ esac
+done
+
+ac_aux_dir='$ac_aux_dir'
+xsi_shell='$xsi_shell'
+lt_shell_append='$lt_shell_append'
+
+# See if we are running on zsh, and set the options which allow our
+# commands through without removal of \ escapes INIT.
+if test -n "\${ZSH_VERSION+set}" ; then
+ setopt NO_GLOB_SUBST
+fi
+
+
+ PACKAGE='$PACKAGE'
+ VERSION='$VERSION'
+ TIMESTAMP='$TIMESTAMP'
+ RM='$RM'
+ ofile='$ofile'
+
+
+
+
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+
+# Handling of arguments.
+for ac_config_target in $ac_config_targets
+do
+ case $ac_config_target in
+ "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;;
+ "depfiles") CONFIG_COMMANDS="$CONFIG_COMMANDS depfiles" ;;
+ "libtool") CONFIG_COMMANDS="$CONFIG_COMMANDS libtool" ;;
+ "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;;
+ "example/Makefile") CONFIG_FILES="$CONFIG_FILES example/Makefile" ;;
+ "gen/Makefile") CONFIG_FILES="$CONFIG_FILES gen/Makefile" ;;
+
+ *) as_fn_error $? "invalid argument: \`$ac_config_target'" "14716" 5;;
+ esac
+done
+
+
+# If the user did not use the arguments to specify the items to instantiate,
+# then the envvar interface is used. Set only those that are not.
+# We use the long form for the default assignment because of an extremely
+# bizarre bug on SunOS 4.1.3.
+if $ac_need_defaults; then
+ test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files
+ test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers
+ test "${CONFIG_COMMANDS+set}" = set || CONFIG_COMMANDS=$config_commands
+fi
+
+# Have a temporary directory for convenience. Make it in the build tree
+# simply because there is no reason against having it here, and in addition,
+# creating and moving files from /tmp can sometimes cause problems.
+# Hook for its removal unless debugging.
+# Note that there is a small window in which the directory will not be cleaned:
+# after its creation but before its name has been assigned to `$tmp'.
+$debug ||
+{
+ tmp= ac_tmp=
+ trap 'exit_status=$?
+ : "${ac_tmp:=$tmp}"
+ { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status
+' 0
+ trap 'as_fn_exit 1' 1 2 13 15
+}
+# Create a (secure) tmp directory for tmp files.
+
+{
+ tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` &&
+ test -d "$tmp"
+} ||
+{
+ tmp=./conf$$-$RANDOM
+ (umask 077 && mkdir "$tmp")
+} || as_fn_error $? "cannot create a temporary directory in ." "14755" 5
+ac_tmp=$tmp
+
+# Set up the scripts for CONFIG_FILES section.
+# No need to generate them if there are no CONFIG_FILES.
+# This happens for instance with `./config.status config.h'.
+if test -n "$CONFIG_FILES"; then
+
+
+ac_cr=`echo X | tr X '\015'`
+# On cygwin, bash can eat \r inside `` if the user requested igncr.
+# But we know of no other shell where ac_cr would be empty at this
+# point, so we can use a bashism as a fallback.
+if test "x$ac_cr" = x; then
+ eval ac_cr=\$\'\\r\'
+fi
+ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' </dev/null 2>/dev/null`
+if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then
+ ac_cs_awk_cr='\\r'
+else
+ ac_cs_awk_cr=$ac_cr
+fi
+
+echo 'BEGIN {' >"$ac_tmp/subs1.awk" &&
+_ACEOF
+
+
+{
+ echo "cat >conf$$subs.awk <<_ACEOF" &&
+ echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' &&
+ echo "_ACEOF"
+} >conf$$subs.sh ||
+ as_fn_error $? "could not make $CONFIG_STATUS" "14787" 5
+ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'`
+ac_delim='%!_!# '
+for ac_last_try in false false false false false :; do
+ . ./conf$$subs.sh ||
+ as_fn_error $? "could not make $CONFIG_STATUS" "14792" 5
+
+ ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X`
+ if test $ac_delim_n = $ac_delim_num; then
+ break
+ elif $ac_last_try; then
+ as_fn_error $? "could not make $CONFIG_STATUS" "14798" 5
+ else
+ ac_delim="$ac_delim!$ac_delim _$ac_delim!! "
+ fi
+done
+rm -f conf$$subs.sh
+
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK &&
+_ACEOF
+sed -n '
+h
+s/^/S["/; s/!.*/"]=/
+p
+g
+s/^[^!]*!//
+:repl
+t repl
+s/'"$ac_delim"'$//
+t delim
+:nl
+h
+s/\(.\{148\}\)..*/\1/
+t more1
+s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/
+p
+n
+b repl
+:more1
+s/["\\]/\\&/g; s/^/"/; s/$/"\\/
+p
+g
+s/.\{148\}//
+t nl
+:delim
+h
+s/\(.\{148\}\)..*/\1/
+t more2
+s/["\\]/\\&/g; s/^/"/; s/$/"/
+p
+b
+:more2
+s/["\\]/\\&/g; s/^/"/; s/$/"\\/
+p
+g
+s/.\{148\}//
+t delim
+' <conf$$subs.awk | sed '
+/^[^""]/{
+ N
+ s/\n//
+}
+' >>$CONFIG_STATUS || ac_write_fail=1
+rm -f conf$$subs.awk
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+_ACAWK
+cat >>"\$ac_tmp/subs1.awk" <<_ACAWK &&
+ for (key in S) S_is_set[key] = 1
+ FS = ""
+
+}
+{
+ line = $ 0
+ nfields = split(line, field, "@")
+ substed = 0
+ len = length(field[1])
+ for (i = 2; i < nfields; i++) {
+ key = field[i]
+ keylen = length(key)
+ if (S_is_set[key]) {
+ value = S[key]
+ line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3)
+ len += length(value) + length(field[++i])
+ substed = 1
+ } else
+ len += 1 + keylen
+ }
+
+ print line
+}
+
+_ACAWK
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then
+ sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g"
+else
+ cat
+fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \
+ || as_fn_error $? "could not setup config files machinery" "14887" 5
+_ACEOF
+
+# VPATH may cause trouble with some makes, so we remove sole $(srcdir),
+# ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and
+# trailing colons and then remove the whole line if VPATH becomes empty
+# (actually we leave an empty line to preserve line numbers).
+if test "x$srcdir" = x.; then
+ ac_vpsub='/^[ ]*VPATH[ ]*=[ ]*/{
+h
+s///
+s/^/:/
+s/[ ]*$/:/
+s/:\$(srcdir):/:/g
+s/:\${srcdir}:/:/g
+s/:@srcdir@:/:/g
+s/^:*//
+s/:*$//
+x
+s/\(=[ ]*\).*/\1/
+G
+s/\n//
+s/^[^=]*=[ ]*$//
+}'
+fi
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+fi # test -n "$CONFIG_FILES"
+
+# Set up the scripts for CONFIG_HEADERS section.
+# No need to generate them if there are no CONFIG_HEADERS.
+# This happens for instance with `./config.status Makefile'.
+if test -n "$CONFIG_HEADERS"; then
+cat >"$ac_tmp/defines.awk" <<\_ACAWK ||
+BEGIN {
+_ACEOF
+
+# Transform confdefs.h into an awk script `defines.awk', embedded as
+# here-document in config.status, that substitutes the proper values into
+# config.h.in to produce config.h.
+
+# Create a delimiter string that does not exist in confdefs.h, to ease
+# handling of long lines.
+ac_delim='%!_!# '
+for ac_last_try in false false :; do
+ ac_tt=`sed -n "/$ac_delim/p" confdefs.h`
+ if test -z "$ac_tt"; then
+ break
+ elif $ac_last_try; then
+ as_fn_error $? "could not make $CONFIG_HEADERS" "14936" 5
+ else
+ ac_delim="$ac_delim!$ac_delim _$ac_delim!! "
+ fi
+done
+
+# For the awk script, D is an array of macro values keyed by name,
+# likewise P contains macro parameters if any. Preserve backslash
+# newline sequences.
+
+ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]*
+sed -n '
+s/.\{148\}/&'"$ac_delim"'/g
+t rset
+:rset
+s/^[ ]*#[ ]*define[ ][ ]*/ /
+t def
+d
+:def
+s/\\$//
+t bsnl
+s/["\\]/\\&/g
+s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\
+D["\1"]=" \3"/p
+s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2"/p
+d
+:bsnl
+s/["\\]/\\&/g
+s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\
+D["\1"]=" \3\\\\\\n"\\/p
+t cont
+s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2\\\\\\n"\\/p
+t cont
+d
+:cont
+n
+s/.\{148\}/&'"$ac_delim"'/g
+t clear
+:clear
+s/\\$//
+t bsnlc
+s/["\\]/\\&/g; s/^/"/; s/$/"/p
+d
+:bsnlc
+s/["\\]/\\&/g; s/^/"/; s/$/\\\\\\n"\\/p
+b cont
+' <confdefs.h | sed '
+s/'"$ac_delim"'/"\\\
+"/g' >>$CONFIG_STATUS || ac_write_fail=1
+
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ for (key in D) D_is_set[key] = 1
+ FS = ""
+}
+/^[\t ]*#[\t ]*(define|undef)[\t ]+$ac_word_re([\t (]|\$)/ {
+ line = \$ 0
+ split(line, arg, " ")
+ if (arg[1] == "#") {
+ defundef = arg[2]
+ mac1 = arg[3]
+ } else {
+ defundef = substr(arg[1], 2)
+ mac1 = arg[2]
+ }
+ split(mac1, mac2, "(") #)
+ macro = mac2[1]
+ prefix = substr(line, 1, index(line, defundef) - 1)
+ if (D_is_set[macro]) {
+ # Preserve the white space surrounding the "#".
+ print prefix "define", macro P[macro] D[macro]
+ next
+ } else {
+ # Replace #undef with comments. This is necessary, for example,
+ # in the case of _POSIX_SOURCE, which is predefined and required
+ # on some systems where configure will not decide to define it.
+ if (defundef == "undef") {
+ print "/*", prefix defundef, macro, "*/"
+ next
+ }
+ }
+}
+{ print }
+_ACAWK
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+ as_fn_error $? "could not setup config headers machinery" "15021" 5
+fi # test -n "$CONFIG_HEADERS"
+
+
+eval set X " :F $CONFIG_FILES :H $CONFIG_HEADERS :C $CONFIG_COMMANDS"
+shift
+for ac_tag
+do
+ case $ac_tag in
+ :[FHLC]) ac_mode=$ac_tag; continue;;
+ esac
+ case $ac_mode$ac_tag in
+ :[FHL]*:*);;
+ :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "15034" 5;;
+ :[FH]-) ac_tag=-:-;;
+ :[FH]*) ac_tag=$ac_tag:$ac_tag.in;;
+ esac
+ ac_save_IFS=$IFS
+ IFS=:
+ set x $ac_tag
+ IFS=$ac_save_IFS
+ shift
+ ac_file=$1
+ shift
+
+ case $ac_mode in
+ :L) ac_source=$1;;
+ :[FH])
+ ac_file_inputs=
+ for ac_f
+ do
+ case $ac_f in
+ -) ac_f="$ac_tmp/stdin";;
+ *) # Look for the file first in the build tree, then in the source tree
+ # (if the path is not absolute). The absolute path cannot be DOS-style,
+ # because $ac_f cannot contain `:'.
+ test -f "$ac_f" ||
+ case $ac_f in
+ [\\/$]*) false;;
+ *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";;
+ esac ||
+ as_fn_error 1 "cannot find input file: \`$ac_f'" "15062" 5;;
+ esac
+ case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac
+ as_fn_append ac_file_inputs " '$ac_f'"
+ done
+
+ # Let's still pretend it is `configure' which instantiates (i.e., don't
+ # use $as_me), people would be surprised to read:
+ # /* config.h. Generated by config.status. */
+ configure_input='Generated from '`
+ $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g'
+ `' by configure.'
+ if test x"$ac_file" != x-; then
+ configure_input="$ac_file. $configure_input"
+ { $as_echo "$as_me:${as_lineno-15076}: creating $ac_file" >&5
+$as_echo "$as_me: creating $ac_file" >&6;}
+ fi
+ # Neutralize special characters interpreted by sed in replacement strings.
+ case $configure_input in #(
+ *\&* | *\|* | *\\* )
+ ac_sed_conf_input=`$as_echo "$configure_input" |
+ sed 's/[\\\\&|]/\\\\&/g'`;; #(
+ *) ac_sed_conf_input=$configure_input;;
+ esac
+
+ case $ac_tag in
+ *:-:* | *:-) cat >"$ac_tmp/stdin" \
+ || as_fn_error $? "could not create $ac_file" "15089" 5 ;;
+ esac
+ ;;
+ esac
+
+ ac_dir=`$as_dirname -- "$ac_file" ||
+$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$ac_file" : 'X\(//\)[^/]' \| \
+ X"$ac_file" : 'X\(//\)$' \| \
+ X"$ac_file" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$ac_file" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)[^/].*/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
+ as_dir="$ac_dir"; as_fn_mkdir_p
+ ac_builddir=.
+
+case "$ac_dir" in
+.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
+*)
+ ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'`
+ # A ".." for each directory in $ac_dir_suffix.
+ ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'`
+ case $ac_top_builddir_sub in
+ "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
+ *) ac_top_build_prefix=$ac_top_builddir_sub/ ;;
+ esac ;;
+esac
+ac_abs_top_builddir=$ac_pwd
+ac_abs_builddir=$ac_pwd$ac_dir_suffix
+# for backward compatibility:
+ac_top_builddir=$ac_top_build_prefix
+
+case $srcdir in
+ .) # We are building in place.
+ ac_srcdir=.
+ ac_top_srcdir=$ac_top_builddir_sub
+ ac_abs_top_srcdir=$ac_pwd ;;
+ [\\/]* | ?:[\\/]* ) # Absolute name.
+ ac_srcdir=$srcdir$ac_dir_suffix;
+ ac_top_srcdir=$srcdir
+ ac_abs_top_srcdir=$srcdir ;;
+ *) # Relative name.
+ ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix
+ ac_top_srcdir=$ac_top_build_prefix$srcdir
+ ac_abs_top_srcdir=$ac_pwd/$srcdir ;;
+esac
+ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix
+
+
+ case $ac_mode in
+ :F)
+ #
+ # CONFIG_FILE
+ #
+
+ case $INSTALL in
+ [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;;
+ *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;;
+ esac
+ ac_MKDIR_P=$MKDIR_P
+ case $MKDIR_P in
+ [\\/$]* | ?:[\\/]* ) ;;
+ */*) ac_MKDIR_P=$ac_top_build_prefix$MKDIR_P ;;
+ esac
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+# If the template does not know about datarootdir, expand it.
+# FIXME: This hack should be removed a few years after 2.60.
+ac_datarootdir_hack=; ac_datarootdir_seen=
+ac_sed_dataroot='
+/datarootdir/ {
+ p
+ q
+}
+/@datadir@/p
+/@docdir@/p
+/@infodir@/p
+/@localedir@/p
+/@mandir@/p'
+case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in
+*datarootdir*) ac_datarootdir_seen=yes;;
+*@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*)
+ { $as_echo "$as_me:${as_lineno-15187}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5
+$as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;}
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ ac_datarootdir_hack='
+ s&@datadir@&$datadir&g
+ s&@docdir@&$docdir&g
+ s&@infodir@&$infodir&g
+ s&@localedir@&$localedir&g
+ s&@mandir@&$mandir&g
+ s&\\\${datarootdir}&$datarootdir&g' ;;
+esac
+_ACEOF
+
+# Neutralize VPATH when `$srcdir' = `.'.
+# Shell code in configure.ac might set extrasub.
+# FIXME: do we really want to maintain this feature?
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ac_sed_extra="$ac_vpsub
+$extrasub
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+:t
+/@[a-zA-Z_][a-zA-Z_0-9]*@/!b
+s|@configure_input@|$ac_sed_conf_input|;t t
+s&@top_builddir@&$ac_top_builddir_sub&;t t
+s&@top_build_prefix@&$ac_top_build_prefix&;t t
+s&@srcdir@&$ac_srcdir&;t t
+s&@abs_srcdir@&$ac_abs_srcdir&;t t
+s&@top_srcdir@&$ac_top_srcdir&;t t
+s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t
+s&@builddir@&$ac_builddir&;t t
+s&@abs_builddir@&$ac_abs_builddir&;t t
+s&@abs_top_builddir@&$ac_abs_top_builddir&;t t
+s&@INSTALL@&$ac_INSTALL&;t t
+s&@MKDIR_P@&$ac_MKDIR_P&;t t
+$ac_datarootdir_hack
+"
+eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \
+ >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "15226" 5
+
+test -z "$ac_datarootdir_hack$ac_datarootdir_seen" &&
+ { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } &&
+ { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \
+ "$ac_tmp/out"`; test -z "$ac_out"; } &&
+ { $as_echo "$as_me:${as_lineno-15232}: WARNING: $ac_file contains a reference to the variable \`datarootdir'
+which seems to be undefined. Please make sure it is defined" >&5
+$as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir'
+which seems to be undefined. Please make sure it is defined" >&2;}
+
+ rm -f "$ac_tmp/stdin"
+ case $ac_file in
+ -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";;
+ *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";;
+ esac \
+ || as_fn_error $? "could not create $ac_file" "15242" 5
+ ;;
+ :H)
+ #
+ # CONFIG_HEADER
+ #
+ if test x"$ac_file" != x-; then
+ {
+ $as_echo "/* $configure_input */" \
+ && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs"
+ } >"$ac_tmp/config.h" \
+ || as_fn_error $? "could not create $ac_file" "15253" 5
+ if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then
+ { $as_echo "$as_me:${as_lineno-15255}: $ac_file is unchanged" >&5
+$as_echo "$as_me: $ac_file is unchanged" >&6;}
+ else
+ rm -f "$ac_file"
+ mv "$ac_tmp/config.h" "$ac_file" \
+ || as_fn_error $? "could not create $ac_file" "15260" 5
+ fi
+ else
+ $as_echo "/* $configure_input */" \
+ && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \
+ || as_fn_error $? "could not create -" "15265" 5
+ fi
+# Compute "$ac_file"'s index in $config_headers.
+_am_arg="$ac_file"
+_am_stamp_count=1
+for _am_header in $config_headers :; do
+ case $_am_header in
+ $_am_arg | $_am_arg:* )
+ break ;;
+ * )
+ _am_stamp_count=`expr $_am_stamp_count + 1` ;;
+ esac
+done
+echo "timestamp for $_am_arg" >`$as_dirname -- "$_am_arg" ||
+$as_expr X"$_am_arg" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$_am_arg" : 'X\(//\)[^/]' \| \
+ X"$_am_arg" : 'X\(//\)$' \| \
+ X"$_am_arg" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$_am_arg" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)[^/].*/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`/stamp-h$_am_stamp_count
+ ;;
+
+ :C) { $as_echo "$as_me:${as_lineno-15303}: executing $ac_file commands" >&5
+$as_echo "$as_me: executing $ac_file commands" >&6;}
+ ;;
+ esac
+
+
+ case $ac_file$ac_mode in
+ "depfiles":C) test x"$AMDEP_TRUE" != x"" || {
+ # Autoconf 2.62 quotes --file arguments for eval, but not when files
+ # are listed without --file. Let's play safe and only enable the eval
+ # if we detect the quoting.
+ case $CONFIG_FILES in
+ *\'*) eval set x "$CONFIG_FILES" ;;
+ *) set x $CONFIG_FILES ;;
+ esac
+ shift
+ for mf
+ do
+ # Strip MF so we end up with the name of the file.
+ mf=`echo "$mf" | sed -e 's/:.*$//'`
+ # Check whether this is an Automake generated Makefile or not.
+ # We used to match only the files named `Makefile.in', but
+ # some people rename them; so instead we look at the file content.
+ # Grep'ing the first line is not enough: some people post-process
+ # each Makefile.in and add a new line on top of each file to say so.
+ # Grep'ing the whole file is not good either: AIX grep has a line
+ # limit of 2048, but all sed's we know have understand at least 4000.
+ if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then
+ dirpart=`$as_dirname -- "$mf" ||
+$as_expr X"$mf" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$mf" : 'X\(//\)[^/]' \| \
+ X"$mf" : 'X\(//\)$' \| \
+ X"$mf" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$mf" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)[^/].*/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
+ else
+ continue
+ fi
+ # Extract the definition of DEPDIR, am__include, and am__quote
+ # from the Makefile without running `make'.
+ DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"`
+ test -z "$DEPDIR" && continue
+ am__include=`sed -n 's/^am__include = //p' < "$mf"`
+ test -z "am__include" && continue
+ am__quote=`sed -n 's/^am__quote = //p' < "$mf"`
+ # When using ansi2knr, U may be empty or an underscore; expand it
+ U=`sed -n 's/^U = //p' < "$mf"`
+ # Find all dependency output files, they are included files with
+ # $(DEPDIR) in their names. We invoke sed twice because it is the
+ # simplest approach to changing $(DEPDIR) to its actual value in the
+ # expansion.
+ for file in `sed -n "
+ s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \
+ sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g' -e 's/\$U/'"$U"'/g'`; do
+ # Make sure the directory exists.
+ test -f "$dirpart/$file" && continue
+ fdir=`$as_dirname -- "$file" ||
+$as_expr X"$file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+ X"$file" : 'X\(//\)[^/]' \| \
+ X"$file" : 'X\(//\)$' \| \
+ X"$file" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$file" |
+ sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)[^/].*/{
+ s//\1/
+ q
+ }
+ /^X\(\/\/\)$/{
+ s//\1/
+ q
+ }
+ /^X\(\/\).*/{
+ s//\1/
+ q
+ }
+ s/.*/./; q'`
+ as_dir=$dirpart/$fdir; as_fn_mkdir_p
+ # echo "creating $dirpart/$file"
+ echo '# dummy' > "$dirpart/$file"
+ done
+ done
+}
+ ;;
+ "libtool":C)
+
+ # See if we are running on zsh, and set the options which allow our
+ # commands through without removal of \ escapes.
+ if test -n "${ZSH_VERSION+set}" ; then
+ setopt NO_GLOB_SUBST
+ fi
+
+ cfgfile="${ofile}T"
+ trap "$RM \"$cfgfile\"; exit 1" 1 2 15
+ $RM "$cfgfile"
+
+ cat <<_LT_EOF >> "$cfgfile"
+#! $SHELL
+
+# `$ECHO "$ofile" | sed 's%^.*/%%'` - Provide generalized library-building support services.
+# Generated automatically by $as_me ($PACKAGE$TIMESTAMP) $VERSION
+# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`:
+# NOTE: Changes made to this file will be lost: look at ltmain.sh.
+#
+# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005,
+# 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
+# Written by Gordon Matzigkeit, 1996
+#
+# This file is part of GNU Libtool.
+#
+# GNU Libtool is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 2 of
+# the License, or (at your option) any later version.
+#
+# As a special exception to the GNU General Public License,
+# if you distribute this file as part of a program or library that
+# is built using GNU Libtool, you may include this file under the
+# same distribution terms that you use for the rest of that program.
+#
+# GNU Libtool is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GNU Libtool; see the file COPYING. If not, a copy
+# can be downloaded from http://www.gnu.org/licenses/gpl.html, or
+# obtained by writing to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+
+# The names of the tagged configurations supported by this script.
+available_tags=""
+
+# ### BEGIN LIBTOOL CONFIG
+
+# Which release of libtool.m4 was used?
+macro_version=$macro_version
+macro_revision=$macro_revision
+
+# Whether or not to build shared libraries.
+build_libtool_libs=$enable_shared
+
+# Whether or not to build static libraries.
+build_old_libs=$enable_static
+
+# What type of objects to build.
+pic_mode=$pic_mode
+
+# Whether or not to optimize for fast installation.
+fast_install=$enable_fast_install
+
+# Shell to use when invoking shell scripts.
+SHELL=$lt_SHELL
+
+# An echo program that protects backslashes.
+ECHO=$lt_ECHO
+
+# The PATH separator for the build system.
+PATH_SEPARATOR=$lt_PATH_SEPARATOR
+
+# The host system.
+host_alias=$host_alias
+host=$host
+host_os=$host_os
+
+# The build system.
+build_alias=$build_alias
+build=$build
+build_os=$build_os
+
+# A sed program that does not truncate output.
+SED=$lt_SED
+
+# Sed that helps us avoid accidentally triggering echo(1) options like -n.
+Xsed="\$SED -e 1s/^X//"
+
+# A grep program that handles long lines.
+GREP=$lt_GREP
+
+# An ERE matcher.
+EGREP=$lt_EGREP
+
+# A literal string matcher.
+FGREP=$lt_FGREP
+
+# A BSD- or MS-compatible name lister.
+NM=$lt_NM
+
+# Whether we need soft or hard links.
+LN_S=$lt_LN_S
+
+# What is the maximum length of a command?
+max_cmd_len=$max_cmd_len
+
+# Object file suffix (normally "o").
+objext=$ac_objext
+
+# Executable file suffix (normally "").
+exeext=$exeext
+
+# whether the shell understands "unset".
+lt_unset=$lt_unset
+
+# turn spaces into newlines.
+SP2NL=$lt_lt_SP2NL
+
+# turn newlines into spaces.
+NL2SP=$lt_lt_NL2SP
+
+# convert \$build file names to \$host format.
+to_host_file_cmd=$lt_cv_to_host_file_cmd
+
+# convert \$build files to toolchain format.
+to_tool_file_cmd=$lt_cv_to_tool_file_cmd
+
+# An object symbol dumper.
+OBJDUMP=$lt_OBJDUMP
+
+# Method to check whether dependent libraries are shared objects.
+deplibs_check_method=$lt_deplibs_check_method
+
+# Command to use when deplibs_check_method = "file_magic".
+file_magic_cmd=$lt_file_magic_cmd
+
+# How to find potential files when deplibs_check_method = "file_magic".
+file_magic_glob=$lt_file_magic_glob
+
+# Find potential files using nocaseglob when deplibs_check_method = "file_magic".
+want_nocaseglob=$lt_want_nocaseglob
+
+# DLL creation program.
+DLLTOOL=$lt_DLLTOOL
+
+# Command to associate shared and link libraries.
+sharedlib_from_linklib_cmd=$lt_sharedlib_from_linklib_cmd
+
+# The archiver.
+AR=$lt_AR
+
+# Flags to create an archive.
+AR_FLAGS=$lt_AR_FLAGS
+
+# How to feed a file listing to the archiver.
+archiver_list_spec=$lt_archiver_list_spec
+
+# A symbol stripping program.
+STRIP=$lt_STRIP
+
+# Commands used to install an old-style archive.
+RANLIB=$lt_RANLIB
+old_postinstall_cmds=$lt_old_postinstall_cmds
+old_postuninstall_cmds=$lt_old_postuninstall_cmds
+
+# Whether to use a lock for old archive extraction.
+lock_old_archive_extraction=$lock_old_archive_extraction
+
+# A C compiler.
+LTCC=$lt_CC
+
+# LTCC compiler flags.
+LTCFLAGS=$lt_CFLAGS
+
+# Take the output of nm and produce a listing of raw symbols and C names.
+global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe
+
+# Transform the output of nm in a proper C declaration.
+global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl
+
+# Transform the output of nm in a C name address pair.
+global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address
+
+# Transform the output of nm in a C name address pair when lib prefix is needed.
+global_symbol_to_c_name_address_lib_prefix=$lt_lt_cv_sys_global_symbol_to_c_name_address_lib_prefix
+
+# Specify filename containing input files for \$NM.
+nm_file_list_spec=$lt_nm_file_list_spec
+
+# The root where to search for dependent libraries,and in which our libraries should be installed.
+lt_sysroot=$lt_sysroot
+
+# The name of the directory that contains temporary libtool files.
+objdir=$objdir
+
+# Used to examine libraries when file_magic_cmd begins with "file".
+MAGIC_CMD=$MAGIC_CMD
+
+# Must we lock files when doing compilation?
+need_locks=$lt_need_locks
+
+# Manifest tool.
+MANIFEST_TOOL=$lt_MANIFEST_TOOL
+
+# Tool to manipulate archived DWARF debug symbol files on Mac OS X.
+DSYMUTIL=$lt_DSYMUTIL
+
+# Tool to change global to local symbols on Mac OS X.
+NMEDIT=$lt_NMEDIT
+
+# Tool to manipulate fat objects and archives on Mac OS X.
+LIPO=$lt_LIPO
+
+# ldd/readelf like tool for Mach-O binaries on Mac OS X.
+OTOOL=$lt_OTOOL
+
+# ldd/readelf like tool for 64 bit Mach-O binaries on Mac OS X 10.4.
+OTOOL64=$lt_OTOOL64
+
+# Old archive suffix (normally "a").
+libext=$libext
+
+# Shared library suffix (normally ".so").
+shrext_cmds=$lt_shrext_cmds
+
+# The commands to extract the exported symbol list from a shared archive.
+extract_expsyms_cmds=$lt_extract_expsyms_cmds
+
+# Variables whose values should be saved in libtool wrapper scripts and
+# restored at link time.
+variables_saved_for_relink=$lt_variables_saved_for_relink
+
+# Do we need the "lib" prefix for modules?
+need_lib_prefix=$need_lib_prefix
+
+# Do we need a version for libraries?
+need_version=$need_version
+
+# Library versioning type.
+version_type=$version_type
+
+# Shared library runtime path variable.
+runpath_var=$runpath_var
+
+# Shared library path variable.
+shlibpath_var=$shlibpath_var
+
+# Is shlibpath searched before the hard-coded library search path?
+shlibpath_overrides_runpath=$shlibpath_overrides_runpath
+
+# Format of library name prefix.
+libname_spec=$lt_libname_spec
+
+# List of archive names. First name is the real one, the rest are links.
+# The last name is the one that the linker finds with -lNAME
+library_names_spec=$lt_library_names_spec
+
+# The coded name of the library, if different from the real name.
+soname_spec=$lt_soname_spec
+
+# Permission mode override for installation of shared libraries.
+install_override_mode=$lt_install_override_mode
+
+# Command to use after installation of a shared archive.
+postinstall_cmds=$lt_postinstall_cmds
+
+# Command to use after uninstallation of a shared archive.
+postuninstall_cmds=$lt_postuninstall_cmds
+
+# Commands used to finish a libtool library installation in a directory.
+finish_cmds=$lt_finish_cmds
+
+# As "finish_cmds", except a single script fragment to be evaled but
+# not shown.
+finish_eval=$lt_finish_eval
+
+# Whether we should hardcode library paths into libraries.
+hardcode_into_libs=$hardcode_into_libs
+
+# Compile-time system search path for libraries.
+sys_lib_search_path_spec=$lt_sys_lib_search_path_spec
+
+# Run-time system search path for libraries.
+sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec
+
+# Whether dlopen is supported.
+dlopen_support=$enable_dlopen
+
+# Whether dlopen of programs is supported.
+dlopen_self=$enable_dlopen_self
+
+# Whether dlopen of statically linked programs is supported.
+dlopen_self_static=$enable_dlopen_self_static
+
+# Commands to strip libraries.
+old_striplib=$lt_old_striplib
+striplib=$lt_striplib
+
+# Assembler program.
+AS=$lt_AS
+
+
+# The linker used to build libraries.
+LD=$lt_LD
+
+# How to create reloadable object files.
+reload_flag=$lt_reload_flag
+reload_cmds=$lt_reload_cmds
+
+# Commands used to build an old-style archive.
+old_archive_cmds=$lt_old_archive_cmds
+
+# A language specific compiler.
+CC=$lt_compiler
+
+# Is the compiler the GNU compiler?
+with_gcc=$GCC
+
+# Compiler flag to turn off builtin functions.
+no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag
+
+# Additional compiler flags for building library objects.
+pic_flag=$lt_lt_prog_compiler_pic
+
+# How to pass a linker flag through the compiler.
+wl=$lt_lt_prog_compiler_wl
+
+# Compiler flag to prevent dynamic linking.
+link_static_flag=$lt_lt_prog_compiler_static
+
+# Does compiler simultaneously support -c and -o options?
+compiler_c_o=$lt_lt_cv_prog_compiler_c_o
+
+# Whether or not to add -lc for building shared libraries.
+build_libtool_need_lc=$archive_cmds_need_lc
+
+# Whether or not to disallow shared libs when runtime libs are static.
+allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes
+
+# Compiler flag to allow reflexive dlopens.
+export_dynamic_flag_spec=$lt_export_dynamic_flag_spec
+
+# Compiler flag to generate shared objects directly from archives.
+whole_archive_flag_spec=$lt_whole_archive_flag_spec
+
+# Whether the compiler copes with passing no objects directly.
+compiler_needs_object=$lt_compiler_needs_object
+
+# Create an old-style archive from a shared archive.
+old_archive_from_new_cmds=$lt_old_archive_from_new_cmds
+
+# Create a temporary old-style archive to link instead of a shared archive.
+old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds
+
+# Commands used to build a shared archive.
+archive_cmds=$lt_archive_cmds
+archive_expsym_cmds=$lt_archive_expsym_cmds
+
+# Commands used to build a loadable module if different from building
+# a shared archive.
+module_cmds=$lt_module_cmds
+module_expsym_cmds=$lt_module_expsym_cmds
+
+# Whether we are building with GNU ld or not.
+with_gnu_ld=$lt_with_gnu_ld
+
+# Flag that allows shared libraries with undefined symbols to be built.
+allow_undefined_flag=$lt_allow_undefined_flag
+
+# Flag that enforces no undefined symbols.
+no_undefined_flag=$lt_no_undefined_flag
+
+# Flag to hardcode \$libdir into a binary during linking.
+# This must work even if \$libdir does not exist
+hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec
+
+# Whether we need a single "-rpath" flag with a separated argument.
+hardcode_libdir_separator=$lt_hardcode_libdir_separator
+
+# Set to "yes" if using DIR/libNAME\${shared_ext} during linking hardcodes
+# DIR into the resulting binary.
+hardcode_direct=$hardcode_direct
+
+# Set to "yes" if using DIR/libNAME\${shared_ext} during linking hardcodes
+# DIR into the resulting binary and the resulting library dependency is
+# "absolute",i.e impossible to change by setting \${shlibpath_var} if the
+# library is relocated.
+hardcode_direct_absolute=$hardcode_direct_absolute
+
+# Set to "yes" if using the -LDIR flag during linking hardcodes DIR
+# into the resulting binary.
+hardcode_minus_L=$hardcode_minus_L
+
+# Set to "yes" if using SHLIBPATH_VAR=DIR during linking hardcodes DIR
+# into the resulting binary.
+hardcode_shlibpath_var=$hardcode_shlibpath_var
+
+# Set to "yes" if building a shared library automatically hardcodes DIR
+# into the library and all subsequent libraries and executables linked
+# against it.
+hardcode_automatic=$hardcode_automatic
+
+# Set to yes if linker adds runtime paths of dependent libraries
+# to runtime path list.
+inherit_rpath=$inherit_rpath
+
+# Whether libtool must link a program against all its dependency libraries.
+link_all_deplibs=$link_all_deplibs
+
+# Set to "yes" if exported symbols are required.
+always_export_symbols=$always_export_symbols
+
+# The commands to list exported symbols.
+export_symbols_cmds=$lt_export_symbols_cmds
+
+# Symbols that should not be listed in the preloaded symbols.
+exclude_expsyms=$lt_exclude_expsyms
+
+# Symbols that must always be exported.
+include_expsyms=$lt_include_expsyms
+
+# Commands necessary for linking programs (against libraries) with templates.
+prelink_cmds=$lt_prelink_cmds
+
+# Commands necessary for finishing linking programs.
+postlink_cmds=$lt_postlink_cmds
+
+# Specify filename containing input files.
+file_list_spec=$lt_file_list_spec
+
+# How to hardcode a shared library path into an executable.
+hardcode_action=$hardcode_action
+
+# ### END LIBTOOL CONFIG
+
+_LT_EOF
+
+ case $host_os in
+ aix3*)
+ cat <<\_LT_EOF >> "$cfgfile"
+# AIX sometimes has problems with the GCC collect2 program. For some
+# reason, if we set the COLLECT_NAMES environment variable, the problems
+# vanish in a puff of smoke.
+if test "X${COLLECT_NAMES+set}" != Xset; then
+ COLLECT_NAMES=
+ export COLLECT_NAMES
+fi
+_LT_EOF
+ ;;
+ esac
+
+
+ltmain="$ac_aux_dir/ltmain.sh"
+
+
+ # We use sed instead of cat because bash on DJGPP gets confused if
+ # if finds mixed CR/LF and LF-only lines. Since sed operates in
+ # text mode, it properly converts lines to CR/LF. This bash problem
+ # is reportedly fixed, but why not run on old versions too?
+ sed '$q' "$ltmain" >> "$cfgfile" \
+ || (rm -f "$cfgfile"; exit 1)
+
+ if test x"$xsi_shell" = xyes; then
+ sed -e '/^func_dirname ()$/,/^} # func_dirname /c\
+func_dirname ()\
+{\
+\ case ${1} in\
+\ */*) func_dirname_result="${1%/*}${2}" ;;\
+\ * ) func_dirname_result="${3}" ;;\
+\ esac\
+} # Extended-shell func_dirname implementation' "$cfgfile" > $cfgfile.tmp \
+ && mv -f "$cfgfile.tmp" "$cfgfile" \
+ || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+ sed -e '/^func_basename ()$/,/^} # func_basename /c\
+func_basename ()\
+{\
+\ func_basename_result="${1##*/}"\
+} # Extended-shell func_basename implementation' "$cfgfile" > $cfgfile.tmp \
+ && mv -f "$cfgfile.tmp" "$cfgfile" \
+ || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+ sed -e '/^func_dirname_and_basename ()$/,/^} # func_dirname_and_basename /c\
+func_dirname_and_basename ()\
+{\
+\ case ${1} in\
+\ */*) func_dirname_result="${1%/*}${2}" ;;\
+\ * ) func_dirname_result="${3}" ;;\
+\ esac\
+\ func_basename_result="${1##*/}"\
+} # Extended-shell func_dirname_and_basename implementation' "$cfgfile" > $cfgfile.tmp \
+ && mv -f "$cfgfile.tmp" "$cfgfile" \
+ || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+ sed -e '/^func_stripname ()$/,/^} # func_stripname /c\
+func_stripname ()\
+{\
+\ # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are\
+\ # positional parameters, so assign one to ordinary parameter first.\
+\ func_stripname_result=${3}\
+\ func_stripname_result=${func_stripname_result#"${1}"}\
+\ func_stripname_result=${func_stripname_result%"${2}"}\
+} # Extended-shell func_stripname implementation' "$cfgfile" > $cfgfile.tmp \
+ && mv -f "$cfgfile.tmp" "$cfgfile" \
+ || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+ sed -e '/^func_split_long_opt ()$/,/^} # func_split_long_opt /c\
+func_split_long_opt ()\
+{\
+\ func_split_long_opt_name=${1%%=*}\
+\ func_split_long_opt_arg=${1#*=}\
+} # Extended-shell func_split_long_opt implementation' "$cfgfile" > $cfgfile.tmp \
+ && mv -f "$cfgfile.tmp" "$cfgfile" \
+ || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+ sed -e '/^func_split_short_opt ()$/,/^} # func_split_short_opt /c\
+func_split_short_opt ()\
+{\
+\ func_split_short_opt_arg=${1#??}\
+\ func_split_short_opt_name=${1%"$func_split_short_opt_arg"}\
+} # Extended-shell func_split_short_opt implementation' "$cfgfile" > $cfgfile.tmp \
+ && mv -f "$cfgfile.tmp" "$cfgfile" \
+ || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+ sed -e '/^func_lo2o ()$/,/^} # func_lo2o /c\
+func_lo2o ()\
+{\
+\ case ${1} in\
+\ *.lo) func_lo2o_result=${1%.lo}.${objext} ;;\
+\ *) func_lo2o_result=${1} ;;\
+\ esac\
+} # Extended-shell func_lo2o implementation' "$cfgfile" > $cfgfile.tmp \
+ && mv -f "$cfgfile.tmp" "$cfgfile" \
+ || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+ sed -e '/^func_xform ()$/,/^} # func_xform /c\
+func_xform ()\
+{\
+ func_xform_result=${1%.*}.lo\
+} # Extended-shell func_xform implementation' "$cfgfile" > $cfgfile.tmp \
+ && mv -f "$cfgfile.tmp" "$cfgfile" \
+ || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+ sed -e '/^func_arith ()$/,/^} # func_arith /c\
+func_arith ()\
+{\
+ func_arith_result=$(( $* ))\
+} # Extended-shell func_arith implementation' "$cfgfile" > $cfgfile.tmp \
+ && mv -f "$cfgfile.tmp" "$cfgfile" \
+ || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+ sed -e '/^func_len ()$/,/^} # func_len /c\
+func_len ()\
+{\
+ func_len_result=${#1}\
+} # Extended-shell func_len implementation' "$cfgfile" > $cfgfile.tmp \
+ && mv -f "$cfgfile.tmp" "$cfgfile" \
+ || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+fi
+
+if test x"$lt_shell_append" = xyes; then
+ sed -e '/^func_append ()$/,/^} # func_append /c\
+func_append ()\
+{\
+ eval "${1}+=\\${2}"\
+} # Extended-shell func_append implementation' "$cfgfile" > $cfgfile.tmp \
+ && mv -f "$cfgfile.tmp" "$cfgfile" \
+ || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+ sed -e '/^func_append_quoted ()$/,/^} # func_append_quoted /c\
+func_append_quoted ()\
+{\
+\ func_quote_for_eval "${2}"\
+\ eval "${1}+=\\\\ \\$func_quote_for_eval_result"\
+} # Extended-shell func_append_quoted implementation' "$cfgfile" > $cfgfile.tmp \
+ && mv -f "$cfgfile.tmp" "$cfgfile" \
+ || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+ # Save a `func_append' function call where possible by direct use of '+='
+ sed -e 's%func_append \([a-zA-Z_]\{1,\}\) "%\1+="%g' $cfgfile > $cfgfile.tmp \
+ && mv -f "$cfgfile.tmp" "$cfgfile" \
+ || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+ test 0 -eq $? || _lt_function_replace_fail=:
+else
+ # Save a `func_append' function call even when '+=' is not available
+ sed -e 's%func_append \([a-zA-Z_]\{1,\}\) "%\1="$\1%g' $cfgfile > $cfgfile.tmp \
+ && mv -f "$cfgfile.tmp" "$cfgfile" \
+ || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+ test 0 -eq $? || _lt_function_replace_fail=:
+fi
+
+if test x"$_lt_function_replace_fail" = x":"; then
+ { $as_echo "$as_me:${as_lineno-16028}: WARNING: Unable to substitute extended shell functions in $ofile" >&5
+$as_echo "$as_me: WARNING: Unable to substitute extended shell functions in $ofile" >&2;}
+fi
+
+
+ mv -f "$cfgfile" "$ofile" ||
+ (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile")
+ chmod +x "$ofile"
+
+ ;;
+
+ esac
+done # for ac_tag
+
+
+as_fn_exit 0
+_ACEOF
+ac_clean_files=$ac_clean_files_save
+
+test $ac_write_fail = 0 ||
+ as_fn_error $? "write failure creating $CONFIG_STATUS" "16048" 5
+
+
+# configure is writing to config.log, and then calls config.status.
+# config.status does its own redirection, appending to config.log.
+# Unfortunately, on DOS this fails, as config.log is still kept open
+# by configure, so config.status won't be able to write to it; its
+# output is simply discarded. So we exec the FD to /dev/null,
+# effectively closing config.log, so it can be properly (re)opened and
+# appended to by config.status. When coming back to configure, we
+# need to make the FD available again.
+if test "$no_create" != yes; then
+ ac_cs_success=:
+ ac_config_status_args=
+ test "$silent" = yes &&
+ ac_config_status_args="$ac_config_status_args --quiet"
+ exec 5>/dev/null
+ $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false
+ exec 5>>config.log
+ # Use ||, not &&, to avoid exiting from the if with $? = 1, which
+ # would make configure fail if this is the last instruction.
+ $ac_cs_success || as_fn_exit 1
+fi
+if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then
+ { $as_echo "$as_me:${as_lineno-16072}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5
+$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;}
+fi
+
+
+echo -ne "\n"
+echo "global build variables"
+echo "-----------------------------------------"
+echo `date`
+echo "host info: $host"
+echo "optimized build: $with_enable_optimized"
+echo "compiler (CC): $CC"
+echo "LDFLAGS: $LDFLAGS"
+echo "CPPFLAGS: $CPPFLAGS"
+echo "CFLAGS: $CFLAGS"
+echo "LEX: $LEX"
+echo "AM_LFLAGS: $AM_LFLAGS"
+echo "LFLAGS: $LFLAGS"
+echo "YACC: $YACC"
+echo "AM_YFLAGS: $AM_YFLAGS"
+echo "YFLAGS: $YFLAGS"
+echo "-----------------------------------------"
+echo -ne "\n"
+
+
+
diff --git a/moon-abe/pbc-0.5.14/debian/.gitignore b/moon-abe/pbc-0.5.14/debian/.gitignore
new file mode 100644
index 00000000..6bb833b9
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/debian/.gitignore
@@ -0,0 +1,10 @@
+libpbc
+libpbc0
+files
+libpbc.substvars
+libpbc-dev
+libpbc0.postinst.debhelper
+libpbc0.postrm.debhelper
+libpbc0.substvars
+libpbc-dev.substvars
+*.log
diff --git a/moon-abe/pbc-0.5.14/debian/README.Debian b/moon-abe/pbc-0.5.14/debian/README.Debian
new file mode 100644
index 00000000..a660a0f1
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/debian/README.Debian
@@ -0,0 +1,6 @@
+libpbc for Debian
+-----------------
+
+<possible notes regarding this package - if none, delete this file>
+
+ -- Paul Miller <jettero@gmail.com> Wed, 02 Jan 2008 07:00:03 -0500
diff --git a/moon-abe/pbc-0.5.14/debian/changelog b/moon-abe/pbc-0.5.14/debian/changelog
new file mode 100644
index 00000000..1e587ae8
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/debian/changelog
@@ -0,0 +1,137 @@
+libpbc (0.5.10) unstable; urgency=low
+
+ * GIT DIFF STAT (from 0.5.9 to 0.5.10):
+ * NEWS | 4 +++
+ * configure.ac | 2 +-
+ * debian/.gitignore | 1 +
+ * debian/changelog | 57 +++++++++++++++++++++++++++++++++++++++++++++++
+ * debian/control | 8 +++---
+ * debian/copyright | 6 ++--
+ * debian/mv_things.sh | 8 +++++-
+ * doc/Makefile | 2 +-
+ * doc/preface.txt | 2 +-
+ * ecc/pairing.c | 14 ++++++-----
+ * guru/prodpairing_test.c | 44 ++++++++++++++++++++++++++++++++++++
+ * include/pbc_pairing.h | 4 +--
+ * makedeb.sh | 8 ------
+ * simple.make | 19 ++++++++++++++-
+ * test | 21 +++++++++++-----
+ * 15 files changed, 163 insertions(+), 37 deletions(-)
+
+ -- Paul Miller <jettero@cpan.org> Sun, 24 Oct 2010 07:36:53 -0400
+
+libpbc (0.5.9) unstable; urgency=low
+
+ * GIT DIFF STAT (from 0.5.8 to 0.5.9):
+ * NEWS | 5 +++++
+ * arith/field.c | 10 ++++++++--
+ * configure.ac | 2 +-
+ * debian/.gitignore | 1 +
+ * debian/changelog | 38 ++++++++++++++++++++++++++++++++++++++
+ * debian/control | 8 ++++----
+ * debian/copyright | 6 +++---
+ * debian/mv_things.sh | 8 ++++++--
+ * doc/preface.txt | 2 +-
+ * ecc/pairing.c | 4 +---
+ * include/pbc_pairing.h | 4 ----
+ * makedeb.sh | 8 --------
+ * 12 files changed, 68 insertions(+), 28 deletions(-)
+
+ -- Paul Miller <jettero@cpan.org> Fri, 22 Oct 2010 09:12:15 -0400
+
+libpbc (0.5.8) unstable; urgency=low
+
+ * GIT DIFF STAT (from 0.5.7-1):
+ * COPYING | 827 +++++++++++--------------------------------------------
+ * NEWS | 4 +
+ * configure.ac | 2 +-
+ * doc/preface.txt | 2 +-
+ * 4 files changed, 165 insertions(+), 670 deletions(-)
+
+ -- Paul Miller <jettero@cpan.org> Mon, 17 May 2010 20:21:34 -0400
+
+libpbc (0.5.7-1) unstable; urgency=low
+
+ * Bugfixes and speadups
+ * a couple new functions
+
+ -- Paul Miller <jettero@gmail.com> Mon, 25 Jan 2010 08:47:00 -0500
+
+libpbc (0.5.6-1) unstable; urgency=low
+
+ * Projective coordinates for A1 pairings. Contributed by Zhang Ye.
+ * Bugfix for affine coordinates for A pairings. Contributed by Zhang Ye.
+ * Optionally suppress error messages. Based on code by Geremy Condra.
+
+ -- Paul Miller <jettero@gmail.com> Mon, 9 Nov 2009 07:05:00 -0500
+
+libpbc (0.5.5-2) unstable; urgency=low
+
+ * Trying out the new bison/flex rules in configure.ac
+
+ -- Paul Miller <jettero@gmail.com> Thu, 15 Aug 2009 09:41:00 -0400
+
+libpbc (0.5.5-1) unstable; urgency=low
+
+ * Bugfixes, et al
+
+ -- Paul Miller <jettero@gmail.com> Thu, 15 Aug 2009 09:41:00 -0400
+
+libpbc (0.5.4-1) unstable; urgency=low
+
+ * * Accessors for coordinates of points and coefficients of polynomials.
+
+ -- Paul Miller <jettero@gmail.com> Mon, 24 Aug 2009 21:27:00 -0400
+
+libpbc (0.5.3-1) unstable; urgency=low
+
+ * Revamped pairing-based calculator.
+
+ -- Paul Miller <jettero@gmail.com> Mon, 17 Aug 2009 16:00:00 -0400
+
+libpbc (0.5.2-1) unstable; urgency=low
+
+ * Fixed pbc_param_set_str().
+ * Add DLL to Windows release.
+
+ -- Paul Miller <jettero@gmail.com> Wed, 05 Aug 2009 14:53:00 -0400
+
+libpbc (0.5.1-2) unstable; urgency=low
+
+ * pulled in the actual 0.5.1 files for this pack job
+
+ -- Paul Miller <jettero@gmail.com> Thu, 30 Jul 2009 13:10:00 -0400
+
+libpbc (0.5.1-1) unstable; urgency=low
+
+ * bugfixes for the new param init stuff
+
+ -- Paul Miller <jettero@gmail.com> Wed, 29 Jul 2009 20:50:00 -0400
+
+libpbc (0.5.0-1) unstable; urgency=low
+
+ * init and pairing params changes
+ * refactored the API a bit, removed various things, exposed some things
+ * refactored to avoid symbol pollution.
+
+ -- Paul Miller <jettero@gmail.com> Wed, 29 Jul 2009 08:57:00 -0400
+
+libpbc (0.4.19-1) unstable; urgency=low
+
+ * I decided to roll this into libpbc on gibhub.
+
+ -- Paul Miller <jettero@gmail.com> Wed, 06 May 2009 14:43:00 -0400
+
+libpbc (0.4.18-1) unstable; urgency=low
+
+ * I have my doubts about whether this will fix the bug I've been waiting on
+ for over a year, but I might as well build the thing.
+
+ -- Paul Miller <jettero@gmail.com> Sat, 05 Jul 2008 07:05:00 -0400
+
+libpbc (0.4.12-2) unstable; urgency=low
+
+ * yeah, I did the -1 revision totally wrong, this'll probably be 100% better.
+
+ -- Paul Miller <jettero@gmail.com> Wed, 02 Jan 2008 07:00:03 -0500
+
diff --git a/moon-abe/pbc-0.5.14/debian/compat b/moon-abe/pbc-0.5.14/debian/compat
new file mode 100644
index 00000000..7ed6ff82
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/debian/compat
@@ -0,0 +1 @@
+5
diff --git a/moon-abe/pbc-0.5.14/debian/control b/moon-abe/pbc-0.5.14/debian/control
new file mode 100644
index 00000000..219ed4d1
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/debian/control
@@ -0,0 +1,54 @@
+Source: libpbc
+Priority: extra
+Maintainer: Paul Miller <jettero@gmail.com>
+Build-Depends: debhelper (>= 5), autotools-dev, gentoo-functions, libreadline-dev
+Standards-Version: 3.7.2
+Section: libs
+
+Package: libpbc-dev
+Section: libdevel
+Architecture: any
+Depends: libpbc0 (= ${Source-Version})
+Description: Pairing-Based Cryptography Library
+ Pairing-based cryptography is a relatively young area of cryptography that
+ revolves around a certain function with special properties.
+ The PBC (Pairing-Based Cryptography) library is a free C library (released
+ under the Lesser GNU Public License) built on the GMP library that performs
+ the mathematical operations underlying pairing-based cryptosystem.
+ The PBC library is designed to be the backbone of implementations of
+ pairing-based cryptosystems, thus speed and portability are important goals.
+ It provides routines such as elliptic curve generation, elliptic curve
+ arithmetic and pairing computation. Thanks to the GMP library, despite being
+ written in C, pairings times are reasonable.
+ The API is abstract enough that the PBC library can be used even if the
+ programmer possesses only an elementary understanding of pairings. There is
+ no need to learn about elliptic curves or much of number theory. (The minimum
+ requirement is some knowledge of cyclic groups and properties of the
+ pairing.)
+ This tutorial shows how to implement a pairing-based cryptosystem in a few
+ lines using the PBC library.
+ The PBC library can also be used to build conventional cryptosystems.
+
+Package: libpbc0
+Section: libs
+Architecture: any
+Depends: ${shlibs:Depends}
+Description: Pairing-Based Cryptography Library
+ Pairing-based cryptography is a relatively young area of cryptography that
+ revolves around a certain function with special properties.
+ The PBC (Pairing-Based Cryptography) library is a free C library (released
+ under the Lesser GNU Public License) built on the GMP library that performs
+ the mathematical operations underlying pairing-based cryptosystem.
+ The PBC library is designed to be the backbone of implementations of
+ pairing-based cryptosystems, thus speed and portability are important goals.
+ It provides routines such as elliptic curve generation, elliptic curve
+ arithmetic and pairing computation. Thanks to the GMP library, despite being
+ written in C, pairings times are reasonable.
+ The API is abstract enough that the PBC library can be used even if the
+ programmer possesses only an elementary understanding of pairings. There is
+ no need to learn about elliptic curves or much of number theory. (The minimum
+ requirement is some knowledge of cyclic groups and properties of the
+ pairing.)
+ This tutorial shows how to implement a pairing-based cryptosystem in a few
+ lines using the PBC library.
+ The PBC library can also be used to build conventional cryptosystems.
diff --git a/moon-abe/pbc-0.5.14/debian/copyright b/moon-abe/pbc-0.5.14/debian/copyright
new file mode 100644
index 00000000..f3f43f76
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/debian/copyright
@@ -0,0 +1,19 @@
+This package was debianized by Paul Miller <jettero@gmail.com> on
+Wed, 02 Jan 2008 07:00:03 -0500.
+
+It was downloaded from <http://crypto.stanford.edu/pbc/>
+
+Upstream Author(s):
+
+ Ben Lynn <http://crypto.stanford.edu/~blynn/>
+
+Copyright:
+
+ <Copyright (C) 2010 Ben Lynn of Stanford>
+
+License:
+
+ LGPL
+
+The Debian packaging is (C) 2010, Paul Miller <jettero@gmail.com> and
+is licensed under the GPL, see `/usr/share/common-licenses/GPL'.
diff --git a/moon-abe/pbc-0.5.14/debian/docs b/moon-abe/pbc-0.5.14/debian/docs
new file mode 100644
index 00000000..50bd824b
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/debian/docs
@@ -0,0 +1,2 @@
+NEWS
+README
diff --git a/moon-abe/pbc-0.5.14/debian/mv_things.sh b/moon-abe/pbc-0.5.14/debian/mv_things.sh
new file mode 100644
index 00000000..9d6f248e
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/debian/mv_things.sh
@@ -0,0 +1,53 @@
+#!/bin/bash
+
+# this is all from my ebuild (no doi)
+
+function die() {
+ echo mv_things.sh ERROR
+ exit 1
+}
+
+if [ -z "$1" ]; then
+ echo "no dest dir given?"
+ exit 1
+fi
+
+D=$1
+Ex=${D}/usr/share/doc/libpbc0/examples/
+Ox=`pwd`
+mkdir -p ${Ex}/src
+
+echo "installing examples to ${Ex}"
+
+install -o 0 -g 0 -m 755 gen/genalldparams ${Ex} || die
+install -o 0 -g 0 -m 755 benchmark/report_times ${Ex}/run_tests || die
+
+cp -r param/ ${Ex}/ || die
+cp {pbc,benchmark,gen,example}/*.c ${Ex}/src || die
+rm ${Ex}/src/*.readline.c || die
+
+find ${Ex} -type d -exec chmod 755 {} \; || die
+find ${Ex} -type f -exec chmod 644 {} \; || die
+
+#install -o 0 -g 0 -m 644 exmakefile ${Ex}/src/Makefile
+install -o 0 -g 0 -m 755 -d ${D}/usr/bin/ || die
+
+echo "building a real pbc"
+(cd pbc; gcc -c pbc_getline.readline.c)
+gcc -o realpbc -I. -Iinclude pbc/pbc.c -L .libs -lpbc pbc/pbc_getline.readline.o -lreadline pbc_pbc-symtab.o pbc_pbc-parser.tab.o pbc_pbc-darray.o pbc_pbc-lex.yy.o
+
+echo "installing the pbc binary"
+install -o 0 -g 0 -m 755 realpbc ${D}/usr/bin/pbc || die
+rm realpbc
+
+DEV=`echo ${D}-dev | sed s/libpbc0-dev/libpbc-dev/`
+mkdir -p ${DEV}/usr/share/doc/libpbc0
+mkdir -p ${DEV}/usr/include
+mkdir -p ${DEV}/usr/bin
+mkdir -p ${DEV}/usr/lib
+
+mv ${D}/usr/lib/* ${DEV}/usr/lib
+mv ${DEV}/usr/lib/libpbc*.so.* ${D}/usr/lib
+mv ${D}/usr/include/pbc ${DEV}/usr/include/
+mv ${D}/usr/bin/pbc ${DEV}/usr/bin/
+mv ${D}/usr/share/doc/libpbc0/examples ${DEV}/usr/share/doc
diff --git a/moon-abe/pbc-0.5.14/debian/rules b/moon-abe/pbc-0.5.14/debian/rules
new file mode 100644
index 00000000..3bd1829b
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/debian/rules
@@ -0,0 +1,117 @@
+#!/usr/bin/make -f
+# -*- makefile -*-
+# Sample debian/rules that uses debhelper.
+# This file was originally written by Joey Hess and Craig Small.
+# As a special exception, when this file is copied by dh-make into a
+# dh-make output file, you may use that output file without restriction.
+# This special exception was added by Craig Small in version 0.37 of dh-make.
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+
+# These are used for cross-compiling and for saving the configure script
+# from having to guess our platform (since we know it already)
+DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE)
+DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
+SHELL=/bin/bash
+
+
+CFLAGS = -Wall -g
+
+ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
+ CFLAGS += -O0
+else
+ CFLAGS += -O2
+endif
+
+# shared library versions, option 1
+version=2.0.5
+major=2
+# option 2, assuming the library is created as src/.libs/libfoo.so.2.0.5 or so
+#version=`ls src/.libs/lib*.so.* | \
+# awk '{if (match($$0,/[0-9]+\.[0-9]+\.[0-9]+$$/)) print substr($$0,RSTART)}'`
+#major=`ls src/.libs/lib*.so.* | \
+# awk '{if (match($$0,/\.so\.[0-9]+$$/)) print substr($$0,RSTART+4)}'`
+
+config.status: configure
+ dh_testdir
+ # Add here commands to configure the package.
+ifneq "$(wildcard /usr/share/misc/config.sub)" ""
+ cp -f /usr/share/misc/config.sub config.sub
+endif
+ifneq "$(wildcard /usr/share/misc/config.guess)" ""
+ cp -f /usr/share/misc/config.guess config.guess
+endif
+ ./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) --prefix=/usr --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info CFLAGS="$(CFLAGS)" LDFLAGS="-Wl,-z,defs"
+
+configure:
+ [ -x ./configure ] || ./setup
+
+build: build-stamp
+build-stamp: config.status
+ dh_testdir
+
+ # Add here commands to compile the package.
+ $(MAKE) -j3
+
+ touch $@
+
+clean:
+ dh_testdir
+ dh_testroot
+ rm -f build-stamp
+
+ # Add here commands to clean up after the build process.
+ -$(MAKE) distclean
+ # rm -f config.sub config.guess
+
+ dh_clean
+
+install: build
+ dh_testdir
+ dh_testroot
+ dh_clean -k
+ dh_installdirs
+
+ # Add here commands to install the package into debian/tmp
+ $(MAKE) DESTDIR=$(CURDIR)/debian/libpbc0 install
+ bash debian/mv_things.sh $(CURDIR)/debian/libpbc0
+
+# Build architecture-independent files here.
+binary-indep: build install
+# We have nothing to do by default.
+
+# Build architecture-dependent files here.
+binary-arch: build install
+ dh_testdir
+ dh_testroot
+ dh_installchangelogs NEWS
+ dh_installdocs README COPYING AUTHORS
+ dh_installexamples
+# dh_install
+# dh_installmenu
+# dh_installdebconf
+# dh_installlogrotate
+# dh_installemacsen
+# dh_installpam
+# dh_installmime
+# dh_installinit
+# dh_installcron
+# dh_installinfo
+ dh_installman
+ dh_link
+ dh_strip
+ dh_compress
+ dh_fixperms
+# dh_perl
+# dh_python
+ dh_makeshlibs
+ dh_installdeb
+ dh_shlibdeps
+ dh_gencontrol
+ dh_md5sums
+ dh_builddeb
+
+binary: binary-indep binary-arch
+.PHONY: build clean binary-indep binary-arch binary install
diff --git a/moon-abe/pbc-0.5.14/doc/basics.txt b/moon-abe/pbc-0.5.14/doc/basics.txt
new file mode 100644
index 00000000..c9549f72
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/doc/basics.txt
@@ -0,0 +1,58 @@
+=== Basics ===
+
+Programs using the PBC library should include the file `pbc.h`:
+
+ #include <pbc.h>
+
+and linked against the PBC library and the GMP library, e.g.
+
+ $ gcc program.c -L. -lpbc -lgmp
+
+The file `pbc.h` already includes `gmp.h`.
+
+PBC follows GMP in several respects:
+
+* Output arguments generally precede input arguments.
+* The same variable can be used as input and output in one call.
+* Before a variable may be used it must be initialized exactly once.
+When no longer needed it must be cleared. For efficiency, unnecessary
+initializating and clearing should be avoided.
+* PBC variables ending with +_t+ behave the same as
+GMP variables in function calls: effectively as call-by references.
+In other words, as in GMP, if a function that modifies an input variable,
+that variable remains modified when control return is returned to the caller.
+* Like GMP, variables automatically allocate memory when needed.
+By default, +malloc()+ and friends are called but this can be changed.
+* PBC functions are mostly reentrant.
+
+Since the PBC library is built on top of GMP, the GMP types
+are available. PBC types are similar to GMP types.
+The following example is paraphrased from an example in the GMP
+manual, and shows how to declare the PBC data type +element_t+.
+
+ element_t sum;
+ struct foo { element_t x, y; };
+ element_t vec[20];
+
+GMP has the +mpz_t+ type for integers, +mpq_t+ for rationals and so on.
+In contrast, PBC uses the +element_t+ data type for elements of different
+algebraic structures, such as elliptic curve groups, polynomial rings and
+finite fields. Functions assume their inputs come from appropriate algebraic
+structures.
+
+PBC data types and functions can be categorized as follows. The first two alone
+suffice for a range of applications.
+
+ - +element_t+: elements of an algebraic structure.
+ - +pairing_t+: pairings where elements belong; can initialize from sample
+ pairing parameters bundled with PBC in the +param+ subdirectory.
+ - +pbc_param_t+: used to generate pairing parameters.
+ - +pbc_cm_t+: parameters for constructing curves via the CM method; sometimes
+ required by +pbc_param_t+.
+ - +field_t+: algebraic structures: groups, rings and fields; used internally
+ by +pairing_t+.
+ - a few miscellaneous functions, such as ones controlling how random bits are
+ generated.
+
+Functions operating on a given data type usually have the same prefix, e.g.
+those involving +element_t+ objects begin with +element_+.
diff --git a/moon-abe/pbc-0.5.14/doc/bundle.txt b/moon-abe/pbc-0.5.14/doc/bundle.txt
new file mode 100644
index 00000000..13256d83
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/doc/bundle.txt
@@ -0,0 +1,119 @@
+[[bundlechap]]
+== Bundled programs ==
+
+Several binaries and curve parameters are bundled with the PBC library,
+such as <<pbcintro, the `pbc` program>>.
+
+The `param` subdirectory contains pairing parameters one might use in
+a real cryptosystem. Many of the test programs read the parameters
+from files such as these on standard input, for example:
+
+ $ benchmark/benchmark < param/c159.param
+ $ example/bls < param/e.param
+
+[[pbcref]]
+=== Pairing-based calculator ===
+
+The `pbc` subdirectory contains the pairing-based calculator, `pbc`,
+which is loosely based on `bc`, a well-known arbitrary precision
+calculator.
+
+See `pairing_test.pbc` for an example script. Some differences: the assignment
+operator is `:=`, and newlines are ordinary whitespace and not statement
+terminators.
+
+If started with the `-y` option, the syntax is compatible with `bc`: newlines
+are treated as statement terminators and `=` is assignment. Additionally,
+`pbc` displays a prompt. This mode may be easier for beginners.
+
+Initially, the variables G1, G2, GT and Zr are represent groups associated with
+a particular A pairing.
+
+An element is represented with a tree of integers, such as `[[1,2], 3]`, or
+`4`.
+
+Assignments such as `variable := expression;` return the value of the variable.
+
+The arithmetic operators `+, -, /, *, ^` have the standard precedence.
+The C comparison operators and ternary operator are available.
+
+Each statement should be terminated by a semicolon.
+
+Comments are the same as in (original) C, or begin with "#" and end at a
+newline.
+
+Some of the pbc functions:
+
++init_pairing_A()+::
+Set the variables G1, G2, GT and Zr to the groups in a particular A pairing:
++
+ init_pairing_A();
++
+Other sample pairings can be used by replacing `A` with one of `D, E, F, G`.
+
++rnd(+'G'+)+::
+Returns a random element of an algebraic structure 'G', e.g:
++
+ g := rnd(Zr);
++
+Synonym: `random`.
+
++pairing(+'g, h'+)+::
+Returns the pairing applied to 'g' and 'h'.
+The element 'g' must be an element of G1 and 'h' of G2, e.g:
++
+ pairing(rnd(G1), rnd(G2));
+
+'G'+(+'g'+)+::
+Maps an element 'g' to element of the field 'G', e.g:
++
+ Zr(123);
+ GT([456, 789]);
+
+=== Parameter generation ===
+
+Programs that generate pairing parameters are located in the `gen`
+subdirectory. Some of the programs are already functional enough to be used to
+find parameters for real applications. I need to write more documentation
+first; for now, read the source!
+
+*listmnt*::
+ Searches for discriminants D that lead to MNT curves with subgroups
+ of prime order.
+
+*genaparam*, *gena1param*, *gendparam*, *geneparam*, *genfparam*, *gengparam*::
+ Prints parameters for a curve suitable for computing pairings of a given type.
+ The output can be fed to some of the other test programs. The programs
+ `gendparam` and `gengparam` should be given a discriminant as the first
+ argument.
+
+*hilbertpoly*::
+ Prints the Hilbert polynomial for a given range of discriminants. Computing
+ the Hilbert polynomial is an intermediate step when generating type D
+ parameters.
+
+=== Example cryptosystems ===
+
+In the `example` subdirectory there are various programs that read curve
+parameters on standard input and perform computations that would be required in
+a typical implementation of a pairing-based cryptosystem. Sample schemes
+include:
+
+- Boneh-Lynn-Shacham short signatures
+- Hess identity-based signatures
+- Joux tripartite Diffie-Hellman
+- Paterson identity-based signatures
+- Yuan-Li identity-based authenticated key agreement
+- Zhang-Kim identity-based blind/ring signatures
+- Zhang-Safavi-Naini-Susilo signatures
+
+More work would be required to turn these programs into real applications.
+
+=== Benchmarks ===
+
+I use the programs in the `benchmark` subdirectory to measure running times of
+pairings, and also RSA decryptions.
+
+The `benchmark` program takes pairing parameters on standard input and reports
+the average running time of the pairing over 10 runs, while `timersa` estimates
+the time required to perform one 1024-bit RSA decryption.
diff --git a/moon-abe/pbc-0.5.14/doc/contributors.txt b/moon-abe/pbc-0.5.14/doc/contributors.txt
new file mode 100644
index 00000000..aa67c91f
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/doc/contributors.txt
@@ -0,0 +1,35 @@
+== Appendix A: Contributors ==
+
+Ben Lynn wrote the original PBC library and documentation and is still
+maintaining and developing it.
+
+Hovav Shacham wrote the multiexponentiation, sliding windows and preprocessed
+exponentiation routines, Makefile improvements, and other enhancements.
+He also helps administer the mailing list.
+
+
+Joseph Cooley wrote the GNU build system files,
+tested the library on Mac OS X, and added miscellaneous improvements.
+Among other things,
+pairings can be read from memory buffer and
+most compile-time warnings were removed.
+
+
+Rob Figueiredo and Roger Khazan wrote changes which allow the PBC library
+to be compiled on Windows (via mingw).
+
+
+Dmitry Kosolapov sent in manual corrections, and wrote
+several cryptosystem demos.
+
+
+John Bethencourt sent in many helpful patches, e.g. fixes that allow PBC to
+work on 64-bit platforms.
+
+
+Paul Miller reported bugs, manual corrections and also wrote
+the Gentoo portage overlay for PBC.
+
+
+If you're not mentioned here but should be, please let me know!
+(blynn at cs dot stanford dot edu).
diff --git a/moon-abe/pbc-0.5.14/doc/custom-nochunks.xsl b/moon-abe/pbc-0.5.14/doc/custom-nochunks.xsl
new file mode 100644
index 00000000..49256ede
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/doc/custom-nochunks.xsl
@@ -0,0 +1,22 @@
+<?xml version='1.0'?>
+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
+ xmlns:fo="http://www.w3.org/1999/XSL/Format"
+ version="1.0">
+<xsl:param name="html.stylesheet" select="'default.css'"/>
+<xsl:param name="generate.toc" select="'book toc'"/>
+<xsl:output method="html" encoding="UTF-8" indent="no"
+doctype-public="-//W3C//DTD HTML 4.01 Transitional//EN"
+/>
+<xsl:template name="user.footer.navigation">
+<script type="text/javascript">
+var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
+document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
+</script>
+<script type="text/javascript">
+try{
+var pageTracker = _gat._getTracker("UA-1901330-5");
+pageTracker._trackPageview();
+} catch(err) {}
+</script>
+</xsl:template>
+</xsl:stylesheet>
diff --git a/moon-abe/pbc-0.5.14/doc/custom-pretty.xsl b/moon-abe/pbc-0.5.14/doc/custom-pretty.xsl
new file mode 100644
index 00000000..ab619ef6
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/doc/custom-pretty.xsl
@@ -0,0 +1,32 @@
+<?xml version='1.0'?>
+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
+ xmlns:fo="http://www.w3.org/1999/XSL/Format"
+ version="1.0">
+<xsl:param name="chunk.section.depth" select="1"></xsl:param>
+<xsl:param name="chunk.first.sections" select="1"></xsl:param>
+<xsl:param name="css.decoration" select="0"></xsl:param>
+<xsl:param name="toc.list.type">ul</xsl:param>
+<xsl:param name="chunker.output.encoding" select="'UTF-8'"></xsl:param>
+<xsl:param name="chunker.output.doctype-public" select="'-//W3C//DTD HTML 4.01 Transitional//EN'"></xsl:param>
+<!-- use tidy instead
+<xsl:param name="chunker.output.indent" select="'yes'"></xsl:param>
+-->
+<xsl:param name="suppress.navigation" select="1"></xsl:param>
+<xsl:param name="generate.toc" select="'book toc'"/>
+<xsl:param name="html.stylesheet" select="'pretty.css'"/>
+
+<xsl:template name="user.footer.navigation">
+<script type="text/javascript" src="find_selflink.js"></script>
+<script type="text/javascript">
+var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
+document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
+</script>
+<script type="text/javascript">
+try{
+var pageTracker = _gat._getTracker("UA-1901330-5");
+pageTracker._trackPageview();
+} catch(err) {}
+</script>
+</xsl:template>
+
+</xsl:stylesheet>
diff --git a/moon-abe/pbc-0.5.14/doc/custom.xsl b/moon-abe/pbc-0.5.14/doc/custom.xsl
new file mode 100644
index 00000000..8fcac646
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/doc/custom.xsl
@@ -0,0 +1,24 @@
+<?xml version='1.0'?>
+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
+ xmlns:fo="http://www.w3.org/1999/XSL/Format"
+ version="1.0">
+<!--
+To chunk by chapter only:
+<xsl:param name="chunk.section.depth" select="0"></xsl:param>
+-->
+<xsl:param name="chunker.output.encoding" select="'UTF-8'"></xsl:param>
+<xsl:param name="chunker.output.doctype-public" select="'-//W3C//DTD HTML 4.01 Transitional//EN'"></xsl:param>
+
+<xsl:template name="user.footer.navigation">
+<script type="text/javascript">
+var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
+document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
+</script>
+<script type="text/javascript">
+try{
+var pageTracker = _gat._getTracker("UA-1901330-5");
+pageTracker._trackPageview();
+} catch(err) {}
+</script>
+</xsl:template>
+</xsl:stylesheet>
diff --git a/moon-abe/pbc-0.5.14/doc/default.css b/moon-abe/pbc-0.5.14/doc/default.css
new file mode 100644
index 00000000..b386f84d
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/doc/default.css
@@ -0,0 +1,71 @@
+body {
+ font-size: 90%;
+ font-family: verdana, arial, sans-serif;
+}
+
+tt, code, pre, .type {
+ font-family: andale mono, courier new, courier, monospace;
+ font-size: 90%;
+}
+
+.author {
+ display : none;
+}
+
+.copyright {
+ display : none;
+}
+
+div.TOC {
+ float: left;
+ width: 13em;
+ font-size: 90%;
+
+ border: 1px solid #aaaaaa;
+ background-color: #f9f9f9;
+ padding: 0.17em;
+}
+
+hr {
+ display: none;
+}
+
+div.chapter, div.preface {
+ border-left: 13em solid white;
+ padding-left: 1em;
+}
+
+h1.title {
+ border: 1px solid #aaaaaa;
+ background-color: #f9f9f9;
+ padding: 0.17em;
+}
+
+div.chapter h1, div.preface h1 {
+ padding-top: 0.5em;
+ padding-bottom: 0.17em;
+ margin: 0;
+ font-weight: normal;
+ border-bottom: 1px solid #aaaaaa;
+}
+
+h2 {
+ padding-top: 0.5em;
+ padding-bottom: 0.17em;
+ margin: 0;
+ font-weight: normal;
+ border-bottom: 1px solid #aaaaaa;
+}
+
+.programlisting, .screen {
+ margin: 0;
+ border: 1px solid #aaaaaa;
+ background-color: #f9f9f9;
+ padding: 0.17em;
+ margin: 1em;
+ margin-right: 3em;
+}
+
+.parameter {
+ font-style: italic;
+}
diff --git a/moon-abe/pbc-0.5.14/doc/elementfns.txt b/moon-abe/pbc-0.5.14/doc/elementfns.txt
new file mode 100644
index 00000000..cadf78b0
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/doc/elementfns.txt
@@ -0,0 +1,111 @@
+== Element functions ==
+
+Elements of groups, rings and fields are stored in the +element_t+ data type.
+Variables of this type must be initialized before use, and should be cleared
+after they are no longer needed.
+
+The +element_+ functions must be used with caution. Just as division by zero
+does not make sense for integers, some operations may not make sense for
+particular elements. For example, in a ring, one cannot in general invert
+elements.
+
+Another caveat is that many of these functions assume their arguments come from
+the same ring, group or field. No implicit type casting is performed.
+
+For debug builds, turn on run-time checks by defining `PBC_DEBUG` before
+including `pbc.h`:
+
+ #define PBC_DEBUG
+ #include <pbc.h>
+
+Also, when `PBC_DEBUG` is defined, the following macros are active.
+Normally they are replaced with empty statements.
+
+include::gen/debug.txt[]
+
+=== Initializing elements ===
+
+When an element is initialized it is associated with an algebraic structure,
+such as a particular finite field or elliptic curve group.
+
+We use G1 and G2 to denote the input groups to the pairing, and GT for the
+output group. All have order r, and Zr means the ring of integers modulo r.
+G1 is the smaller group (the group of points over the base field). With
+symmetric pairings, G1 = G2.
+
+include::gen/einit.txt[]
+
+=== Assigning elements ===
+
+These functions assign values to elements. When integers are assigned,
+they are mapped to algebraic structures canonically if it makes sense
+(e.g. rings and fields).
+
+include::gen/eassign.txt[]
+
+=== Converting elements ===
+
+include::gen/econvert.txt[]
+
+=== Element arithmetic ===
+
+Unless otherwise stated, all +element_t+ arguments to these functions must have
+been initialized to be from the same algebraic structure. When one of these
+functions expects its arguments to be from particular algebraic structures,
+this is reflected in the name of the function.
+
+The addition and multiplication functions perform addition and multiplication
+operations in rings and fields. For groups of points on an ellitpic curve, such
+as the G1 and G2 groups associated with pairings, both addition and
+multiplication represent the group operation (and similarly both 0 and 1
+represent the identity element). It is recommended that programs choose and
+one convention and stick with it to avoid confusion.
+
+In contrast, the GT group is currently
+implemented as a subgroup of a finite field, so only multiplicative operations
+should be used for GT.
+
+include::gen/earith.txt[]
+
+=== Exponentiating elements ===
+
+Exponentiation and multiexponentiation functions. If it is known in advance
+that a particular element will be exponentiated several times in the future,
+time can be saved in the long run by first calling the preprocessing function:
+
+ element_pp_t g_pp;
+ element_pp_init(g_pp, g);
+ element_pp_pow(h, pow1, g_pp); // h = g^pow1
+ element_pp_pow(h, pow2, g_pp); // h = g^pow2
+ element_pp_pow(h, pow3, g_pp); // h = g^pow3
+ element_pp_clear(g_pp);
+
+include::gen/epow.txt[]
+
+=== Comparing elements ===
+
+These functions compare elements from the same algebraic structure.
+
+include::gen/ecmp.txt[]
+
+=== Element I/O ===
+
+Functions for producing human-readable outputs for elements.
+Converting elements to and from bytes are discussed later.
+
+include::gen/eio.txt[]
+
+=== Random elements ===
+
+Only works for finite algebraic structures. Effect on polynomial rings, fields
+of characteristic zero, etc. undefined.
+
+See <<randomref>> for how PBC gets random bits.
+
+include::gen/erandom.txt[]
+
+=== Element import/export ===
+
+Functions for serializing and deserializing elements.
+
+include::gen/etrade.txt[]
diff --git a/moon-abe/pbc-0.5.14/doc/extract b/moon-abe/pbc-0.5.14/doc/extract
new file mode 100644
index 00000000..77a6a69a
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/doc/extract
@@ -0,0 +1,67 @@
+#!/usr/bin/gawk -f
+# Extract GMP-style documentation from source using AsciiDoc format.
+# Fragile:
+# - requires function definition/declaration to end with ")\n" or ");" or ") {"
+# - does not play nice with function pointer parameters
+
+# Look for the magic string "/*@manual "
+/^\/\*@manual / {
+ outfile = "gen/" gensub(".*manual ", "", 1) ".txt"
+ print "Writing to " outfile
+ n = 0
+ getline
+ # Stop at the line "*/".
+ while ($0 != "*/") {
+ a[n] = $0
+ n++
+ getline
+ }
+
+# Simple version with no markup:
+# do {
+# getline
+# print
+# } while (!match($0, ";") && !match($0, "{"))
+
+# Mark up bits of the function declaration with AsciiDoc, e.g:
+# "int main(int argc, char *argv[]);" should become
+# "int *main*('int argc', 'char *argv[]');"
+# Also suppress "static inline".
+ getline
+
+# Handle variable declarations.
+ if (!match($0, "\\(")) {
+ s = gensub("([^ ]*);", "*\\1*", 1) # Bold variable name.
+# Handle macro declarations.
+ } else if (match($0, "^#define")) {
+ s = gensub("^#define *(.*[^ ]) *\\\\$", "*\\1*", 1)
+# Otherwise it's a function.
+ } else {
+
+ sub("static inline ", "")
+ s = gensub("(\\w*)\\(", " *\\1*(", 1) # Bold function name.
+ s = gensub("\\((.*$)", "('\\1", 1, s) # First parameter.
+ gsub(", *", "', '", s) # Separating commas.
+ gsub("_ptr", "_t", s)
+# Handle multi-line function declarations.
+ while (!match(s, ");") && !match(s, ") *$") && !match(s, ") *{")) {
+ getline
+ gsub("^ *", "") # Remove leading whitespace.
+ gsub(", *", "', '") # Commas again.
+ gsub("_ptr", "_t")
+ s = s $0
+ }
+ s = gensub("(.*)\\)", "\\1')", 1, s) # Last parameter
+ gsub("_ptr", "_t", s)
+ gsub(")[^)]*$", ")", s);
+ }
+
+ print s "\n" > outfile
+ if (n > 0) {
+ print "____" > outfile
+ for(i = 0; i < n; i++) {
+ print a[i] > outfile
+ }
+ print "____" > outfile
+ }
+}
diff --git a/moon-abe/pbc-0.5.14/doc/find_selflink.js b/moon-abe/pbc-0.5.14/doc/find_selflink.js
new file mode 100644
index 00000000..db436db7
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/doc/find_selflink.js
@@ -0,0 +1,37 @@
+// From my own website(!)
+//TODO: only do this for links in the table of contents menu
+
+function find_selflink() {
+ var a = document.links;
+ var i = 0;
+ while (i < a.length) {
+ if (a[i].href == document.URL) {
+ var c;
+ var j;
+ var s_new = document.createElement("span");
+ s_new.className = "currentlink";
+ c = a[i].childNodes;
+ for (j=0; j<c.length; j++) {
+ s_new.appendChild(c[j]);
+ }
+ a[i].parentNode.replaceChild(s_new, a[i]);
+ } else {
+ i++;
+ }
+
+ /*
+ if (a[i].href == document.URL) {
+ a[i].className = "currentlink";
+ if (0) {
+ var s_new = document.createElement("span");
+ s_new.className = "currentlink";
+ s_new.appendChild(a[i]);
+ a[i].parentNode.replaceChild(s_new, a[i]);
+ }
+ }
+ i++;
+ */
+ }
+}
+
+find_selflink();
diff --git a/moon-abe/pbc-0.5.14/doc/index.txt b/moon-abe/pbc-0.5.14/doc/index.txt
new file mode 100644
index 00000000..ccf0b503
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/doc/index.txt
@@ -0,0 +1,13 @@
+== PBC library manual ==
+
+Other editions:
+
+- link:../chunked/[Chunked HTML]: One HTML file per section, with no attempts
+ to make it easier to read.
+
+- link:../manual.html[Single HTML]: One big HTML file. I attemped to improve
+ its appearance.
+
+- link:../manual.pdf[PDF file]: Portable Document Format.
+
+- link:../manual.txt[text file]
diff --git a/moon-abe/pbc-0.5.14/doc/internal.txt b/moon-abe/pbc-0.5.14/doc/internal.txt
new file mode 100644
index 00000000..b2f217e3
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/doc/internal.txt
@@ -0,0 +1,428 @@
+== PBC internals ==
+
+The source code is organized by subdirectories:
+
+*`include`*: Headers describing the official API. Headers in other places
+are for internal use only.
+
+*`arith`*: Finite fields: modular arithmetic, polynomial rings, and polynomial
+rings modulo a polynomial. Finite fields of low characteristic are unsupported.
+
+*`ecc`*: Elliptic curve generation, elliptic curve groups and pairings. One
+source file is dedicated to each type of pairing, containing specialized
+optimizations. Some of the code requires arbitrary precision complex numbers,
+which also live here but should be moved elsewhere one day.
+
+*`misc`*: Dynamic arrays, symbol tables, benchmarking, logging, debugging,
+other utilities.
+
+*`gen`*: Programs that generate pairing parameters and list Hilbert
+polynomials. These were used to prepare the samples in the `param` directory.
+
+*`example`*: Example programs showing how to use the library.
+
+*`guru`*: Tests, experimental code.
+
+=== Groups, rings, fields ===
+
+Algebraic structures are represented in the +field_t+ data type, which mostly
+contains pointers to functions written to perform operations such as addition
+and multiplication in that particular group, ring or field:
+
+ struct field_s {
+ ...
+ void (*init)(element_ptr);
+ void (*clear)(element_ptr);
+ ...
+ void (*add)(element_ptr, element_ptr, element_ptr);
+ void (*sub)(element_ptr, element_ptr, element_ptr);
+ void (*mul)(element_ptr, element_ptr, element_ptr);
+ ...
+ };
+ typedef struct field_s *field_ptr;
+ typedef struct field_s field_t[1];
+
+The name +algebraic_structure_t+ is arguably more accurate, but far too
+cumbersome. It may help if one views groups and rings as handicapped fields.
+
+The last two lines of the above code excerpt show how GMP and PBC define data
+types: they are arrays of length one so that when a variable is
+declared, space is automatically allocated for it on the stack.
+Yet when used as a argument to a function, a pointer is passed, thus there is
+no need to explicitly allocate and deallocate memory, nor reference and
+dereference variables.
+
+Each +element_t+ contains a field named +field+ to such a +field_t+ variable.
+The only other field is +data+, which stores any data needed for the
+implementation of the particular algebraic structure the element resides in.
+
+ struct element_s {
+ struct field_s *field;
+ void *data;
+ };
+
+When an +element_t+ variable is initialized, +field+ is set appropriately, and
+then the initialization specific to that field is called to complete the
+initialization. Here, a line of code is worth a thousand words:
+
+ void element_init(element_t e, field_ptr f) {
+ e->field = f;
+ f->init(e);
+ }
+
+Thus during a call to one of the `element_` functions, the +field+ pointer is
+followed then the appropriate routine is executed. For example, modular addition
+results when the input element is an element of a finite field, while
+polynomial addition is performed for elements of a polynomial ring and so on.
+
+ void element_add(element_t n, element_t a, element_t b) {
+ n->field->add(n, a, b);
+ }
+
+My design may seem dangerous because if a programmer inadvertently attempts
+to add a polynomial and a point on an elliptic curve, say, the code
+will compile without warnings since they have the same data type.
+
+However I settled on having a catch-all ``glorified +void *+'' +element_t+
+because I wanted to
+
+- extend a field an arbitrary number of times (though in practice, currently I
+ only need to extend a field twice at most),
+- switch fields easily, so for example a program that benchmarks addition in
+ polynomial rings can be trivially modified to benchmark addition in a group,
+ and
+- interchange different implementations of the same algebraic structure, for
+ example, compare Montgomery representation versus a naive implementation of
+ integer modulo rings.
+
+Additionally, defining `PBC_DEBUG` catches many type mismatches.
+
+In mathematics, groups, rings and fields should be distinguished, but for
+implmentation, it is simplest lump them together under the same heading.
+In any event, distinct data types may lead to a false sense of security.
+Fields of prime order with different moduli would still fall under the same
+data type, with unpleasant results if their elements are mistakenly mixed.
+
+I have vague plans to add flags to +field_t+ describing the capabilities of a
+particular +field_t+. These flags would be set during initialization, and
+would indicate for example whether one can invert every nonzero element,
+whether there are one or two operations (that is, group versus ring), whether
+the field is an integer mod ring, polynomial ring, or polynomial mod ring, and
+so on. Once in place, more runtime checks can be performed to avoid illegal
+inversion and similar problems.
+
+Another option is to introduce data types for each of the four pairing-related
+algebraic structures, namely G1, G2, GT and Zr, as these are the only ones
+needed for implementing pairing-based cryptosystems.
+
+An alternative was to simply use +void *+ instead of +element_t+ and require
+the programmer to pass the field as a parameter, e.g. +element_add(a, b, c,
+F_13)+, but I decided the added annoyance of having to type this extra variable
+every time negated any benefits, such as obviating the need for the
++field+ pointer in +struct element_s+, even if one ignores
+the more serious problem that runtime type checking is considerably harder, if
+not impossible.
+
+I suppose one could write a preprocessor to convert one type of notation
+to the other, but I would like the code to be standard C. (On the other hand,
+as Hovav Shacham suggested, it may be nice to eventually have a converter that
+takes human-friendly infix operator expressions like `a = (b + c) *
+d` and outputs the assembly-like `element_` equivalents.)
+
+=== Internal randomness ===
+
+Some algorithms require a quadratic nonresidue in a given field. These
+are computed lazily: The first time a quadratic nonresidue is requested, one is
+generated at random, using the same source of random bits as other PBC random
+functions. [Which reminds me, should I get rid of the +nqr+ field and instead
+have it as part of the +data+ field in struct field_s?]
+
+In `fieldquadratic.c`, a quadratic field extension is constructed with a square
+root of this randomly generated quadratic nonresidue in the base field. Thus
+for a nondeterminstic source of random bits, the same field may be constructed
+differently on different runs.
+
+To construct the same field the same way every time, one must record the
+quadratic nonresidue generated from one run, and call `field_set_nqr()` every
+time this particular construction of a quadratic field extension is desired.
+Another use for this function is to save time by setting the quadratic
+nonresidue to some precomputed value.
+
+Similarly, for higher degree extensions, a random irreducible polynomial
+may be chosen to construct it, but this must be recorded if the same
+construction is later required.
+
+This happens behind the scenes in PBC.
+
+=== Type A internals ===
+
+Type A pairings are constructed on the curve y^2^ = x^3^ + x over the field F_q
+for some prime q = 3 mod 4.
+Both G1 and G2 are the group of points E(F_q), so this
+pairing is symmetric. It turns out #E(F_q) = q + 1 and
+#E(F_q^2^) = (q + 1)^2^. Thus the embedding degree k is 2,
+and hence GT is a subgroup of F_q^2. The order r is some prime
+factor of q + 1.
+
+Write q + 1 = r * h. For efficiency, r is picked to be a Solinas prime,
+that is, r has the form 2^a^ +- 2^b^ +- 1 for some integers 0 < b < a.
+
+Also, we choose q = -1 mod 12 so F_q^2^ can be implemented as F_q[i]
+(where i = sqrt(-1)) and since q = -1 mod 3, cube roots in F_q
+are easy to compute. This latter feature may be removed because I have
+not found a use for it yet (in which case we only need q = -1 mod 4).
+
++a_param+ struct fields:
+
+ exp2, exp1, sign1, sign0, r:
+ r = 2^exp2 + sign1 * 2^exp1 + sign0 * 1 (Solinas prime)
+ q, h:
+ r * h = q + 1
+ q is a prime, h is a multiple of 12 (thus q = -1 mod 12)
+
+Type A1 uses the same equation, but have different fields since the library
+is given r and cannot choose it.
+
++a1_param+ struct fields:
+
+ p, n, l:
+ p + 1 = n * l
+ p is prime, same as the q in a_param, n is the order of the group.
+
+=== Type B internals ===
+
+Unimplemented. Similar to type A. The curve y^2^ = x^3^ + 1 over the field F_q
+for some prime q = 2 mod 3, which implies cube roots in F_q are easy to
+compute, though we can achieve this for type A pairings by constraining q
+appropriately. I recommend requiring q = 3 mod 4 as well, so that -1 is
+a quadratic nonresidue.
+
+The lack of an x term simplifies some routines such as point doubling.
+
+It turns out we must choose between symmetry or efficiency due to the nature of
+a certain optimization.
+
+=== Type C internals ===
+
+Unimplemented. The supersingular curves y^2^ = x^3^ + 2x + 1 and
+y^2^ = x^3^ + 2x - 1 over a field of characteristic 3. Discussed at length
+by Boneh, Lynn, and Shacham, "Short signatures from the Weil pairing".
+Many optimizations can be applied to speed up these pairings; see
+Barreto et al., "Efficient algorithms for pairing-based cryptosystems", but
+sadly, an attack due to Coppersmith makes these curves less attractive.
+
+=== Type D internals ===
+
+These are ordinary curves of with embedding degree 6, whose orders are prime
+or a prime multiplied by a small constant.
+
+A type D curve is defined over some field F_q and has order h * r where
+r is a prime and h is a small constant. Over the field F_q^6^ its order is
+a multiple of r^2^.
+
+Typically the order of the curve E is around 170 bits, as is F_q, the base
+field, thus q^k^ is around the 1024-bit mark which is commonly considered
+good enough.
+
++d_param+ struct fields:
+
+ q F_q is the base field
+ n # of points in E(F_q)
+ r large prime dividing n
+ h n = h * r
+ a E: y^2 = x^3 + ax + b
+ b
+ nk # of points in E(F_q^k)
+ hk nk = hk * r * r
+ coeff0 coefficients of a monic cubic irreducible over F_q
+ coeff1
+ coeff2
+ nqr quadratic nonresidue in F_q
+
+These were discovered by Miyaji, Nakabayashi and Takano,
+"New explicit conditions of elliptic curve traces for FR-reduction".
+
+=== Type E Internals ===
+
+The CM (Complex Multiplication) method of constructing elliptic curves
+starts with the Diophantine equation
+
+ DV^2 = 4q - t^2
+
+If t = 2 and q = D r^2^ h^2^ + 1 for some prime r (which we choose to
+be a Solinas prime) and some integer h, we find that this equation is easily
+solved with V = 2rh.
+
+Thus it is easy to find a curve (over the field F_q) with order q - 1.
+Note r^2^ divides q - 1, thus we have an embedding degree of 1.
+
+Hence all computations necessary for the pairing can be done in F_q alone.
+There is never any need to extend F_q.
+
+As q is typically 1024 bits, group elements take a lot of space to represent.
+Moreover, many optimizations do not apply to this type, resulting in a slower
+pairing.
+
++e_param+ struct fields:
+
+ exp2, exp1, sign1, sign0, r:
+ r = 2^exp2 + sign1 * 2^exp1 + sign0 * 1 (Solinas prime)
+ q, h
+ q = h r^2 + 1 where r is prime, and h is 28 times a perfect square
+ a, b
+ E: y^2 = x^3 + ax + b
+
+=== Type F internals ===
+
+Using carefully crafted polynomials, k = 12 pairings can be constructed.
+Only 160 bits are needed to represent elements of one group, and 320 bits
+for the other.
+
+Also, embedding degree k = 12 allows higher security short signatures.
+(k = 6 curves cannot
+be used to scale security from 160-bits to say 256-bits because finite
+field attacks are subexponential.)
+
++f_param+ struct fields:
+
+ q:
+ The curve is defined over Fq
+ r:
+ The order of the curve.
+ b:
+ E: y^2= x^3 + b
+ beta:
+ A quadratic nonresidue in Fq: used in quadratic extension.
+ alpha0, alpha1:
+ x^6 + alpha0 + alpha1 sqrt(beta) is irreducible: used in sextic extension.
+
+Discovered by Barreto and Naehrig, "Pairing-friendly elliptic curves of prime order".
+
+=== Type G Internals ===
+
+Another construction based on the CM method.
+
++g_param+ struct fields:
+
+ q, n, h, r:
+ h * r = n is the order of E(F_q)
+ a, b:
+ E: y^2 = x^3 + ax + b
+ nk:
+ #E(F_q^10)
+ hk:
+ hk * r^2 = nk
+ coeff:
+ array of coefficients of polynomial used for quintic extension.
+ nqr:
+ a quadratic nonresidue
+
++g_param+ struct fields:
+
+Discovered by Freeman, "Constructing pairing-friendly elliptic curves with embedding degree 10."
+
+=== Type I Internals ===
+
+Type I pairings is symmetric, constructed on a supersingular curve
+y^2^ = x^3^ - x + 1 over a ternary extension field F_{3^m^}.
+The embedding degree k is 6.
+Both G1 and G2 are the group of points E(F_{3^m^}).
+GT is a subgroup of F_{3^6*m^}. The group order is a prime number.
+
+parameters:
+
+ m, t:
+ The ternary extension field is F(3)[x]/(x^m^ + x^t^ + 2).
+ n:
+ the order of G1
+ n2:
+ n * n2 = number of points in E(F_{3^m^})
+
+Introduced by Barreto et al, "Efficient Pairing Computation on Supersingular
+Abelian Varieties", Designs, Codes and Cryptography, vol. 42, no. 3, pp. 239-271,
+Mar. 2007.
+
+=== Testing functions ===
+
+For testing, debugging, demonstrations and benchmarks.
+Declared in +pbc_test.h+:
+
+include::gen/test.txt[]
+
+=== Dynamic arrays ===
+
+The +darray_t+ data type manages an array of pointers of type +void \*+,
+allocating more memory when necessary.
+Declared in +pbc_darray.h+.
+
+include::gen/darray.txt[]
+
+=== Symbol tables ===
+
+The +symtab_t+ data type manages symbol tables where the keys are strings of
+type +char \*+ and the values are pointers of type +void \*+.
+
+At present, they are implemented inefficiently using dynamic arrays, but this
+will change if the need arises. They are only used when reading a +pbc_param_t+
+from a string. Declared in +pbc_symtab.h+.
+
+include::gen/symtab.txt[]
+
+=== Religious stances ===
+
+I chose C because:
+
+- GMP, which PBC requires and is also modeled on, is also written in C.
+- PBC is intended to be a low-level portable cryptographic library. C is the
+ least common denominator. It should not be difficult to wrap PBC for other
+ languages.
+- Despite its drawbacks (I would appreciate operator overloading and
+ genericity, and to a lesser extent garbage collection), I've found few
+ languages I like better. To quote Rob Pike, C is the desert island language.
+ (I also agree with his statement that OO languages conceptually provide
+ little extra over judicious use of function pointers in C.)
+
+With respect to indentation, I'm migrating the code to follow
+http://google-styleguide.googlecode.com/svn/trunk/cppguide.xml[Google C++
+Style Guide] to avoid having to switch styles all the time.
+The code was originally written using my old style: 4-space indent with 1TBS
+(One True Brace Style).
+
+I'd like to have no library dependencies (except standard C libraries),
+but then I'd have to write a large integer library. Furthermore, I'd have to
+write it in assembly, and then port it.
+
+To avoid this, I use an existing library. I selected GMP because the library's
+focus is on multiprecision arithmetic and nothing else, and it aims to be as
+fast as possible on many platforms. Another important factor is that GMP is
+released under a free license.
+
+On the other hand, GMP is written to deal with extremely large numbers, while I
+mostly only need integers that are roughly between 160 and 2048 bits. It is
+possible a library specializing in numbers of these sizes would be better for
+PBC.
+
+I'm fond of GMP's method for eliminating the need for the +&amp;+ and +*+
+operators most of the time by declaring a typedef on arrays of size 1. I try
+to do the same with PBC for consistency, though this trick does have drawbacks.
+
+I would like to have GMP as the only library dependency, though I do not mind
+using other libraries so long as they are optional. For example, one of the
+test programs is much easier to use if compiled with the GNU readline library,
+but by default compiles without it and is still functional.
+
+I dislike the C preprocessor. I like to place platform-specific code in
+separate files and let the build system work out which one to use. Integer
+constants can be defined with enum instead. I intend to minimize the number of
++#include+ statements in header files for PBC's internal use as much as
+possible (they should be in the `.c` files instead), and later perhaps even
+remove those annoying +#ifndef+ statements too.
+I grudgingly accept some macros for PBC's debugging features.
+
+I liberally use nested functions, a GNU C extension. I find their expressiveness so indispensable that I'm willing to sacrifice portability for them.
+
+The
+http://www.gnu.org/software/libc/manual/html_node/Reserved-Names.html[GNU libc manual]
+states that data types ending in +_t+ should not be used because they are
+reserved for future additions to C or POSIX. On the other hand, I want to stay
+consistent with GMP, and ending data types with +_t+ is common practice.
diff --git a/moon-abe/pbc-0.5.14/doc/macros.ad b/moon-abe/pbc-0.5.14/doc/macros.ad
new file mode 100644
index 00000000..0b108e2b
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/doc/macros.ad
@@ -0,0 +1,9 @@
+[miscellaneous]
+newline=\n
+
+[blockdef-passthrough]
+delimiter=^@{4,}$
+subs=none
+
+[replacements]
+sigma=&sigma;
diff --git a/moon-abe/pbc-0.5.14/doc/makeover b/moon-abe/pbc-0.5.14/doc/makeover
new file mode 100644
index 00000000..39b807c1
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/doc/makeover
@@ -0,0 +1,50 @@
+#!/bin/bash
+gawk '
+/<div class="toc">/ {
+ print $0
+ getline #TODO: check this is the <ul> line
+ print $0
+ print "<li><a href=\".\">PBC Library Manual</a></li>"
+ getline
+ while (!match($0, "</div>")) {
+ print $0
+ getline
+ }
+ print "</div>"
+ exit
+}
+' < manual/index.html > toc.tmp
+for a in manual/*.html
+do
+ if [ $a != "manual/index.html" ]
+ then
+#add " - PBC" to titles of all pages
+ sed '/<\/title>/ s/<\/title>/ - PBC&/' -i $a
+ sed '/<body/{n; r toc.tmp
+a <div class="content">
+} ' -i $a
+ sed '/^<\/body/i </div>' -i $a
+ fi
+done
+
+gawk '
+/<div class="book"/ {
+ i = 0
+ for(;;) {
+ getline
+ if (match($0, "<div")) i++;
+ else if (match($0, "</div")) {
+ i--;
+ if (i < 0) break;
+ }
+ }
+ sub("</div>","")
+}
+{ print }
+' < manual/index.html | sed '/<body/{n; r toc.tmp
+a <div class="content">
+r index.html
+a </div>
+} ' > tmp.tmp
+mv tmp.tmp manual/index.html
+rm toc.tmp
diff --git a/moon-abe/pbc-0.5.14/doc/miscfns.txt b/moon-abe/pbc-0.5.14/doc/miscfns.txt
new file mode 100644
index 00000000..5ea07a67
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/doc/miscfns.txt
@@ -0,0 +1,43 @@
+== Other functions ==
+
+Random number generation, memory allocation, logging.
+
+[[randomref]]
+=== Random bits ===
+
+The first time PBC is asked to generate a random number,
+the library will try to open the file `/dev/urandom` as a
+source of random bits. If this fails, PBC falls back to a deterministic
+random number generator (which is of course completely useless for
+cryptography).
+
+It is possible to change the file used for random bits. Also, explicitly
+selecting the deterministic random number generator will
+suppress the warning.
+
+On Windows, by default, PBC uses the Microsoft Crypto API to generate random
+bits.
+
+include::gen/pbcrandom.txt[]
+
+=== Custom allocation ===
+
+Like GMP, PBC can be instructed to use custom memory allocation functions.
+This must be done before any memory allocation is performed,
+usually at the beginning of a program before any other PBC functions have
+been called.
+
+Also like GMP, the PBC wrappers around +malloc+
+and +realloc+ will print a message on standard error
+and terminate program execution if the calls fail.
+Replacements for these functions should act similarly.
+
+However, unlike GMP, PBC does not pass the number of bytes previously allocated
+along with the pointer in calls to +realloc+ and
++free+.
+
+include::gen/alloc.txt[]
+
+=== Logging ===
+
+include::gen/log.txt[]
diff --git a/moon-abe/pbc-0.5.14/doc/pairingfns.txt b/moon-abe/pbc-0.5.14/doc/pairingfns.txt
new file mode 100644
index 00000000..4ea4bf13
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/doc/pairingfns.txt
@@ -0,0 +1,69 @@
+== Pairing functions ==
+
+An application should first initialize a pairing object. This causes PBC
+to setup curves, groups and other mathematical miscellany. After that,
+elements can be initialized and manipulated for cryptographic operations.
+
+Parameters for various pairings are included with the PBC library distribution
+in the `param` subdirectory, and some are suitable for cryptographic use. Some
+programs in the `gen` subdirectory may be used to generate parameters (see
+<<bundlechap>>). Also, see the PBC website for many more
+pairing parameters.
+
+Pairings involve three groups of prime order. The PBC library calls them G1,
+G2, and GT, and calls the order r. The pairing is a bilinear map that takes two
+elements as input, one from G1 and one from G2, and outputs an element of GT.
+
+The elements of G2 are at least as long as G1; G1 is guaranteed to be the
+shorter of the two. Sometimes G1 and G2 are the same group (i.e. the pairing
+is symmetric) so their elements can be mixed freely. In this case the
++pairing_is_symmetric+ function returns 1.
+
+Bilinear pairings are stored in the data type +pairing_t+. Functions that
+operate on them start with +pairing_+.
+
+=== Initializing pairings ===
+
+To initialize a pairing from an ASCIIZ string:
+
+ pairing_t pairing;
+ pairing_init_set_str(pairing, s); // Where s is a char *.
+
+The string 's' holds _pairing parameters_ in a text format. The +param+
+subdirectory contains several examples.
+
+Alternatively, call:
+
+ pairing_t pairing;
+ pairing_init_pbc_param(pairing, param);
+
+where 'param' is an initialized `pbc_param_t` (see <<paramchap>>).
+
+include::gen/pairing_init.txt[]
+
+=== Applying pairings ===
+
+The function `pairing_apply` can be called to apply a bilinear map. The order
+of the inputs is important. The first, which holds the output, must be from the
+group GT. The second must be from G1, the third from G2, and the fourth must be
+the +pairing_t+ variable that relates them.
+
+In some applications, the programmer may know that many pairings with the same
+G1 input will be computed. If so, preprocessing should be used to avoid
+repeating many calculations saving time in the long run. A variable of type
++pairing_pp_t+ should be declared, initialized with the fixed G1 element, and
+then used to compute pairings:
+
+ pairing_pp_t pp;
+ pairing_pp_init(pp, x, pairing); // x is some element of G1
+ pairing_pp_apply(r1, y1, pp); // r1 = e(x, y1)
+ pairing_pp_apply(r2, y2, pp); // r2 = e(x, y2)
+ pairing_pp_clear(pp); // don't need pp anymore
+
+Never mix and match G1, G2, and GT groups from different pairings.
+
+include::gen/pairing_apply.txt[]
+
+=== Other pairing functions ===
+
+include::gen/pairing_op.txt[]
diff --git a/moon-abe/pbc-0.5.14/doc/paramfns.txt b/moon-abe/pbc-0.5.14/doc/paramfns.txt
new file mode 100644
index 00000000..74b1abff
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/doc/paramfns.txt
@@ -0,0 +1,37 @@
+[[paramchap]]
+== Param functions ==
+
+Pairings are initialized from _pairing parameters_, which are objects of type
+`pbc_param_t`. Some applications can ignore this data type because
+`pairing_init_set_str()` handles it behind the scenes: it reads a string as a
+`pbc_param_t`, then initializes a pairing with these parameters.
+
+include::gen/param.txt[]
+
+[[paramgenchap]]
+=== Param generation ===
+
+These were used to prepare the sample parameters in the +param+ subdirectory.
+
+We label the pairing families with capital letters roughly in the order of
+discovery, so we can refer to them easily. Type A is fastest. Type D is a good
+choice when elements should be short but is slower. Type F has even shorter
+elements but is slower still. The speed differences are hardware-dependent, and
+also change when preprocessing is used. Type B and C are unimplemented.
+
+The +pbc_cm_t+ data type holds CM parameters that are used to generate type D
+and G curves.
+
+include::gen/cminfo.txt[]
+
+include::gen/aparam.txt[]
+
+include::gen/a1param.txt[]
+
+include::gen/dparam.txt[]
+
+include::gen/eparam.txt[]
+
+include::gen/fparam.txt[]
+
+include::gen/gparam.txt[]
diff --git a/moon-abe/pbc-0.5.14/doc/preface.txt b/moon-abe/pbc-0.5.14/doc/preface.txt
new file mode 100644
index 00000000..ec8a3373
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/doc/preface.txt
@@ -0,0 +1,18 @@
+= PBC Library Manual 0.5.14 =
+Ben Lynn
+2006
+
+== Preface ==
+
+The PBC library is a free portable C library allowing the rapid prototyping of
+pairing-based cryptosystems. It provides an abstract interface to a cyclic
+group with a bilinear pairing, insulating the programmer from mathematical
+details. Knowledge of elliptic curves is optional.
+
+The PBC library is built on top of the GMP library, and the PBC API is strongly
+influenced by the GMP API. Accordingly, this manual tries to imitate the look
+and feel of the GMP manual.
+
+The PBC library homepage: http://crypto.stanford.edu/pbc/[http://crypto.stanford.edu/pbc/]
+
+The GMP library homepage: http://www.swox.com/gmp/[http://www.swox.com/gmp/]
diff --git a/moon-abe/pbc-0.5.14/doc/pretty.css b/moon-abe/pbc-0.5.14/doc/pretty.css
new file mode 100644
index 00000000..69502083
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/doc/pretty.css
@@ -0,0 +1,97 @@
+body {
+ font-size: 90%;
+ font-family: verdana, arial, sans-serif;
+}
+
+tt, code, pre, .type {
+ font-family: andale mono, courier new, courier, monospace;
+ font-size: 90%;
+}
+
+/* Based on http://phrogz.net/CSS/columns3.html */
+div.toc {
+ float: left;
+ margin: 0;
+ padding: 0;
+ padding-top: 0.5em;
+ border: 0;
+ width: 13em;
+
+ background-color: #f9f9f9;
+ margin-right:1em;
+}
+
+div.content {
+ margin: 0;
+ padding: 0;
+
+ /* won't match if font is smaller in toc */
+ border-left: 13em solid #f9f9f9;
+ padding-left: 1em;
+}
+
+div.content:after {
+ content:' ';
+ clear:both;
+ display:block;
+ height:0;
+ overflow:hidden
+}
+
+div.footer {
+ clear:left;
+}
+
+div.toc ul {
+ list-style: none;
+ padding: 0;
+ margin: 0;
+}
+
+div.toc li ul a, li ul span.currentlink
+{
+ font-weight: normal;
+ font-size: 90%;
+ padding-left: 2em;
+}
+
+div.toc a, span.currentlink{
+ display:block;
+ text-decoration: none;
+ padding-left: 0.5em;
+ color: #0000aa;
+}
+
+span.currentlink {
+ text-decoration: none;
+ background-color: #aaaaf9;
+}
+
+div.toc a:visited {
+ color: #0000aa;
+}
+
+div.toc a:hover {
+ background-color: #f9f9aa;
+}
+
+.literallayout {
+ margin: 0;
+ border: 1px solid #aaaaaa;
+ background-color: #f9f9f9;
+ padding: 0.17em;
+ margin: 1em;
+ margin-right: 3em;
+}
+
+h1, h2, h3, h4, h5, h6 {
+ padding-bottom: 0.17em;
+ margin: 0;
+ font-weight: normal;
+ color: black;
+ border-bottom: 1px solid #aaaaaa;
+}
+
+h3, h4, h5, h6 {
+ border-bottom: 0;
+}
diff --git a/moon-abe/pbc-0.5.14/doc/quickstart.txt b/moon-abe/pbc-0.5.14/doc/quickstart.txt
new file mode 100644
index 00000000..2f94e46e
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/doc/quickstart.txt
@@ -0,0 +1,69 @@
+== Installing PBC ==
+
+The PBC library needs http://www.swox.com/gmp/[the GMP library].
+
+This build system has been tested and works on Linux and Mac OS X with a
+fink installation.
+
+ $ ./configure
+ $ make
+ $ make install
+
+On Windows, the configure command requires a couple of options:
+
+ $ ./configure -disable-static -enable-shared
+
+By default the library is installed in `/usr/local/lib`. On some systems, this
+may not be in the library path. One way to fix this is to edit
+`/etc/ld.so.conf` and run `ldconfig`.
+
+=== Simple Makefile ===
+
+For speed and simplicity, I use `simple.make` during development.
+Naturally it is less portable.
+
+ $ make -f simple.make
+
+PBC uses some GNU C extensions such as nested functions.
+
+[[pbcintro]]
+=== Quick start ===
+
+We shall use the following notation. For our purposes, the pairing is a
+bilinear map from two cyclic groups, G1 and G2 to a third group GT, where each
+group has prime order r.
+
+Run `pbc/pbc` and type:
+
+ g := rnd(G1);
+ g;
+
+The first line generates a random element g of the group G1,
+while the second prints out the value of g. (The syntax was influenced
+by `bc`, an arbitrary precision calculator.)
+Next, enter:
+
+ h := rnd(G2);
+ h;
+
+This assigns h to a random element of the group G2. Actually, the default
+pairing `pbc` uses is symmetric so G1 and G2 are in fact the same group, but in
+general they are distinct. To compute the pairing applied to g and h, type:
+
+ pairing(g,h);
+
+The order of both g and h is r. Let's generate two random numbers between
+1 and r:
+
+ a := rnd(Zr);
+ b := rnd(Zr);
+
+By bilinearity, the resulting output of both of these lines should be
+identical:
+
+ pairing(g^a,h^b);
+ pairing(g,h)^(a*b);
+
+This program has <<pbcref, other features>> but the commands shown here should
+be enough to quickly and interactively experiment with many pairing-based
+cryptosystems using real numbers.
diff --git a/moon-abe/pbc-0.5.14/doc/security.txt b/moon-abe/pbc-0.5.14/doc/security.txt
new file mode 100644
index 00000000..c59cf4ba
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/doc/security.txt
@@ -0,0 +1,45 @@
+== Security issues ==
+
+Potential problems for the paranoid.
+
+*Truncated hashes*
+
+For points on an elliptic curve over the base field, +element_from_hash()+
+will truncate the input hash until it can represent an x-coordinate in that
+field. (PBC then computes a corresponding y-coordinate.) Ideally the hash
+length should be smaller than size of the base field and also the size of the
+elliptic curve group.
+
+Hashing to elements in field extensions does not take advantage of the fact
+that the extension has more elements than the base field. I intend to rewrite
+the code so that for a degree n extension code, PBC splits the hash into n
+parts and determine each polynomial coefficient from one ofthe pieces. At the
+moment every coefficient is the same and depends on the whole hash.
+
+This is harmless for the base field, because all the pairing types implemented
+so far use an integer mod ring as the base field, rather than an extension of
+some low characteristic field.
+
+*Zeroed memory*
+
+Unlike OpenSSL, there are no functions to zero memory locations used in
+sensitive computations. To some extent, one can use +element_random()+ to
+overwrite data.
+
+*PRNG determinism*
+
+On platforms without `/dev/urandom` PBC falls back on a deterministic
+pseudo-random number generator, except on Windows where it attempts to
+use the Microsoft Crypto API.
+
+Also, `/dev/urandom` differs from `/dev/random`. A quote from its manpage:
+
+____
+A read from the /dev/urandom device will not block waiting for more
+entropy. As a result, if there is not sufficient entropy in the
+entropy pool, the returned values are theoretically vulnerable to a
+cryptographic attack on the algorithms used by the driver. Knowledge
+of how to do this is not available in the current non-classified literature,
+but it is theoretically possible that such an attack may exist.
+If this is a concern in your application, use /dev/random instead.
+____
diff --git a/moon-abe/pbc-0.5.14/doc/sigex.txt b/moon-abe/pbc-0.5.14/doc/sigex.txt
new file mode 100644
index 00000000..dcfc8d5e
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/doc/sigex.txt
@@ -0,0 +1,155 @@
+== Tutorial ==
+
+This chapter walks through how one might implement the
+Boneh-Lynn-Shacham (BLS) signature scheme using the PBC library.
+It is based on the file `example/bls.c`.
+
+We have three groups 'G1', 'G2', 'GT' of prime order 'r', and a bilinear map
+'e' that takes an element from 'G1' and an element from 'G2', and outputs an
+element of 'GT'. We publish these along with the system parameter 'g', which is
+a randomly chosen element of 'G2'.
+
+Alice wishes to sign a message. She generates her public and private keys as
+follows. Her private key is a random element 'x' of 'Zr', and her corresponding
+public key is 'g'^'x'^.
+
+To sign a message, Alice hashes the message to some element
+'h' of 'G1', and then outputs the signature 'h'^'x'^.
+
+To verify a signature sigma, Bob checks that
+'e'('h','g'^'x'^) = 'e'(sigma, 'g').
+
+We now translate the above to C code using the PBC library.
+
+=== BLS signatures ===
+
+First we include `pbc/pbc.h`:
+
+ #include <pbc.h>
+
+Next we initialize a pairing:
+
+ pairing_t pairing;
+ char param[1024];
+ size_t count = fread(param, 1, 1024, stdin);
+ if (!count) pbc_die("input error");
+ pairing_init_set_buf(pairing, param, count);
+
+Later we give pairing parameters to our program on standard input. Any file in
+the `param` subdirectory will suffice, for example:
+
+ $ bls < param/a.param
+
+We shall need several +element_t+ variables to hold the system parameters, keys
+and other quantities. We declare them and initialize them,
+....
+element_t g, h;
+element_t public_key, secret_key;
+element_t sig;
+element_t temp1, temp2;
+
+element_init_G2(g, pairing);
+element_init_G2(public_key, pairing);
+element_init_G1(h, pairing);
+element_init_G1(sig, pairing);
+element_init_GT(temp1, pairing);
+element_init_GT(temp2, pairing);
+element_init_Zr(secret_key, pairing);
+....
+generate system parameters,
+
+ element_random(g);
+
+generate a private key,
+
+ element_random(secret_key);
+
+and the corresponding public key.
+
+ element_pow_zn(public_key, g, secret_key);
+
+When given a message to sign, we first compute its hash, using some standard
+hash algorithm. Many libraries can do this, and this operation does not
+involve pairings, so PBC does not provide functions for this step. For this
+example, and our message has already been hashed, possibly using another
+library.
+
+Say the message hash is "ABCDEF" (a 48-bit hash). We map these bytes to an
+element h of G1,
+
+ element_from_hash(h, "ABCDEF", 6);
+
+then sign it:
+
+ element_pow_zn(sig, h, secret_key);
+
+To verify this signature, we compare the
+outputs of the pairing applied to the signature and system parameter,
+and the pairing applied to the message hash and public key.
+If the pairing outputs match then the signature is valid.
+
+....
+pairing_apply(temp1, sig, g, pairing);
+pairing_apply(temp2, h, public_key, pairing);
+if (!element_cmp(temp1, temp2)) {
+ printf("signature verifies\n");
+} else {
+ printf("signature does not verify\n");
+}
+....
+
+=== Import/export ===
+
+To be useful, at some stage the signature must be converted
+to bytes for storage or transmission:
+
+ int n = pairing_length_in_bytes_compressed_G1(pairing);
+ // Alternatively:
+ // int n = element_length_in_bytes_compressed(sig);
+ unsigned char *data = malloc(n);
+ element_to_bytes_compressed(data, sig);
+
+On the other end, the signature must be decompressed:
+
+ element_from_bytes_compressed(sig, data);
+
+Eliding +_compressed+ in the above code
+will also work but the buffer 'data' will be roughly twice as large.
+
+We can save more space by using the 'x'-coordinate of the signature only
+
+ int n = pairing_length_in_bytes_x_only_G1(pairing);
+ // Alternative:
+ // int n = element_length_in_bytes_x_only(sig);
+ unsigned char *data = malloc(n);
+ element_to_bytes_compressed(data, sig);
+
+but then there is a complication during verification since two different
+points have the same 'x'-coordinate. One way to solve this problem is to
+guess one point and try to verify. If that fails, we try the other.
+It can be shown that the pairing outputs of the two points are inverses
+of each other, avoiding the need to compute a pairing the second time.
+(In fact, there are even better ways to handle this.)
+....
+int n = pairing_length_in_bytes_x_only_G1(pairing);
+//int n = element_length_in_bytes_x_only(sig);
+unsigned char *data = malloc(n);
+
+element_to_bytes_x_only(data, sig);
+
+element_from_bytes_x_only(sig, data)
+
+pairing_apply(temp1, sig, g, pairing);
+pairing_apply(temp2, h, public_key, pairing);
+
+if (!element_cmp(temp1, temp2)) {
+ printf("signature verifies on first guess\n");
+} else {
+ element_invert(temp1, temp1);
+ if (!element_cmp(temp1, temp2)) {
+ printf("signature verifies on second guess\n");
+ } else {
+ printf("signature does not verify\n");
+ }
+}
+....
diff --git a/moon-abe/pbc-0.5.14/ecc/a_param.c b/moon-abe/pbc-0.5.14/ecc/a_param.c
new file mode 100644
index 00000000..6cf8dd96
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/ecc/a_param.c
@@ -0,0 +1,2315 @@
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h> //for rand, pbc_malloc, pbc_free
+#include <string.h> //for strcmp
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_fp.h"
+#include "pbc_fieldquadratic.h"
+#include "pbc_param.h"
+#include "pbc_pairing.h"
+#include "pbc_curve.h"
+#include "pbc_random.h"
+#include "pbc_memory.h"
+#include "ecc/param.h"
+#include "pbc_a_param.h"
+#include "pbc_a1_param.h"
+
+typedef struct {
+ int exp2;
+ int exp1;
+ int sign1;
+ int sign0;
+ mpz_t r; // r = 2^exp2 + sign1 * 2^exp1 + sign0 * 1
+ mpz_t q; // we work in E(F_q) (and E(F_q^2))
+ mpz_t h; // r * h = q + 1
+} *a_param_ptr;
+
+typedef struct {
+ field_t Fq, Fq2, Eq;
+ int exp2, exp1;
+ int sign1;
+} *a_pairing_data_ptr;
+
+static void a_out_str(FILE *stream, void *data) {
+ a_param_ptr p = data;
+ param_out_type(stream, "a");
+ param_out_mpz(stream, "q", p->q);
+ param_out_mpz(stream, "h", p->h);
+ param_out_mpz(stream, "r", p->r);
+ param_out_int(stream, "exp2", p->exp2);
+ param_out_int(stream, "exp1", p->exp1);
+ param_out_int(stream, "sign1", p->sign1);
+ param_out_int(stream, "sign0", p->sign0);
+}
+
+static void a_clear(void *data) {
+ a_param_ptr sp = data;
+ mpz_clear(sp->r);
+ mpz_clear(sp->q);
+ mpz_clear(sp->h);
+ pbc_free(data);
+}
+
+static void phi_identity(element_ptr out, element_ptr in, pairing_ptr pairing) {
+ UNUSED_VAR(pairing);
+ element_set(out, in);
+}
+
+static void compute_abc_tangent(element_ptr a, element_ptr b, element_ptr c,
+ element_ptr Vx, element_ptr Vy, element_ptr e0) {
+ //a = -slope_tangent(V.x, V.y);
+ //b = 1;
+ //c = -(V.y + aV.x);
+ //but we multiply by -2*V.y to avoid division so:
+ //a = -(3 Vx^2 + cc->a)
+ //b = 2 * Vy
+ //c = -(2 Vy^2 + a Vx);
+ element_square(a, Vx);
+ //element_mul_si(a, a, 3);
+ element_add(e0, a, a);
+ element_add(a, e0, a);
+ element_set1(b);
+ element_add(a, a, b);
+ element_neg(a, a);
+
+ element_double(b, Vy);
+
+ element_mul(e0, b, Vy);
+ element_mul(c, a, Vx);
+ element_add(c, c, e0);
+ element_neg(c, c);
+}
+
+static void compute_abc_tangent_proj(element_ptr a, element_ptr b, element_ptr c,
+ element_ptr Vx, element_ptr Vy,
+ element_ptr z, element_ptr z2, element_ptr e0) {
+ //a = -(3x^2 + cca z^4)
+ //for this case cca = 1
+ //b = 2 y z^3
+ //c = -(2 y^2 + x a)
+ //a = z^2 a
+ element_square(a, z2);
+ element_square(b, Vx);
+ ////element_mul_si(b, b, 3);
+ element_double(e0, b);
+ element_add(b, e0, b);
+ element_add(a, a, b);
+ element_neg(a, a);
+
+ ////element_mul_si(e0, Vy, 2);
+ element_double(e0, Vy);
+ element_mul(b, e0, z2);
+ element_mul(b, b, z);
+
+ element_mul(c, Vx, a);
+ element_mul(a, a, z2);
+ element_mul(e0, e0, Vy);
+ element_add(c, c, e0);
+ element_neg(c, c);
+}
+
+static void compute_abc_line(element_ptr a, element_ptr b, element_ptr c,
+ element_ptr Vx, element_ptr Vy,
+ element_ptr V1x, element_ptr V1y,
+ element_ptr e0) {
+ //a = -(B.y - A.y) / (B.x - A.x);
+ //b = 1;
+ //c = -(A.y + a * A.x);
+ //but we'll multiply by B.x - A.x to avoid division, so
+ //a = -(By - Ay)
+ //b = Bx - Ax
+ //c = -(Ay b + a Ax);
+ element_sub(a, Vy, V1y);
+ element_sub(b, V1x, Vx);
+ element_mul(c, Vx, V1y);
+ element_mul(e0, Vy, V1x);
+ element_sub(c, c, e0);
+}
+
+struct pp_coeff_s {
+ element_t a;
+ element_t b;
+ element_t c;
+};
+typedef struct pp_coeff_s pp_coeff_t[1];
+typedef struct pp_coeff_s *pp_coeff_ptr;
+
+static void pp_coeff_set(pp_coeff_ptr p, element_t a, element_t b, element_t c) {
+ element_init(p->a, a->field);
+ element_init(p->b, b->field);
+ element_init(p->c, c->field);
+ element_set(p->a, a);
+ element_set(p->b, b);
+ element_set(p->c, c);
+}
+
+static void a_pairing_pp_init(pairing_pp_t p, element_ptr in1, pairing_t pairing) {
+ int i, n;
+ a_pairing_data_ptr ainfo = pairing->data;
+ p->data = pbc_malloc(sizeof(pp_coeff_t) * (ainfo->exp2 + 1));
+ pp_coeff_t *coeff = (pp_coeff_t *) p->data;
+ element_t V, V1;
+ element_t a, b, c;
+ element_t e0;
+ element_ptr Vx, Vy;
+ element_ptr V1x, V1y;
+
+ #define do_tangent() \
+ compute_abc_tangent(a, b, c, Vx, Vy, e0); \
+ pp_coeff_set(coeff[i], a, b, c);
+
+ #define do_line() \
+ compute_abc_line(a, b, c, Vx, Vy, V1x, V1y, e0); \
+ pp_coeff_set(coeff[i], a, b, c);
+
+ element_init(V, ainfo->Eq);
+ element_init(V1, ainfo->Eq);
+ element_set(V, in1);
+ Vx = curve_x_coord(V);
+ Vy = curve_y_coord(V);
+ V1x = curve_x_coord(V1);
+ V1y = curve_y_coord(V1);
+ element_init(e0, ainfo->Fq);
+ element_init(a, ainfo->Fq);
+ element_init(b, ainfo->Fq);
+ element_init(c, ainfo->Fq);
+
+ n = ainfo->exp1;
+ for (i=0; i<n; i++) {
+ do_tangent();
+ element_double(V, V);
+ }
+
+ if (ainfo->sign1 < 0) {
+ element_neg(V1, V);
+ } else {
+ element_set(V1, V);
+ }
+ n = ainfo->exp2;
+ for (; i<n; i++) {
+ do_tangent();
+ element_double(V, V);
+ }
+
+ do_line();
+
+ element_clear(e0);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(V);
+ element_clear(V1);
+ #undef do_tangent
+ #undef do_line
+}
+
+static void a_pairing_pp_clear(pairing_pp_t p) {
+ a_pairing_data_ptr ainfo = p->pairing->data;
+ pp_coeff_t *coeff = (pp_coeff_t *) p->data;
+ int i, n = ainfo->exp2 + 1;
+ for (i=0; i<n; i++) {
+ pp_coeff_ptr pp = coeff[i];
+ element_clear(pp->a);
+ element_clear(pp->b);
+ element_clear(pp->c);
+ }
+ pbc_free(p->data);
+}
+
+// Requires cofactor to be odd.
+// Overwrites in and temp, out != in.
+// Luckily this touchy routine is only used internally.
+// TODO: rewrite to allow (out == in)? would simplify a_finalpow()
+static void lucas_odd(element_ptr out, element_ptr in, element_ptr temp, mpz_t cofactor) {
+ element_ptr in0 = element_x(in);
+ element_ptr in1 = element_y(in);
+ element_ptr v0 = element_x(out);
+ element_ptr v1 = element_y(out);
+ element_ptr t0 = element_x(temp);
+ element_ptr t1 = element_y(temp);
+ int j;
+
+ element_set_si(t0, 2);
+ element_double(t1, in0);
+
+ element_set(v0, t0);
+ element_set(v1, t1);
+
+ j = mpz_sizeinbase(cofactor, 2) - 1;
+ for (;;) {
+ if (!j) {
+ element_mul(v1, v0, v1);
+ element_sub(v1, v1, t1);
+ element_square(v0, v0);
+ element_sub(v0, v0, t0);
+ break;
+ }
+ if (mpz_tstbit(cofactor, j)) {
+ element_mul(v0, v0, v1);
+ element_sub(v0, v0, t1);
+ element_square(v1, v1);
+ element_sub(v1, v1, t0);
+ } else {
+ element_mul(v1, v0, v1);
+ element_sub(v1, v1, t1);
+ element_square(v0, v0);
+ element_sub(v0, v0, t0);
+ }
+ j--;
+ }
+
+ //assume cofactor = (q + 1) / r is even
+ //(r should be odd and q + 1 is always even)
+ //thus v0 = V_k, v1 = V_{k+1}
+ //and V_{k-1} = P v0 - v1
+
+ //so U_k = (P V_k - 2 V_{k-1}) / (P^2 - 4)
+ // = (2 v1 - P v0) / (P^2 - 4)
+
+ element_mul(in0, v0, t1);
+ element_double(v1, v1);
+ element_sub(v1, v1, in0);
+
+ element_square(t1, t1);
+ element_sub(t1, t1, t0);
+ element_sub(t1, t1, t0);
+ element_div(v1, v1, t1);
+
+ element_halve(v0, v0);
+ element_mul(v1, v1, in1);
+}
+
+static inline void a_tateexp(element_ptr out, element_ptr in, element_ptr temp, mpz_t cofactor) {
+ element_ptr in1 = element_y(in);
+ //simpler but slower:
+ //element_pow_mpz(out, f, tateexp);
+
+ //1. Exponentiate by q-1
+ //which is equivalent to the following
+
+ element_invert(temp, in);
+ element_neg(in1, in1);
+ element_mul(in, in, temp);
+
+ //2. Exponentiate by (q+1)/r
+
+ //Instead of:
+ // element_pow_mpz(out, in, cofactor);
+ //we use Lucas sequences (see "Compressed Pairings", Scott and Barreto)
+ lucas_odd(out, in, temp, cofactor);
+}
+
+//computes a Qx + b Qy + c for type A pairing
+static inline void a_miller_evalfn(element_ptr out,
+ element_ptr a, element_ptr b, element_ptr c,
+ element_ptr Qx, element_ptr Qy) {
+ //we'll map Q via (x,y) --> (-x, iy)
+ //hence Re(a Qx + b Qy + c) = -a Q'x + c and
+ //Im(a Qx + b Qy + c) = b Q'y
+ element_mul(element_y(out), a, Qx);
+ element_sub(element_x(out), c, element_y(out));
+ element_mul(element_y(out), b, Qy);
+}
+
+static void a_pairing_pp_apply(element_ptr out, element_ptr in2, pairing_pp_t p) {
+ //TODO: use proj coords here too to shave off a little time
+ element_ptr Qx = curve_x_coord(in2);
+ element_ptr Qy = curve_y_coord(in2);
+ element_t f, f0;
+ int i, n;
+ a_pairing_data_ptr ainfo = p->pairing->data;
+ pp_coeff_t *coeff = p->data;
+ element_init(f, ainfo->Fq2);
+ element_init(f0, ainfo->Fq2);
+
+ element_set1(f);
+ n = ainfo->exp1;
+ for (i=0; i<n; i++) {
+ pp_coeff_ptr pp = coeff[i];
+ element_square(f, f);
+ a_miller_evalfn(f0, pp->a, pp->b, pp->c, Qx, Qy);
+ element_mul(f, f, f0);
+ }
+ if (ainfo->sign1 < 0) {
+ element_invert(out, f);
+ } else {
+ element_set(out, f);
+ }
+ n = ainfo->exp2;
+ for (; i<n; i++) {
+ element_square(f, f);
+ pp_coeff_ptr pp = coeff[i];
+ a_miller_evalfn(f0, pp->a, pp->b, pp->c, Qx, Qy);
+ element_mul(f, f, f0);
+ }
+
+ element_mul(f, f, out);
+ {
+ pp_coeff_ptr pp = coeff[i];
+ a_miller_evalfn(f0, pp->a, pp->b, pp->c, Qx, Qy);
+ element_mul(f, f, f0);
+ }
+
+ a_tateexp(out, f, f0, p->pairing->phikonr);
+
+ element_clear(f);
+ element_clear(f0);
+}
+
+// in1, in2 are from E(F_q), out from F_q^2.
+// Pairing via elliptic nets (see Stange).
+static void a_pairing_ellnet(element_ptr out, element_ptr in1, element_ptr in2,
+ pairing_t pairing) {
+ element_ptr x = curve_x_coord(in1);
+ element_ptr y = curve_y_coord(in1);
+
+ element_ptr x2 = curve_x_coord(in2);
+ element_ptr y2 = curve_y_coord(in2);
+
+ //we map (x2,y2) to (-x2, i y2) before pairing
+ //notation: cmi means c_{k-i}, ci means c_{k+i}
+ element_t cm3, cm2, cm1, c0, c1, c2, c3, c4;
+ element_t dm1, d0, d1;
+ element_t A, B, C;
+
+ element_init_same_as(cm3, x);
+ element_init_same_as(cm2, x);
+ element_init_same_as(cm1, x);
+ element_init_same_as(c0, x);
+ element_init_same_as(c1, x);
+ element_init_same_as(c2, x);
+ element_init_same_as(c3, x);
+ element_init_same_as(c4, x);
+ element_init_same_as(C, x);
+
+ element_init_same_as(dm1, out);
+ element_init_same_as(d0, out);
+ element_init_same_as(d1, out);
+ element_init_same_as(A, x);
+ element_init_same_as(B, out);
+
+ // c1 = 2y
+ // c0 = 1
+ // cm2 = -1
+ // cm3 = -2y
+ element_double(c1, y);
+ element_set1(c0);
+ element_neg(cm3, c1);
+ element_neg(cm2, c0);
+
+ // a = 1, b = 0 for Y^2 = X^3 + X
+ //hence c3 = c_{k+3} = c_4 = 4y(x^6 + 5(x^4 - x^2) - 1)
+ //use cm1, C, c2 as temp variables for now
+ element_square(cm1, x);
+ element_square(C, cm1);
+ element_sub(c2, C, cm1);
+ element_double(c3, c2);
+ element_double(c3, c3);
+ element_add(c3, c3, c2);
+ element_mul(c2, C, cm1);
+ element_add(c3, c3, c2);
+ element_add(c3, c3, cm2);
+ element_mul(c3, c3, c1);
+ element_double(c3, c3);
+
+ // c2 = c_3 = 3x^4 + 6x^2 - 1
+ element_double(cm1, cm1);
+ element_add(cm1, cm1, C);
+ element_double(C, cm1);
+ element_add(C, C, cm1);
+ element_add(c2, C, cm2);
+
+ // c4 = c_5 = c_2^3 c_4 - c_3^3 = c1^3 c3 - c2^3
+ element_square(C, c1);
+ element_mul(c4, C, c1);
+ element_mul(c4, c4, c3);
+ element_square(C, c2);
+ element_mul(C, C, c2);
+ element_sub(c4, c4, C);
+
+ //compute A, B, d1 (which is d_2 since k = 1)
+ //(recall phi takes x2 to -x2, y2 to i y2)
+ element_add(A, x, x2);
+ element_double(C, x);
+ element_sub(C, C, x2);
+ element_square(cm1, A);
+ element_mul(cm1, C, cm1);
+ element_set(element_x(d1), y);
+ element_set(element_y(d1), y2);
+ element_square(d1, d1);
+ element_sub(element_x(d1), element_x(d1), cm1);
+ element_neg(B, d1);
+ element_invert(B, B);
+ element_invert(A, A);
+ element_mul(element_x(d1), y, A);
+ element_neg(element_x(d1), element_x(d1));
+ element_mul(element_y(d1), y2, A);
+ element_square(d1, d1);
+ element_sub(element_x(d1), C, element_x(d1));
+ element_neg(element_y(d1), element_y(d1));
+
+ // cm1 = 0
+ // C = (2y)^-1
+ element_set0(cm1);
+ element_invert(C, c1);
+
+ element_set1(dm1);
+ element_set1(d0);
+
+ element_t sm2, sm1;
+ element_t s0, s1, s2, s3;
+ element_t tm2, tm1;
+ element_t t0, t1, t2, t3;
+ element_t e0, e1;
+ element_t u, v;
+
+ element_init_same_as(sm2, x);
+ element_init_same_as(sm1, x);
+ element_init_same_as(s0, x);
+ element_init_same_as(s1, x);
+ element_init_same_as(s2, x);
+ element_init_same_as(s3, x);
+
+ element_init_same_as(tm2, x);
+ element_init_same_as(tm1, x);
+ element_init_same_as(t0, x);
+ element_init_same_as(t1, x);
+ element_init_same_as(t2, x);
+ element_init_same_as(t3, x);
+
+ element_init_same_as(e0, x);
+ element_init_same_as(e1, x);
+
+ element_init_same_as(u, d0);
+ element_init_same_as(v, d0);
+
+ int m = mpz_sizeinbase(pairing->r, 2) - 2;
+ for (;;) {
+ element_square(sm2, cm2);
+ element_square(sm1, cm1);
+ element_square(s0, c0);
+ element_square(s1, c1);
+ element_square(s2, c2);
+ element_square(s3, c3);
+
+ element_mul(tm2, cm3, cm1);
+ element_mul(tm1, cm2, c0);
+ element_mul(t0, cm1, c1);
+ element_mul(t1, c0, c2);
+ element_mul(t2, c1, c3);
+ element_mul(t3, c2, c4);
+
+ element_square(u, d0);
+ element_mul(v, dm1, d1);
+
+ if (mpz_tstbit(pairing->r, m)) {
+ //double-and-add
+ element_mul(e0, t0, sm2);
+ element_mul(e1, tm2, s0);
+ element_sub(cm3, e0, e1);
+ element_mul(cm3, cm3, C);
+
+ element_mul(e0, t0, sm1);
+ element_mul(e1, tm1, s0);
+ element_sub(cm2, e0, e1);
+
+ element_mul(e0, t1, sm1);
+ element_mul(e1, tm1, s1);
+ element_sub(cm1, e0, e1);
+ element_mul(cm1, cm1, C);
+
+ element_mul(e0, t1, s0);
+ element_mul(e1, t0, s1);
+ element_sub(c0, e0, e1);
+
+ element_mul(e0, t2, s0);
+ element_mul(e1, t0, s2);
+ element_sub(c1, e0, e1);
+ element_mul(c1, c1, C);
+
+ element_mul(e0, t2, s1);
+ element_mul(e1, t1, s2);
+ element_sub(c2, e0, e1);
+
+ element_mul(e0, t3, s1);
+ element_mul(e1, t1, s3);
+ element_sub(c3, e0, e1);
+ element_mul(c3, c3, C);
+
+ element_mul(e0, t3, s2);
+ element_mul(e1, t2, s3);
+ element_sub(c4, e0, e1);
+
+ element_mul(element_x(out), element_x(u), t0);
+ element_mul(element_y(out), element_y(u), t0);
+ element_mul(element_x(dm1), element_x(v), s0);
+ element_mul(element_y(dm1), element_y(v), s0);
+ element_sub(dm1, dm1, out);
+
+ element_mul(element_x(out), element_x(u), t1);
+ element_mul(element_y(out), element_y(u), t1);
+ element_mul(element_x(d0), element_x(v), s1);
+ element_mul(element_y(d0), element_y(v), s1);
+ element_sub(d0, d0, out);
+ element_mul(element_x(d0), element_x(d0), A);
+ element_mul(element_y(d0), element_y(d0), A);
+
+ element_mul(element_x(out), element_x(u), t2);
+ element_mul(element_y(out), element_y(u), t2);
+ element_mul(element_x(d1), element_x(v), s2);
+ element_mul(element_y(d1), element_y(v), s2);
+ element_sub(d1, d1, out);
+ element_mul(d1, d1, B);
+ } else {
+ //double
+ element_mul(e0, tm1, sm2);
+ element_mul(e1, tm2, sm1);
+ element_sub(cm3, e0, e1);
+
+ element_mul(e0, t0, sm2);
+ element_mul(e1, tm2, s0);
+ element_sub(cm2, e0, e1);
+ element_mul(cm2, cm2, C);
+
+ element_mul(e0, t0, sm1);
+ element_mul(e1, tm1, s0);
+ element_sub(cm1, e0, e1);
+
+ element_mul(e0, t1, sm1);
+ element_mul(e1, tm1, s1);
+ element_sub(c0, e0, e1);
+ element_mul(c0, c0, C);
+
+ element_mul(e0, t1, s0);
+ element_mul(e1, t0, s1);
+ element_sub(c1, e0, e1);
+
+ element_mul(e0, t2, s0);
+ element_mul(e1, t0, s2);
+ element_sub(c2, e0, e1);
+ element_mul(c2, c2, C);
+
+ element_mul(e0, t2, s1);
+ element_mul(e1, t1, s2);
+ element_sub(c3, e0, e1);
+
+ element_mul(e0, t3, s1);
+ element_mul(e1, t1, s3);
+ element_sub(c4, e0, e1);
+ element_mul(c4, c4, C);
+
+ element_mul(element_x(out), element_x(u), tm1);
+ element_mul(element_y(out), element_y(u), tm1);
+ element_mul(element_x(dm1), element_x(v), sm1);
+ element_mul(element_y(dm1), element_y(v), sm1);
+ element_sub(dm1, dm1, out);
+
+ element_mul(element_x(out), element_x(u), t0);
+ element_mul(element_y(out), element_y(u), t0);
+ element_mul(element_x(d0), element_x(v), s0);
+ element_mul(element_y(d0), element_y(v), s0);
+ element_sub(d0, d0, out);
+
+ element_mul(element_x(out), element_x(u), t1);
+ element_mul(element_y(out), element_y(u), t1);
+ element_mul(element_x(d1), element_x(v), s1);
+ element_mul(element_y(d1), element_y(v), s1);
+ element_sub(d1, d1, out);
+ element_mul(element_x(d1), element_x(d1), A);
+ element_mul(element_y(d1), element_y(d1), A);
+ }
+ if (!m) break;
+ m--;
+ }
+ // since c_k lies base field
+ // it gets killed by the final powering
+ //element_invert(c1, c1);
+ //element_mul(element_x(d1), element_x(d1), c1);
+ //element_mul(element_y(d1), element_y(d1), c1);
+
+ a_tateexp(out, d1, d0, pairing->phikonr);
+
+ element_clear(dm1);
+ element_clear(d0);
+ element_clear(d1);
+
+ element_clear(cm3);
+ element_clear(cm2);
+ element_clear(cm1);
+ element_clear(c0);
+ element_clear(c1);
+ element_clear(c2);
+ element_clear(c3);
+ element_clear(c4);
+
+ element_clear(sm2);
+ element_clear(sm1);
+ element_clear(s0);
+ element_clear(s1);
+ element_clear(s2);
+ element_clear(s3);
+
+ element_clear(tm2);
+ element_clear(tm1);
+ element_clear(t0);
+ element_clear(t1);
+ element_clear(t2);
+ element_clear(t3);
+
+ element_clear(e0);
+ element_clear(e1);
+ element_clear(A);
+ element_clear(B);
+ element_clear(C);
+ element_clear(u);
+ element_clear(v);
+}
+
+struct ellnet_pp_st_s {
+ element_t sm1, s0, s1, s2;
+ element_t tm1, t0, t1, t2;
+};
+typedef struct ellnet_pp_st_s ellnet_pp_st_t[1];
+typedef struct ellnet_pp_st_s *ellnet_pp_st_ptr;
+
+struct ellnet_pp_s {
+ element_t x;
+ element_t y;
+ ellnet_pp_st_t *seq;
+};
+typedef struct ellnet_pp_s ellnet_pp_t[1];
+typedef struct ellnet_pp_s *ellnet_pp_ptr;
+
+static void a_pairing_ellnet_pp_init(pairing_pp_t p, element_ptr in1, pairing_t pairing) {
+ element_ptr x = curve_x_coord(in1);
+ element_ptr y = curve_y_coord(in1);
+ int i, rbits = mpz_sizeinbase(pairing->r, 2);
+ ellnet_pp_ptr pp = p->data = pbc_malloc(sizeof(ellnet_pp_t));
+ pp->seq = pbc_malloc(sizeof(ellnet_pp_st_t) * rbits);
+ element_init_same_as(pp->x, x);
+ element_init_same_as(pp->y, y);
+ element_set(pp->x, x);
+ element_set(pp->y, y);
+ for (i=0; i<rbits; i++) {
+ ellnet_pp_st_ptr seq = pp->seq[i];
+ element_init_same_as(seq->sm1, x);
+ element_init_same_as(seq->s0, x);
+ element_init_same_as(seq->s1, x);
+ element_init_same_as(seq->s2, x);
+ element_init_same_as(seq->tm1, x);
+ element_init_same_as(seq->t0, x);
+ element_init_same_as(seq->t1, x);
+ element_init_same_as(seq->t2, x);
+ }
+
+ //we map (x2,y2) to (-x2, i y2) before pairing
+ //notation: cmi means c_{k-i}, ci means c_{k+i}
+ element_t cm3, cm2, cm1, c0, c1, c2, c3, c4;
+ element_t C;
+
+ element_init_same_as(cm3, x);
+ element_init_same_as(cm2, x);
+ element_init_same_as(cm1, x);
+ element_init_same_as(c0, x);
+ element_init_same_as(c1, x);
+ element_init_same_as(c2, x);
+ element_init_same_as(c3, x);
+ element_init_same_as(c4, x);
+ element_init_same_as(C, x);
+
+ // c1 = 2y
+ // c0 = 1
+ // cm2 = -1
+ // cm3 = -2y
+ element_double(c1, y);
+ element_set1(c0);
+ element_neg(cm3, c1);
+ element_neg(cm2, c0);
+
+ // a = 1, b = 0 for Y^2 = X^3 + X
+ //hence c3 = c_{k+3} = c_4 = 4y(x^6 + 5(x^4 - x^2) - 1)
+ //use cm1, C, c2 as temp variables for now
+ element_square(cm1, x);
+ element_square(C, cm1);
+ element_sub(c2, C, cm1);
+ element_double(c3, c2);
+ element_double(c3, c3);
+ element_add(c3, c3, c2);
+ element_mul(c2, C, cm1);
+ element_add(c3, c3, c2);
+ element_add(c3, c3, cm2);
+ element_mul(c3, c3, c1);
+ element_double(c3, c3);
+
+ // c2 = c_3 = 3x^4 + 6x^2 - 1
+ element_double(cm1, cm1);
+ element_add(cm1, cm1, C);
+ element_double(C, cm1);
+ element_add(C, C, cm1);
+ element_add(c2, C, cm2);
+
+ // c4 = c_5 = c_2^3 c_4 - c_3^3 = c1^3 c3 - c2^3
+ element_square(C, c1);
+ element_mul(c4, C, c1);
+ element_mul(c4, c4, c3);
+ element_square(C, c2);
+ element_mul(C, C, c2);
+ element_sub(c4, c4, C);
+
+ // cm1 = 0
+ // C = (2y)^-1
+ element_set0(cm1);
+ element_invert(C, c1);
+
+ int k = 0;
+ element_t sm2, s3;
+ element_t tm2, t3;
+ element_ptr sm1, s0, s1, s2;
+ element_ptr tm1, t0, t1, t2;
+ element_t e0, e1;
+
+ element_init_same_as(sm2, x);
+ element_init_same_as(s3, x);
+
+ element_init_same_as(tm2, x);
+ element_init_same_as(t3, x);
+
+ element_init_same_as(e0, x);
+ element_init_same_as(e1, x);
+
+ int m = rbits - 2;
+ for (;;) {
+ ellnet_pp_st_ptr seq = pp->seq[k];
+ sm1 = seq->sm1;
+ s0 = seq->s0;
+ s1 = seq->s1;
+ s2 = seq->s2;
+ tm1 = seq->tm1;
+ t0 = seq->t0;
+ t1 = seq->t1;
+ t2 = seq->t2;
+
+ element_square(sm2, cm2);
+ element_square(sm1, cm1);
+ element_square(s0, c0);
+ element_square(s1, c1);
+ element_square(s2, c2);
+ element_square(s3, c3);
+
+ element_mul(tm2, cm3, cm1);
+ element_mul(tm1, cm2, c0);
+ element_mul(t0, cm1, c1);
+ element_mul(t1, c0, c2);
+ element_mul(t2, c1, c3);
+ element_mul(t3, c2, c4);
+
+ if (!m) break;
+ k++;
+
+ if (mpz_tstbit(pairing->r, m)) {
+ //double-and-add
+ element_mul(e0, t0, sm2);
+ element_mul(e1, tm2, s0);
+ element_sub(cm3, e0, e1);
+ element_mul(cm3, cm3, C);
+
+ element_mul(e0, t0, sm1);
+ element_mul(e1, tm1, s0);
+ element_sub(cm2, e0, e1);
+
+ element_mul(e0, t1, sm1);
+ element_mul(e1, tm1, s1);
+ element_sub(cm1, e0, e1);
+ element_mul(cm1, cm1, C);
+
+ element_mul(e0, t1, s0);
+ element_mul(e1, t0, s1);
+ element_sub(c0, e0, e1);
+
+ element_mul(e0, t2, s0);
+ element_mul(e1, t0, s2);
+ element_sub(c1, e0, e1);
+ element_mul(c1, c1, C);
+
+ element_mul(e0, t2, s1);
+ element_mul(e1, t1, s2);
+ element_sub(c2, e0, e1);
+
+ element_mul(e0, t3, s1);
+ element_mul(e1, t1, s3);
+ element_sub(c3, e0, e1);
+ element_mul(c3, c3, C);
+
+ element_mul(e0, t3, s2);
+ element_mul(e1, t2, s3);
+ element_sub(c4, e0, e1);
+
+ } else {
+ //double
+ element_mul(e0, tm1, sm2);
+ element_mul(e1, tm2, sm1);
+ element_sub(cm3, e0, e1);
+
+ element_mul(e0, t0, sm2);
+ element_mul(e1, tm2, s0);
+ element_sub(cm2, e0, e1);
+ element_mul(cm2, cm2, C);
+
+ element_mul(e0, t0, sm1);
+ element_mul(e1, tm1, s0);
+ element_sub(cm1, e0, e1);
+
+ element_mul(e0, t1, sm1);
+ element_mul(e1, tm1, s1);
+ element_sub(c0, e0, e1);
+ element_mul(c0, c0, C);
+
+ element_mul(e0, t1, s0);
+ element_mul(e1, t0, s1);
+ element_sub(c1, e0, e1);
+
+ element_mul(e0, t2, s0);
+ element_mul(e1, t0, s2);
+ element_sub(c2, e0, e1);
+ element_mul(c2, c2, C);
+
+ element_mul(e0, t2, s1);
+ element_mul(e1, t1, s2);
+ element_sub(c3, e0, e1);
+
+ element_mul(e0, t3, s1);
+ element_mul(e1, t1, s3);
+ element_sub(c4, e0, e1);
+ element_mul(c4, c4, C);
+ }
+ m--;
+ }
+
+ element_clear(cm3);
+ element_clear(cm2);
+ element_clear(cm1);
+ element_clear(c0);
+ element_clear(c1);
+ element_clear(c2);
+ element_clear(c3);
+ element_clear(c4);
+
+ element_clear(sm2);
+ element_clear(s3);
+
+ element_clear(tm2);
+ element_clear(t3);
+
+ element_clear(e0);
+ element_clear(e1);
+ element_clear(C);
+}
+
+static void a_pairing_ellnet_pp_clear(pairing_pp_t p) {
+ ellnet_pp_ptr pp = p->data;
+ int i, rbits = mpz_sizeinbase(p->pairing->r, 2);
+ for (i=0; i<rbits; i++) {
+ ellnet_pp_st_ptr seq = pp->seq[i];
+ element_clear(seq->sm1);
+ element_clear(seq->s0);
+ element_clear(seq->s1);
+ element_clear(seq->s2);
+ element_clear(seq->tm1);
+ element_clear(seq->t0);
+ element_clear(seq->t1);
+ element_clear(seq->t2);
+ }
+ element_clear(pp->x);
+ element_clear(pp->y);
+ pbc_free(pp->seq);
+ pbc_free(p->data);
+}
+
+static void a_pairing_ellnet_pp_apply(element_ptr out, element_ptr in2, pairing_pp_t p) {
+ element_ptr x2 = curve_x_coord(in2);
+ element_ptr y2 = curve_y_coord(in2);
+ ellnet_pp_ptr pp = p->data;
+ int rbits = mpz_sizeinbase(p->pairing->r, 2);
+ int k = 0;
+ int m = rbits - 2;
+ element_t A, B;
+ element_t e0, e1;
+ element_t dm1, d0, d1;
+ element_t u, v;
+
+ element_init_same_as(A, x2);
+ element_init_same_as(B, out);
+ element_init_same_as(e0, x2);
+ element_init_same_as(e1, x2);
+ element_init_same_as(dm1, out);
+ element_init_same_as(d0, out);
+ element_init_same_as(d1, out);
+ element_init_same_as(u, out);
+ element_init_same_as(v, out);
+
+ element_add(A, pp->x, x2);
+ element_double(e0, pp->x);
+ element_sub(e0, e0, x2);
+ element_square(e1, A);
+ element_mul(e1, e0, e1);
+ element_set(element_x(d1), pp->y);
+ element_set(element_y(d1), y2);
+ element_square(d1, d1);
+ element_sub(element_x(d1), element_x(d1), e1);
+ element_neg(B, d1);
+ element_invert(B, B);
+ element_invert(A, A);
+ element_mul(element_x(d1), pp->y, A);
+ element_neg(element_x(d1), element_x(d1));
+ element_mul(element_y(d1), y2, A);
+ element_square(d1, d1);
+ element_sub(element_x(d1), e0, element_x(d1));
+ element_neg(element_y(d1), element_y(d1));
+
+ element_set1(dm1);
+ element_set1(d0);
+ for (;;) {
+ element_ptr sm1, s0, s1, s2;
+ element_ptr tm1, t0, t1, t2;
+ ellnet_pp_st_ptr seq = pp->seq[k];
+ sm1 = seq->sm1;
+ s0 = seq->s0;
+ s1 = seq->s1;
+ s2 = seq->s2;
+ tm1 = seq->tm1;
+ t0 = seq->t0;
+ t1 = seq->t1;
+ t2 = seq->t2;
+ k++;
+
+ element_square(u, d0);
+ element_mul(v, dm1, d1);
+
+ if (mpz_tstbit(p->pairing->r, m)) {
+ //double-and-add
+ element_mul(element_x(out), element_x(u), t0);
+ element_mul(element_y(out), element_y(u), t0);
+ element_mul(element_x(dm1), element_x(v), s0);
+ element_mul(element_y(dm1), element_y(v), s0);
+ element_sub(dm1, dm1, out);
+
+ element_mul(element_x(out), element_x(u), t1);
+ element_mul(element_y(out), element_y(u), t1);
+ element_mul(element_x(d0), element_x(v), s1);
+ element_mul(element_y(d0), element_y(v), s1);
+ element_sub(d0, d0, out);
+ element_mul(element_x(d0), element_x(d0), A);
+ element_mul(element_y(d0), element_y(d0), A);
+
+ element_mul(element_x(out), element_x(u), t2);
+ element_mul(element_y(out), element_y(u), t2);
+ element_mul(element_x(d1), element_x(v), s2);
+ element_mul(element_y(d1), element_y(v), s2);
+ element_sub(d1, d1, out);
+ element_mul(d1, d1, B);
+ } else {
+ //double
+ element_mul(element_x(out), element_x(u), tm1);
+ element_mul(element_y(out), element_y(u), tm1);
+ element_mul(element_x(dm1), element_x(v), sm1);
+ element_mul(element_y(dm1), element_y(v), sm1);
+ element_sub(dm1, dm1, out);
+
+ element_mul(element_x(out), element_x(u), t0);
+ element_mul(element_y(out), element_y(u), t0);
+ element_mul(element_x(d0), element_x(v), s0);
+ element_mul(element_y(d0), element_y(v), s0);
+ element_sub(d0, d0, out);
+
+ element_mul(element_x(out), element_x(u), t1);
+ element_mul(element_y(out), element_y(u), t1);
+ element_mul(element_x(d1), element_x(v), s1);
+ element_mul(element_y(d1), element_y(v), s1);
+ element_sub(d1, d1, out);
+ element_mul(element_x(d1), element_x(d1), A);
+ element_mul(element_y(d1), element_y(d1), A);
+ }
+ if (!m) break;
+ m--;
+ }
+ a_tateexp(out, d1, d0, p->pairing->phikonr);
+
+ element_clear(A);
+ element_clear(B);
+ element_clear(e0);
+ element_clear(e1);
+ element_clear(dm1);
+ element_clear(d0);
+ element_clear(d1);
+ element_clear(u);
+ element_clear(v);
+}
+
+//in1, in2 are from E(F_q), out from F_q^2
+static void a_pairing_proj(element_ptr out, element_ptr in1, element_ptr in2,
+ pairing_t pairing) {
+ a_pairing_data_ptr p = pairing->data;
+ element_t V, V1;
+ element_t z, z2;
+ element_t f, f0, f1;
+ element_t a, b, c;
+ element_t e0;
+ const element_ptr e1 = a, e2 = b, e3 = c;
+ int i, n;
+ element_ptr Vx, Vy;
+ element_ptr V1x, V1y;
+ element_ptr Qx = curve_x_coord(in2);
+ element_ptr Qy = curve_y_coord(in2);
+
+ //could save a couple of inversions by avoiding
+ //this function and rewriting do_line() to handle projective coords
+ //convert V from weighted projective (Jacobian) to affine
+ //i.e. (X, Y, Z) --> (X/Z^2, Y/Z^3)
+ //also sets z to 1
+ #define point_to_affine() \
+ element_invert(z, z); \
+ element_square(e0, z); \
+ element_mul(Vx, Vx, e0); \
+ element_mul(e0, e0, z); \
+ element_mul(Vy, Vy, e0); \
+ element_set1(z); \
+ element_set1(z2);
+
+ #define proj_double() { \
+ /* e0 = 3x^2 + (cc->a) z^4 */ \
+ /* for this case a = 1 */ \
+ element_square(e0, Vx); \
+ /*element_mul_si(e0, e0, 3);*/ \
+ element_double(e1, e0); \
+ element_add(e0, e1, e0); \
+ element_square(e1, z2); \
+ element_add(e0, e0, e1); \
+ \
+ /* z_out = 2 y z */ \
+ element_mul(z, Vy, z); \
+ /*element_mul_si(z, z, 2);*/ \
+ element_double(z, z); \
+ element_square(z2, z); \
+ \
+ /* e1 = 4 x y^2 */ \
+ element_square(e2, Vy); \
+ element_mul(e1, Vx, e2); \
+ /*element_mul_si(e1, e1, 4);*/ \
+ element_double(e1, e1); \
+ element_double(e1, e1); \
+ \
+ /* x_out = e0^2 - 2 e1 */ \
+ element_double(e3, e1); \
+ element_square(Vx, e0); \
+ element_sub(Vx, Vx, e3); \
+ \
+ /* e2 = 8y^4 */ \
+ element_square(e2, e2); \
+ /*element_mul_si(e2, e2, 8);*/ \
+ element_double(e2, e2); \
+ element_double(e2, e2); \
+ element_double(e2, e2); \
+ \
+ /*y_out = e0(e1 - x_out) - e2*/\
+ element_sub(e1, e1, Vx); \
+ element_mul(e0, e0, e1); \
+ element_sub(Vy, e0, e2); \
+ }
+
+ #define do_tangent() \
+ compute_abc_tangent_proj(a, b, c, Vx, Vy, z, z2, e0); \
+ a_miller_evalfn(f0, a, b, c, Qx, Qy); \
+ element_mul(f, f, f0);
+
+ #define do_line() \
+ compute_abc_line(a, b, c, Vx, Vy, V1x, V1y, e0); \
+ a_miller_evalfn(f0, a, b, c, Qx, Qy); \
+ element_mul(f, f, f0);
+
+ element_init(V, p->Eq);
+ element_init(V1, p->Eq);
+ element_set(V, in1);
+
+ Vx = curve_x_coord(V);
+ Vy = curve_y_coord(V);
+ V1x = curve_x_coord(V1);
+ V1y = curve_y_coord(V1);
+
+ element_init(f, p->Fq2);
+ element_init(f0, p->Fq2);
+ element_init(f1, p->Fq2);
+ element_set1(f);
+ element_init(a, p->Fq);
+ element_init(b, p->Fq);
+ element_init(c, p->Fq);
+ element_init(e0, p->Fq);
+ element_init(z, p->Fq);
+ element_init(z2, p->Fq);
+ element_set1(z);
+ element_set1(z2);
+ n = p->exp1;
+ for (i=0; i<n; i++) {
+ //f = f^2 g_V,V(Q)
+ //where g_V,V = tangent at V
+ element_square(f, f);
+ do_tangent();
+ proj_double();
+ }
+ point_to_affine();
+ if (p->sign1 < 0) {
+ element_neg(V1, V);
+ element_invert(f1, f);
+ } else {
+ element_set(V1, V);
+ element_set(f1, f);
+ }
+ n = p->exp2;
+ for (; i<n; i++) {
+ element_square(f, f);
+ do_tangent();
+ proj_double();
+ }
+
+ element_mul(f, f, f1);
+ point_to_affine();
+ do_line();
+
+ a_tateexp(out, f, f0, pairing->phikonr);
+
+ element_clear(f);
+ element_clear(f0);
+ element_clear(f1);
+ element_clear(z);
+ element_clear(z2);
+ element_clear(V);
+ element_clear(V1);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(e0);
+ #undef point_to_affine
+ #undef proj_double
+ #undef do_tangent
+ #undef do_line
+}
+
+//in1, in2 are from E(F_q), out from F_q^2
+static void a_pairing_affine(element_ptr out, element_ptr in1, element_ptr in2,
+ pairing_t pairing) {
+ a_pairing_data_ptr p = pairing->data;
+ element_t V, V1;
+ element_t f, f0, f1;
+ element_t a, b, c;
+ element_t e0;
+ int i, n;
+ element_ptr Qx = curve_x_coord(in2);
+ element_ptr Qy = curve_y_coord(in2);
+ element_ptr Vx, Vy;
+ element_ptr V1x, V1y;
+
+ #define do_tangent() \
+ compute_abc_tangent(a, b, c, Vx, Vy, e0); \
+ a_miller_evalfn(f0, a, b, c, Qx, Qy); \
+ element_mul(f, f, f0);
+
+ #define do_line() \
+ compute_abc_line(a, b, c, Vx, Vy, V1x, V1y, e0); \
+ a_miller_evalfn(f0, a, b, c, Qx, Qy); \
+ element_mul(f, f, f0);
+
+ element_init(V, p->Eq);
+ element_init(V1, p->Eq);
+ Vx = curve_x_coord(V);
+ Vy = curve_y_coord(V);
+
+ V1x = curve_x_coord(V1);
+ V1y = curve_y_coord(V1);
+
+ element_set(V, in1);
+ element_init(f, p->Fq2);
+ element_init(f0, p->Fq2);
+ element_init(f1, p->Fq2);
+ element_set1(f);
+ element_init(a, p->Fq);
+ element_init(b, p->Fq);
+ element_init(c, p->Fq);
+ element_init(e0, p->Fq);
+ n = p->exp1;
+ for (i=0; i<n; i++) {
+ //f = f^2 g_V,V(Q)
+ //where g_V,V = tangent at V
+ element_square(f, f);
+ do_tangent();
+ element_double(V, V);
+ }
+ if (p->sign1 < 0) {
+ element_neg(V1, V);
+ element_invert(f1, f);
+ } else {
+ element_set(V1, V);
+ element_set(f1, f);
+ }
+ n = p->exp2;
+ for (; i<n; i++) {
+ element_square(f, f);
+ do_tangent();
+ element_double(V, V);
+ }
+
+ element_mul(f, f, f1);
+ do_line();
+
+ a_tateexp(out, f, f0, pairing->phikonr);
+
+ element_clear(f);
+ element_clear(f0);
+ element_clear(f1);
+ element_clear(V);
+ element_clear(V1);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(e0);
+ #undef do_tangent
+ #undef do_line
+}
+
+// On Computing Products of Pairing
+//in1, in2 are from E(F_q), out from F_q^2
+void a_pairings_affine(element_ptr out, element_t in1[], element_t in2[],
+ int n_prod, pairing_t pairing) {
+ a_pairing_data_ptr p = pairing->data;
+ element_t* V = pbc_malloc(sizeof(element_t)*n_prod);
+ element_t* V1 = pbc_malloc(sizeof(element_t)*n_prod);
+ element_t f, f0, f1;
+ element_t a, b, c;
+ element_t e0;
+ int i, j, n;
+ element_ptr Qx, Qy;
+ element_ptr Vx, Vy;
+ element_ptr V1x, V1y;
+
+ #define do_tangents() \
+ for(j=0; j<n_prod; j++){ \
+ Vx = curve_x_coord(V[j]); \
+ Vy = curve_y_coord(V[j]); \
+ Qx = curve_x_coord(in2[j]); \
+ Qy = curve_y_coord(in2[j]); \
+ \
+ compute_abc_tangent(a, b, c, Vx, Vy, e0); \
+ a_miller_evalfn(f0, a, b, c, Qx, Qy); \
+ element_mul(f, f, f0); \
+ }
+
+ #define do_lines() \
+ for(j=0;j<n_prod;j++){ \
+ Vx = curve_x_coord(V[j]); \
+ Vy = curve_y_coord(V[j]); \
+ V1x = curve_x_coord(V1[j]); \
+ V1y = curve_y_coord(V1[j]); \
+ Qx = curve_x_coord(in2[j]); \
+ Qy = curve_y_coord(in2[j]); \
+ \
+ compute_abc_line(a, b, c, Vx, Vy, V1x, V1y, e0); \
+ a_miller_evalfn(f0, a, b, c, Qx, Qy); \
+ element_mul(f, f, f0); \
+ }
+
+ for(i=0; i<n_prod; i++){
+ element_init(V[i],p->Eq);
+ element_init(V1[i],p->Eq);
+ element_set(V[i],in1[i]);
+ }
+
+
+ element_init(f, p->Fq2);
+ element_init(f0, p->Fq2);
+ element_init(f1, p->Fq2);
+ element_set1(f);
+ element_init(a, p->Fq);
+ element_init(b, p->Fq);
+ element_init(c, p->Fq);
+ element_init(e0, p->Fq);
+ n = p->exp1;
+ for (i=0; i<n; i++) {
+ //f = f^2 g_V,V(Q)
+ //where g_V,V = tangent at V
+ element_square(f, f);
+ do_tangents();
+ element_multi_double(V, V, n_prod); //V_i = V_i + V_i for all i at one time.
+ }
+ if (p->sign1 < 0) {
+ for(j=0; j<n_prod; j++){
+ element_neg(V1[j], V[j]);
+ }
+ element_invert(f1, f);
+ } else {
+ for(j=0; j<n_prod; j++){
+ element_set(V1[j], V[j]);
+ }
+ element_set(f1, f);
+ }
+ n = p->exp2;
+ for (; i<n; i++) {
+ element_square(f, f);
+ do_tangents();
+ element_multi_double(V, V, n_prod);
+ }
+
+ element_mul(f, f, f1);
+ do_lines();
+
+ a_tateexp(out, f, f0, pairing->phikonr);
+
+ element_clear(f);
+ element_clear(f0);
+ element_clear(f1);
+ for(j=0;j<n_prod;j++){
+ element_clear(V[j]);
+ element_clear(V1[j]);
+ }
+ pbc_free(V);
+ pbc_free(V1);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(e0);
+ #undef do_tangents
+ #undef do_lines
+}
+
+static void a_pairing_clear(pairing_t pairing) {
+ field_clear(pairing->GT);
+
+ a_pairing_data_ptr p = pairing->data;
+ field_clear(p->Eq);
+ field_clear(p->Fq);
+ field_clear(p->Fq2);
+ pbc_free(p);
+
+ mpz_clear(pairing->r);
+ mpz_clear(pairing->phikonr);
+ field_clear(pairing->Zr);
+}
+
+static void a_pairing_option_set(pairing_t pairing, char *key, char *value) {
+ if (!strcmp(key, "method")) {
+ if (!strcmp(value, "miller")) {
+ pairing->map = a_pairing_proj;
+ pairing->pp_init = a_pairing_pp_init;
+ pairing->pp_clear = a_pairing_pp_clear;
+ pairing->pp_apply = a_pairing_pp_apply;
+ } else if (!strcmp(value, "miller-affine")) {
+ pairing->map = a_pairing_affine;
+ pairing->pp_init = a_pairing_pp_init;
+ pairing->pp_clear = a_pairing_pp_clear;
+ pairing->pp_apply = a_pairing_pp_apply;
+ } else if (!strcmp(value, "shipsey-stange")) {
+ pairing->map = a_pairing_ellnet;
+ pairing->pp_init = a_pairing_ellnet_pp_init;
+ pairing->pp_clear = a_pairing_ellnet_pp_clear;
+ pairing->pp_apply = a_pairing_ellnet_pp_apply;
+ }
+ }
+}
+
+static void a_finalpow(element_t e) {
+ pairing_ptr pairing = e->field->pairing;
+ element_t t0, t1;
+ element_init_same_as(t0, e->data);
+ element_init_same_as(t1, e->data);
+ a_tateexp(t0, e->data, t1, pairing->phikonr);
+ element_set(e->data, t0);
+ element_clear(t0);
+ element_clear(t1);
+}
+
+static void a_init_pairing(pairing_ptr pairing, void *data) {
+ a_param_ptr param = data;
+ element_t a, b;
+ a_pairing_data_ptr p;
+
+ p = pairing->data = pbc_malloc(sizeof(*p));
+ p->exp2 = param->exp2;
+ p->exp1 = param->exp1;
+ p->sign1 = param->sign1;
+ mpz_init(pairing->r);
+ mpz_set(pairing->r, param->r);
+ field_init_fp(pairing->Zr, pairing->r);
+ pairing->map = a_pairing_proj;
+ pairing->prod_pairings = a_pairings_affine;
+
+ field_init_fp(p->Fq, param->q);
+ element_init(a, p->Fq);
+ element_init(b, p->Fq);
+ element_set1(a);
+ element_set0(b);
+ field_init_curve_ab(p->Eq, a, b, pairing->r, param->h);
+ element_clear(a);
+ element_clear(b);
+
+ field_init_fi(p->Fq2, p->Fq);
+
+ //k=2, hence phi_k(q) = q + 1, phikonr = (q+1)/r
+ mpz_init(pairing->phikonr);
+ mpz_set(pairing->phikonr, param->h);
+
+ pairing->G1 = p->Eq;
+ pairing->G2 = pairing->G1;
+ pairing->phi = phi_identity;
+ pairing_GT_init(pairing, p->Fq2);
+ pairing->finalpow = a_finalpow;
+
+ pairing->clear_func = a_pairing_clear;
+ pairing->option_set = a_pairing_option_set;
+ pairing->pp_init = a_pairing_pp_init;
+ pairing->pp_clear = a_pairing_pp_clear;
+ pairing->pp_apply = a_pairing_pp_apply;
+}
+
+static void a_param_init(pbc_param_ptr par) {
+ static pbc_param_interface_t interface = {{
+ a_clear,
+ a_init_pairing,
+ a_out_str,
+ }};
+ par->api = interface;
+ a_param_ptr p = par->data = pbc_malloc(sizeof(*p));
+ mpz_init(p->r);
+ mpz_init(p->q);
+ mpz_init(p->h);
+}
+
+// Public interface for type A pairings:
+
+int pbc_param_init_a(pbc_param_ptr par, struct symtab_s *tab) {
+ a_param_init(par);
+ a_param_ptr p = par->data;
+
+ int err = 0;
+ err += lookup_mpz(p->q, tab, "q");
+ err += lookup_mpz(p->r, tab, "r");
+ err += lookup_mpz(p->h, tab, "h");
+ err += lookup_int(&p->exp2, tab, "exp2");
+ err += lookup_int(&p->exp1, tab, "exp1");
+ err += lookup_int(&p->sign1, tab, "sign1");
+ err += lookup_int(&p->sign0, tab, "sign0");
+ return err;
+}
+
+void pbc_param_init_a_gen(pbc_param_ptr par, int rbits, int qbits) {
+ a_param_init(par);
+ a_param_ptr sp = par->data;
+ int found = 0;
+
+ mpz_ptr q = sp->q;
+ mpz_ptr r = sp->r;
+ mpz_ptr h = sp->h;
+
+ do {
+ int i;
+ mpz_set_ui(r, 0);
+
+ if (rand() % 2) {
+ sp->exp2 = rbits - 1;
+ sp->sign1 = 1;
+ } else {
+ sp->exp2 = rbits;
+ sp->sign1 = -1;
+ }
+ mpz_setbit(r, sp->exp2);
+
+ //use q as a temp variable
+ mpz_set_ui(q, 0);
+ sp->exp1 = (rand() % (sp->exp2 - 1)) + 1;
+ mpz_setbit(q, sp->exp1);
+ if (sp->sign1 > 0) {
+ mpz_add(r, r, q);
+ } else {
+ mpz_sub(r, r, q);
+ }
+
+ if (rand() % 2) {
+ sp->sign0 = 1;
+ mpz_add_ui(r, r, 1);
+ } else {
+ sp->sign0 = -1;
+ mpz_sub_ui(r, r, 1);
+ }
+ if (!mpz_probab_prime_p(r, 10)) continue;
+ for (i=0; i<10; i++) {
+ int bit;
+ //use q as a temp variable
+ mpz_set_ui(q, 0);
+ bit = qbits - rbits - 4 + 1;
+ if (bit < 3) bit = 3;
+ mpz_setbit(q, bit);
+ pbc_mpz_random(h, q);
+ mpz_mul_ui(h, h, 12);
+ //finally q takes the value it should
+ mpz_mul(q, h, r);
+ mpz_sub_ui(q, q, 1);
+ if (mpz_probab_prime_p(q, 10)) {
+ found = 1;
+ break;
+ }
+ }
+ } while (!found);
+}
+
+// Type A1 pairings:
+
+struct a1_param_s {
+ mpz_t p;
+ mpz_t n;
+ int l;
+};
+typedef struct a1_param_s a1_param_t[1];
+typedef struct a1_param_s *a1_param_ptr;
+
+struct a1_pairing_data_s {
+ field_t Fp, Fp2, Ep;
+};
+typedef struct a1_pairing_data_s a1_pairing_data_t[1];
+typedef struct a1_pairing_data_s *a1_pairing_data_ptr;
+
+static void a1_clear(void *data) {
+ a1_param_ptr param = data;
+ mpz_clear(param->p);
+ mpz_clear(param->n);
+ pbc_free(data);
+}
+
+static void a1_out_str(FILE *stream, void *data) {
+ a1_param_ptr p = data;
+ param_out_type(stream, "a1");
+ param_out_mpz(stream, "p", p->p);
+ param_out_mpz(stream, "n", p->n);
+ param_out_int(stream, "l", p->l);
+}
+
+struct pp2_coeff_s {
+ element_t cx2;
+ element_t cy2;
+ element_t cxy;
+ element_t cx;
+ element_t cy;
+ element_t c;
+};
+typedef struct pp2_coeff_s pp2_coeff_t[1];
+typedef struct pp2_coeff_s *pp2_coeff_ptr;
+
+static void pp2_coeff_set(pp2_coeff_ptr p,
+ element_t cx2, element_t cy2, element_t cxy,
+ element_t cx, element_t cy, element_t c) {
+ element_init(p->cx2, cx2->field);
+ element_init(p->cy2, cy2->field);
+ element_init(p->cxy, cxy->field);
+ element_init(p->cx, cx->field);
+ element_init(p->cy, cy->field);
+ element_init(p->c, c->field);
+ element_set(p->cx2, cx2);
+ element_set(p->cy2, cy2);
+ element_set(p->cxy, cxy);
+ element_set(p->cx, cx);
+ element_set(p->cy, cy);
+ element_set(p->c, c);
+}
+
+static void a1_pairing_pp_clear(pairing_pp_t p) {
+ void **pp = p->data;
+ while (*pp) {
+ pbc_free(*pp);
+ pp++;
+ }
+ pbc_free(p->data);
+}
+
+static void a1_pairing_pp_init(pairing_pp_t p, element_ptr in1, pairing_t pairing) {
+ int m;
+ element_ptr Px = curve_x_coord(in1);
+ element_ptr Py = curve_y_coord(in1);
+ a1_pairing_data_ptr a1info = pairing->data;
+ p->data = pbc_malloc(sizeof(void *) * mpz_sizeinbase(pairing->r, 2));
+ void **pp = p->data;
+ element_t V;
+ element_t a, b, c;
+ element_t a2, b2, c2;
+ element_t e0, e1, e2;
+ element_ptr Vx, Vy;
+
+ #define do_tangent() compute_abc_tangent(a, b, c, Vx, Vy, e0);
+
+ #define do_line() compute_abc_line(a2, b2, c2, Vx, Vy, Px, Py, e0);
+
+ element_init(V, a1info->Ep);
+ element_set(V, in1);
+ Vx = curve_x_coord(V);
+ Vy = curve_y_coord(V);
+
+ element_init(a, a1info->Fp);
+ element_init(b, a1info->Fp);
+ element_init(c, a1info->Fp);
+ element_init(e0, a1info->Fp);
+ element_init(e1, a1info->Fp);
+ element_init(e2, a1info->Fp);
+ element_init(a2, a1info->Fp);
+ element_init(b2, a1info->Fp);
+ element_init(c2, a1info->Fp);
+
+ m = mpz_sizeinbase(pairing->r, 2) - 2;
+
+ for(;;) {
+ do_tangent();
+ if (!m) break;
+ element_double(V, V);
+
+ if (mpz_tstbit(pairing->r, m)) {
+ do_line();
+ element_add(V, V, in1);
+ //preprocess two at once
+ //e0 = coeff of x
+ element_mul(e0, a, c2);
+ element_mul(e1, a2, c);
+ element_add(e0, e0, e1);
+
+ //e1 = coeff of y
+ element_mul(e1, b2, c);
+ element_mul(e2, b, c2);
+ element_add(e1, e1, e2);
+
+ //c = constant term
+ element_mul(c, c, c2);
+
+ //c2 = coeff of xy
+ element_mul(c2, a, b2);
+ element_mul(e2, a2, b);
+ element_add(c2, c2, e2);
+
+ //a = coeff of x^2
+ element_mul(a, a, a2);
+
+ //b = coeff of y^2
+ element_mul(b, b, b2);
+
+ *pp = pbc_malloc(sizeof(pp2_coeff_t));
+ pp2_coeff_set(*pp, a, b, c2, e0, e1, c);
+ } else {
+ *pp = pbc_malloc(sizeof(pp_coeff_t));
+ pp_coeff_set(*pp, a, b, c);
+ }
+ pp++;
+ m--;
+ }
+ *pp = pbc_malloc(sizeof(pp_coeff_t));
+ pp_coeff_set(*pp, a, b, c);
+ pp++;
+ *pp = NULL;
+
+ element_clear(a2);
+ element_clear(b2);
+ element_clear(c2);
+ element_clear(e2);
+ element_clear(e1);
+ element_clear(e0);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(V);
+ #undef do_tangent
+ #undef do_line
+}
+
+static void a1_pairing_pp_apply(element_ptr out, element_ptr in2, pairing_pp_t p) {
+ void **pp = p->data;
+ a1_pairing_data_ptr a1info = p->pairing->data;
+ element_t f, f0;
+ element_t e0, e1;
+ int m;
+ element_ptr Qx = curve_x_coord(in2);
+ element_ptr Qy = curve_y_coord(in2);
+ element_t Qx2, Qy2, Qxy;
+
+ #define do_tangent() \
+ pp_coeff_ptr ppp = *pp; \
+ a_miller_evalfn(f0, ppp->a, ppp->b, ppp->c, Qx, Qy);
+
+ #define do_line() { \
+ pp2_coeff_ptr ppp = *pp; \
+ /*we'll map Q via (x,y) --> (-x, iy) */ \
+ /*hence Qx^2 = x^2, Qy^2 = -y^2, Qx Qy = -ixy */\
+ /*where x = Q'x, y = Q'y */ \
+ \
+ /* Re = cx2 x^2 - cy2 y^2 - cx x + c */ \
+ /* Im = -cxy xy + cy y */ \
+ element_mul(e0, ppp->cx2, Qx2); \
+ element_mul(e1, ppp->cy2, Qy2); \
+ element_sub(e0, e0, e1); \
+ element_mul(e1, ppp->cx, Qx); \
+ element_sub(e0, e0, e1); \
+ element_add(element_x(f0), e0, ppp->c); \
+ \
+ element_mul(e0, ppp->cy, Qy); \
+ element_mul(e1, ppp->cxy, Qxy); \
+ element_sub(element_y(f0), e0, e1); \
+ }
+
+ element_init(f, out->field);
+ element_init(f0, out->field);
+
+ element_set1(f);
+
+ element_init(e0, a1info->Fp);
+ element_init(e1, a1info->Fp);
+ element_init(Qx2, a1info->Fp);
+ element_init(Qy2, a1info->Fp);
+ element_init(Qxy, a1info->Fp);
+
+ element_square(Qx2, Qx);
+ element_square(Qy2, Qy);
+ element_mul(Qxy, Qx, Qy);
+
+ m = mpz_sizeinbase(p->pairing->r, 2) - 2;
+
+ while (m > 0) {
+ if (mpz_tstbit(p->pairing->r, m)) {
+ do_line();
+ } else {
+ do_tangent();
+ }
+ element_mul(f, f, f0);
+ pp++;
+ m--;
+ element_square(f, f);
+ }
+ do_tangent();
+ element_mul(f, f, f0);
+
+ //Tate exponentiation
+ //simpler but slower:
+ //element_pow_mpz(out, f, p->tateexp);
+ //use this trick instead:
+ element_invert(f0, f);
+ element_neg(element_y(f), element_y(f));
+ element_mul(f, f, f0);
+ element_pow_mpz(out, f, p->pairing->phikonr);
+
+ /* We could use this instead but p->h is small so this does not help much
+ a_tateexp(out, f, f0, p->h);
+ */
+
+ element_clear(Qx2);
+ element_clear(Qy2);
+ element_clear(Qxy);
+ element_clear(f);
+ element_clear(f0);
+ element_clear(e1);
+ element_clear(e0);
+ #undef do_tangent
+ #undef do_line
+}
+
+// e0 is a temp var.
+// Mixed coordinates.
+static void compute_abc_line_proj(element_ptr a, element_ptr b, element_ptr c,
+ element_ptr Vx, element_ptr Vy, element_ptr z, element_ptr z2,
+ element_ptr V1x, element_ptr V1y, element_ptr e0) {
+ //temporally used to store Z1^3
+ element_mul(c,z,z2);
+ //a = Y1-Y2*Z1^3
+ element_mul(e0,V1y,c);
+ element_sub(a,Vy,e0);
+ //b = -(X1*Z1-X2*Z1^3)
+ element_mul(b,c,V1x);
+ element_mul(e0,Vx,z);
+ element_sub(b,b,e0);
+ //c = -(Y2*b+X2*a)
+ element_mul(c,b,V1y);
+ element_mul(e0,a,V1x);
+ element_add(c,c,e0);
+ element_neg(c,c);
+}
+
+// in1, in2 are from E(F_q), out from F_q^2
+static void a1_pairing_proj(element_ptr out, element_ptr in1, element_ptr in2,
+ pairing_t pairing) {
+ a1_pairing_data_ptr p = pairing->data;
+ element_t V;
+ element_t z, z2;
+ element_t f, f0;
+ element_t a, b, c;
+ element_t e0;
+ const element_ptr e1 = a, e2 = b, e3 = c; // used in point_to_affine() etc.
+ int m;
+ element_ptr Px = curve_x_coord(in1);
+ element_ptr Py = curve_y_coord(in1);
+ element_ptr Qx = curve_x_coord(in2);
+ element_ptr Qy = curve_y_coord(in2);
+ element_ptr Vx;
+ element_ptr Vy;
+
+ #define point_to_affine() \
+ element_invert(z, z); \
+ element_square(e0, z); \
+ element_mul(Vx, Vx, e0); \
+ element_mul(e0, e0, z); \
+ element_mul(Vy, Vy, e0); \
+ element_set1(z); \
+ element_set1(z2);
+
+ //TODO: do I need to check if V=-in1?
+ //Where V=(Vx,Vy,z) and in1=(Px,Py,1), a mixed coordinates.
+ #define proj_add() { \
+ /* H=X2*Z1^2-X1 */ \
+ element_mul(e0,Px,z2); \
+ element_sub(e0,e0,Vx); \
+ /* H^2 */ \
+ element_square(e1,e0); \
+ /* r=Y2*Z1^3-Y1 */ \
+ element_mul(e2,z,z2); \
+ element_mul(e2,e2,Py); \
+ element_sub(e2,e2,Vy); \
+ \
+ /* X3=r^2-H^3-2X1*H^2 */ \
+ element_set(z2,Vx); /* use z2 to store X1 and update Vx=X3 */ \
+ element_square(Vx,e2); \
+ element_mul(e3,e0,e1); /* e3=H^3 */ \
+ element_sub(Vx,Vx,e3); \
+ element_double(e3,z2); \
+ element_mul(e3,e3,e1); /* 2X1*H^2 */ \
+ element_sub(Vx,Vx,e3); \
+ /* Y3=r(X1*H^2-X3)-Y1*H^3 */ \
+ element_mul(e3,z2,e1); \
+ element_sub(e3,e3,Vx); \
+ element_mul(e3,e3,e2); \
+ element_mul(e2,e0,e1); /* e2 no longer used. */ \
+ element_mul(e2,e2,Vy); \
+ element_sub(Vy,e3,e2); \
+ /* Z3=Z1*H */ \
+ element_mul(z,z,e0); \
+ element_square(z2,z); \
+ }
+
+ #define proj_double() { \
+ /* e0 = 3x^2 + (cc->a) z^4 */ \
+ /* for this case a = 1 */ \
+ element_square(e0, Vx); \
+ /* element_mul_si(e0, e0, 3); */ \
+ element_double(e1, e0); \
+ element_add(e0, e1, e0); \
+ element_square(e1, z2); \
+ element_add(e0, e0, e1); \
+ \
+ /* z_out = 2 y z */ \
+ element_mul(z, Vy, z); \
+ /* element_mul_si(z, z, 2); */ \
+ element_double(z, z); \
+ element_square(z2, z); \
+ \
+ /* e1 = 4 x y^2 */ \
+ element_square(e2, Vy); \
+ element_mul(e1, Vx, e2); \
+ /* element_mul_si(e1, e1, 4); */ \
+ element_double(e1, e1); \
+ element_double(e1, e1); \
+ \
+ /* x_out = e0^2 - 2 e1 */ \
+ element_double(e3, e1); \
+ element_square(Vx, e0); \
+ element_sub(Vx, Vx, e3); \
+ \
+ /* e2 = 8y^4 */ \
+ element_square(e2, e2); \
+ /* element_mul_si(e2, e2, 8); */ \
+ element_double(e2, e2); \
+ element_double(e2, e2); \
+ element_double(e2, e2); \
+ \
+ /* y_out = e0(e1 - x_out) - e2 */ \
+ element_sub(e1, e1, Vx); \
+ element_mul(e0, e0, e1); \
+ element_sub(Vy, e0, e2); \
+ }
+
+ #define do_tangent() { \
+ compute_abc_tangent_proj(a, b, c, Vx, Vy, z, z2, e0); \
+ a_miller_evalfn(f0, a, b, c, Qx, Qy); \
+ element_mul(f, f, f0); \
+ }
+
+ #define do_line() { \
+ compute_abc_line_proj(a, b, c, Vx, Vy, z, z2, Px, Py, e0); \
+ a_miller_evalfn(f0, a, b, c, Qx, Qy); \
+ element_mul(f, f, f0); \
+ }
+
+ element_init(V, p->Ep);
+ element_set(V, in1);
+ Vx = curve_x_coord(V);
+ Vy = curve_y_coord(V);
+
+ element_init(f, p->Fp2);
+ element_init(f0, p->Fp2);
+ element_set1(f);
+ element_init(a, p->Fp);
+ element_init(b, p->Fp);
+ element_init(c, p->Fp);
+ element_init(e0, p->Fp);
+ element_init(z, p->Fp);
+ element_init(z2, p->Fp);
+ element_set1(z);
+ element_set1(z2);
+
+ m = mpz_sizeinbase(pairing->r, 2) - 2;
+ //TODO: sliding NAF
+ for(;;) {
+ do_tangent();
+ if (!m) break;
+
+ proj_double(); //V=2V
+ if (mpz_tstbit(pairing->r, m)) {
+ // point_to_affine();
+ do_line();
+ proj_add(); //V=V+in1
+ }
+
+ m--;
+ element_square(f, f);
+ }
+
+ // Tate exponentiation.
+ // Simpler but slower:
+ // element_pow_mpz(out, f, p->tateexp);
+ // Use this trick instead:
+ element_invert(f0, f);
+ element_neg(element_y(f), element_y(f));
+ element_mul(f, f, f0);
+ element_pow_mpz(out, f, pairing->phikonr);
+
+ /* We could use this instead but p->h is small so this does not help much
+ a_tateexp(out, f, f0, p->h);
+ */
+
+ element_clear(f);
+ element_clear(f0);
+ element_clear(z);
+ element_clear(z2);
+ element_clear(V);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(e0);
+ #undef point_to_affine
+ #undef proj_add
+ #undef proj_double
+ #undef do_tangent
+ #undef do_line
+}
+
+//in1, in2 are from E(F_q), out from F_q^2
+static void a1_pairing(element_ptr out, element_ptr in1, element_ptr in2,
+ pairing_t pairing) {
+ a1_pairing_data_ptr p = pairing->data;
+ element_t V;
+ element_t f, f0;
+ element_t a, b, c;
+ element_t e0;
+ int m;
+ element_ptr Px = curve_x_coord(in1);
+ element_ptr Py = curve_y_coord(in1);
+ element_ptr Qx = curve_x_coord(in2);
+ element_ptr Qy = curve_y_coord(in2);
+ element_ptr Vx;
+ element_ptr Vy;
+
+ #define do_tangent() { \
+ compute_abc_tangent(a, b, c, Vx, Vy, e0); \
+ a_miller_evalfn(f0, a, b, c, Qx, Qy); \
+ element_mul(f, f, f0); \
+ }
+
+ #define do_line() { \
+ compute_abc_line(a, b, c, Vx, Vy, Px, Py, e0); \
+ a_miller_evalfn(f0, a, b, c, Qx, Qy); \
+ element_mul(f, f, f0); \
+ }
+
+ element_init(V, p->Ep);
+ element_set(V, in1);
+ Vx = curve_x_coord(V);
+ Vy = curve_y_coord(V);
+
+ element_init(f, p->Fp2);
+ element_init(f0, p->Fp2);
+ element_set1(f);
+ element_init(a, p->Fp);
+ element_init(b, p->Fp);
+ element_init(c, p->Fp);
+ element_init(e0, p->Fp);
+
+ m = mpz_sizeinbase(pairing->r, 2) - 2;
+
+ //TODO: sliding NAF
+ for(;;) {
+ do_tangent();
+ if (!m) break;
+
+ element_double(V, V);
+ if (mpz_tstbit(pairing->r, m)) {
+ do_line();
+ element_add(V, V, in1);
+ }
+
+ m--;
+ element_square(f, f);
+ }
+
+ // Tate exponentiation.
+ // Simpler but slower:
+ // element_pow_mpz(out, f, p->tateexp);
+ // Use this trick instead:
+ element_invert(f0, f);
+ element_neg(element_y(f), element_y(f));
+ element_mul(f, f, f0);
+ element_pow_mpz(out, f, pairing->phikonr);
+
+ /* We could use this instead but p->h is small so this does not help much
+ a_tateexp(out, f, f0, p->h);
+ */
+
+ element_clear(f);
+ element_clear(f0);
+ element_clear(V);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(e0);
+ #undef do_tangent
+ #undef do_line
+}
+
+//in1, in2 are from E(F_q), out from F_q^2
+void a1_pairings_affine(element_ptr out, element_t in1[], element_t in2[],
+ int n_prod, pairing_t pairing) {
+ a1_pairing_data_ptr p = pairing->data;
+ element_t* V = pbc_malloc(sizeof(element_t)*n_prod);
+ element_t f, f0;
+ element_t a, b, c;
+ element_t e0;
+ int m, i;
+ element_ptr Px, Py;
+ element_ptr Qx, Qy;
+ element_ptr Vx, Vy;
+
+ #define do_tangents() { \
+ for(i=0; i<n_prod; i++){ \
+ Vx = curve_x_coord(V[i]); \
+ Vy = curve_y_coord(V[i]); \
+ Qx = curve_x_coord(in2[i]); \
+ Qy = curve_y_coord(in2[i]); \
+ compute_abc_tangent(a, b, c, Vx, Vy, e0); \
+ a_miller_evalfn(f0, a, b, c, Qx, Qy); \
+ element_mul(f, f, f0); \
+ } \
+ }
+
+ #define do_lines() { \
+ for(i=0; i<n_prod; i++){ \
+ Vx = curve_x_coord(V[i]); \
+ Vy = curve_y_coord(V[i]); \
+ Px = curve_x_coord(in1[i]); \
+ Py = curve_y_coord(in1[i]); \
+ Qx = curve_x_coord(in2[i]); \
+ Qy = curve_y_coord(in2[i]); \
+ compute_abc_line(a, b, c, Vx, Vy, Px, Py, e0); \
+ a_miller_evalfn(f0, a, b, c, Qx, Qy); \
+ element_mul(f, f, f0); \
+ } \
+ }
+
+ for(i=0; i<n_prod; i++){
+ element_init(V[i], p->Ep);
+ element_set(V[i], in1[i]);
+ }
+ element_init(f, p->Fp2);
+ element_init(f0, p->Fp2);
+ element_set1(f);
+ element_init(a, p->Fp);
+ element_init(b, p->Fp);
+ element_init(c, p->Fp);
+ element_init(e0, p->Fp);
+
+ m = mpz_sizeinbase(pairing->r, 2) - 2;
+
+ //TODO: sliding NAF
+ for(;;) {
+ do_tangents();
+ if (!m) break;
+ element_multi_double(V, V, n_prod);
+ if (mpz_tstbit(pairing->r, m)) {
+ do_lines();
+ element_multi_add(V, V, in1, n_prod);
+ }
+
+ m--;
+ element_square(f, f);
+ }
+
+ // Tate exponentiation.
+ // Simpler but slower:
+ // element_pow_mpz(out, f, p->tateexp);
+ // Use this trick instead:
+ element_invert(f0, f);
+ element_neg(element_y(f), element_y(f));
+ element_mul(f, f, f0);
+ element_pow_mpz(out, f, pairing->phikonr);
+
+ /* We could use this instead but p->h is small so this does not help much
+ a_tateexp(out, f, f0, p->h);
+ */
+
+ element_clear(f);
+ element_clear(f0);
+ for(i=0; i<n_prod; i++){
+ element_clear(V[i]);
+ }
+ pbc_free(V);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(e0);
+ #undef do_tangents
+ #undef do_lines
+}
+
+static void a1_pairing_clear(pairing_t pairing) {
+ field_clear(pairing->GT);
+
+ a1_pairing_data_ptr p = pairing->data;
+ field_clear(p->Ep);
+ field_clear(p->Fp2);
+ field_clear(p->Fp);
+ pbc_free(p);
+
+ mpz_clear(pairing->phikonr);
+ mpz_clear(pairing->r);
+ field_clear(pairing->Zr);
+}
+
+static void a1_pairing_option_set(pairing_t pairing, char *key, char *value) {
+ if (!strcmp(key, "method")) {
+ if (!strcmp(value, "miller")) {
+ pairing->map = a1_pairing_proj;
+ pairing->pp_init = a1_pairing_pp_init;
+ pairing->pp_clear = a1_pairing_pp_clear;
+ pairing->pp_apply = a1_pairing_pp_apply;
+ } else if (!strcmp(value, "miller-affine")){
+ pairing->map = a1_pairing;
+ pairing->pp_init = a1_pairing_pp_init;
+ pairing->pp_clear = a1_pairing_pp_clear;
+ pairing->pp_apply = a1_pairing_pp_apply;
+ } else if (!strcmp(value, "shipsey-stange")) {
+ pairing->map = a_pairing_ellnet;
+ pairing->pp_init = a_pairing_ellnet_pp_init;
+ pairing->pp_clear = a_pairing_ellnet_pp_clear;
+ pairing->pp_apply = a_pairing_ellnet_pp_apply;
+ }
+ }
+}
+
+static void a1_init_pairing(pairing_t pairing, void *data) {
+ a1_param_ptr param = data;
+ element_t a, b;
+ mpz_init(pairing->r);
+ mpz_set(pairing->r, param->n);
+ field_init_fp(pairing->Zr, pairing->r);
+
+ a1_pairing_data_ptr p;
+
+ p = pairing->data = pbc_malloc(sizeof(a1_pairing_data_t));
+
+ //k=2, hence phi_k(q) = q + 1, phikonr = (q+1)/r
+ mpz_init(pairing->phikonr);
+ mpz_set_ui(pairing->phikonr, param->l);
+
+ field_init_fp(p->Fp, param->p);
+ element_init(a, p->Fp);
+ element_init(b, p->Fp);
+ element_set1(a);
+ element_set0(b);
+ field_init_curve_ab(p->Ep, a, b, pairing->r, pairing->phikonr);
+
+ // Turns out to be faster.
+ field_curve_use_random_solvefory(p->Ep);
+
+ element_clear(a);
+ element_clear(b);
+ field_init_fi(p->Fp2, p->Fp);
+
+ pairing->finalpow = a_finalpow;
+ pairing->G1 = pbc_malloc(sizeof(field_t));
+ pairing->G2 = pairing->G1 = p->Ep;
+ pairing_GT_init(pairing, p->Fp2);
+
+ pairing->map = a1_pairing_proj; //default uses projective coordinates.
+ pairing->phi = phi_identity;
+ pairing->prod_pairings = a1_pairings_affine;
+
+ pairing->clear_func = a1_pairing_clear;
+
+ pairing->pp_init = a1_pairing_pp_init;
+ pairing->pp_clear = a1_pairing_pp_clear;
+ pairing->pp_apply = a1_pairing_pp_apply;
+ pairing->option_set = a1_pairing_option_set;
+}
+
+static void a1_init(pbc_param_t p) {
+ static pbc_param_interface_t interface = {{
+ a1_clear,
+ a1_init_pairing,
+ a1_out_str,
+ }};
+ p->api = interface;
+ a1_param_ptr param = p->data = pbc_malloc(sizeof(*param));
+ mpz_init(param->p);
+ mpz_init(param->n);
+}
+
+// Public interface:
+
+int pbc_param_init_a1(pbc_param_ptr par, struct symtab_s *tab) {
+ a1_init(par);
+ a1_param_ptr p = par->data;
+
+ int err = 0;
+ err += lookup_mpz(p->p, tab, "p");
+ err += lookup_mpz(p->n, tab, "n");
+ err += lookup_int(&p->l, tab, "l");
+ return err;
+}
+
+void pbc_param_init_a1_gen(pbc_param_ptr par, mpz_t order) {
+ a1_init(par);
+ a1_param_ptr param = par->data;
+ // If order is even, ideally check all even l, not just multiples of 4
+ // but I don't see a good reason for having an even order.
+ unsigned int l = 4;
+ mpz_t n;
+ mpz_ptr p = param->p;
+ mpz_init(n);
+ mpz_mul_ui(n, order, 4);
+ mpz_sub_ui(p, n, 1);
+ for (;;) {
+ if (mpz_probab_prime_p(p, 20)) {
+ break;
+ }
+ mpz_add(p, p, n);
+ l += 4;
+ }
+ param->l = l;
+ mpz_set(param->n, order);
+ mpz_clear(n);
+}
diff --git a/moon-abe/pbc-0.5.14/ecc/curve.c b/moon-abe/pbc-0.5.14/ecc/curve.c
new file mode 100644
index 00000000..3bc1f020
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/ecc/curve.c
@@ -0,0 +1,987 @@
+#include <ctype.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h>
+#include <string.h>
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_multiz.h"
+#include "pbc_poly.h"
+#include "pbc_curve.h"
+#include "pbc_memory.h"
+#include "pbc_random.h"
+#include "misc/darray.h"
+
+// Per-field data.
+typedef struct {
+ field_ptr field; // The field where the curve is defined.
+ element_t a, b; // The curve is E: Y^2 = X^3 + a X + b.
+ // cofac == NULL means we're using the whole group of points.
+ // otherwise we're working in the subgroup of order #E / cofac,
+ // where #E is the number of points in E.
+ mpz_ptr cofac;
+ // A generator of E.
+ element_t gen_no_cofac;
+ // A generator of the subgroup.
+ element_t gen;
+ // A non-NULL quotient_cmp means we are working with the quotient group of
+ // order #E / quotient_cmp, and the points are actually coset
+ // representatives. Thus for a comparison, we must multiply by quotient_cmp
+ // before comparing.
+ mpz_ptr quotient_cmp;
+} *curve_data_ptr;
+
+// Per-element data. Elements of this group are points on the elliptic curve.
+typedef struct {
+ int inf_flag; // inf_flag == 1 means O, the point at infinity.
+ element_t x, y; // Otherwise we have the finite point (x, y).
+} *point_ptr;
+
+static void curve_init(element_ptr e) {
+ curve_data_ptr cdp = e->field->data;
+ point_ptr p = e->data = pbc_malloc(sizeof(*p));
+ element_init(p->x, cdp->field);
+ element_init(p->y, cdp->field);
+ p->inf_flag = 1;
+}
+
+static void curve_clear(element_ptr e) {
+ point_ptr p = e->data;
+ element_clear(p->x);
+ element_clear(p->y);
+ pbc_free(e->data);
+}
+
+static int curve_is_valid_point(element_ptr e) {
+ element_t t0, t1;
+ int result;
+ curve_data_ptr cdp = e->field->data;
+ point_ptr p = e->data;
+
+ if (p->inf_flag) return 1;
+
+ element_init(t0, cdp->field);
+ element_init(t1, cdp->field);
+ element_square(t0, p->x);
+ element_add(t0, t0, cdp->a);
+ element_mul(t0, t0, p->x);
+ element_add(t0, t0, cdp->b);
+ element_square(t1, p->y);
+ result = !element_cmp(t0, t1);
+
+ element_clear(t0);
+ element_clear(t1);
+ return result;
+}
+
+static void curve_invert(element_ptr c, element_ptr a) {
+ point_ptr r = c->data, p = a->data;
+
+ if (p->inf_flag) {
+ r->inf_flag = 1;
+ return;
+ }
+ r->inf_flag = 0;
+ element_set(r->x, p->x);
+ element_neg(r->y, p->y);
+}
+
+static void curve_set(element_ptr c, element_ptr a) {
+ point_ptr r = c->data, p = a->data;
+ if (p->inf_flag) {
+ r->inf_flag = 1;
+ return;
+ }
+ r->inf_flag = 0;
+ element_set(r->x, p->x);
+ element_set(r->y, p->y);
+}
+
+static inline void double_no_check(point_ptr r, point_ptr p, element_ptr a) {
+ element_t lambda, e0, e1;
+ field_ptr f = r->x->field;
+
+ element_init(lambda, f);
+ element_init(e0, f);
+ element_init(e1, f);
+
+ //lambda = (3x^2 + a) / 2y
+ element_square(lambda, p->x);
+ element_mul_si(lambda, lambda, 3);
+ element_add(lambda, lambda, a);
+
+ element_double(e0, p->y);
+
+ element_invert(e0, e0);
+ element_mul(lambda, lambda, e0);
+ //x1 = lambda^2 - 2x
+ //element_add(e1, p->x, p->x);
+ element_double(e1, p->x);
+ element_square(e0, lambda);
+ element_sub(e0, e0, e1);
+ //y1 = (x - x1)lambda - y
+ element_sub(e1, p->x, e0);
+ element_mul(e1, e1, lambda);
+ element_sub(e1, e1, p->y);
+
+ element_set(r->x, e0);
+ element_set(r->y, e1);
+ r->inf_flag = 0;
+
+ element_clear(lambda);
+ element_clear(e0);
+ element_clear(e1);
+ return;
+}
+
+static void curve_double(element_ptr c, element_ptr a) {
+ curve_data_ptr cdp = a->field->data;
+ point_ptr r = c->data, p = a->data;
+ if (p->inf_flag) {
+ r->inf_flag = 1;
+ return;
+ }
+ if (element_is0(p->y)) {
+ r->inf_flag = 1;
+ return;
+ }
+ double_no_check(r, p, cdp->a);
+}
+
+static void curve_mul(element_ptr c, element_ptr a, element_ptr b) {
+ curve_data_ptr cdp = a->field->data;
+ point_ptr r = c->data, p = a->data, q = b->data;
+
+ if (p->inf_flag) {
+ curve_set(c, b);
+ return;
+ }
+ if (q->inf_flag) {
+ curve_set(c, a);
+ return;
+ }
+ if (!element_cmp(p->x, q->x)) {
+ if (!element_cmp(p->y, q->y)) {
+ if (element_is0(p->y)) {
+ r->inf_flag = 1;
+ return;
+ } else {
+ double_no_check(r, p, cdp->a);
+ return;
+ }
+ }
+ //points are inverses of each other
+ r->inf_flag = 1;
+ return;
+ } else {
+ element_t lambda, e0, e1;
+
+ element_init(lambda, cdp->field);
+ element_init(e0, cdp->field);
+ element_init(e1, cdp->field);
+
+ //lambda = (y2-y1)/(x2-x1)
+ element_sub(e0, q->x, p->x);
+ element_invert(e0, e0);
+ element_sub(lambda, q->y, p->y);
+ element_mul(lambda, lambda, e0);
+ //x3 = lambda^2 - x1 - x2
+ element_square(e0, lambda);
+ element_sub(e0, e0, p->x);
+ element_sub(e0, e0, q->x);
+ //y3 = (x1-x3)lambda - y1
+ element_sub(e1, p->x, e0);
+ element_mul(e1, e1, lambda);
+ element_sub(e1, e1, p->y);
+
+ element_set(r->x, e0);
+ element_set(r->y, e1);
+ r->inf_flag = 0;
+
+ element_clear(lambda);
+ element_clear(e0);
+ element_clear(e1);
+ }
+}
+
+//compute c_i=a_i+a_i at one time.
+static void multi_double(element_ptr c[], element_ptr a[], int n) {
+ int i;
+ element_t* table = pbc_malloc(sizeof(element_t)*n); //a big problem?
+ element_t e0, e1, e2;
+ point_ptr q, r;
+ curve_data_ptr cdp = a[0]->field->data;
+
+ q=a[0]->data;
+ element_init(e0,q->y->field);
+ element_init(e1,q->y->field);
+ element_init(e2,q->y->field);
+
+ for(i=0; i<n; i++){
+ q=a[i]->data; r=c[i]->data;
+ element_init(table[i],q->y->field);
+
+ if (q->inf_flag) {
+ r->inf_flag = 1;
+ continue;
+ }
+ if (element_is0(q->y)) {
+ r->inf_flag = 1;
+ continue;
+ }
+ }
+ //to compute 1/2y multi. see Cohen's GTM139 Algorithm 10.3.4
+ for(i=0; i<n; i++){
+ q=a[i]->data;
+ element_double(table[i],q->y);
+ if(i>0) element_mul(table[i],table[i],table[i-1]);
+ }
+ element_invert(e2,table[n-1]); //ONLY ONE inv is required now.
+ for(i=n-1; i>0; i--){
+ q=a[i]->data;
+ element_mul(table[i],table[i-1],e2);
+ element_mul(e2,e2,q->y);
+ element_double(e2,e2); //e2=e2*2y_j
+ }
+ element_set(table[0],e2); //e2 no longer used.
+
+ for(i=0; i<n; i++){
+ q=a[i]->data;
+ r=c[i]->data;
+ if(r->inf_flag) continue;
+
+ //e2=lambda = (3x^2 + a) / 2y
+ element_square(e2, q->x);
+ element_mul_si(e2, e2, 3);
+ element_add(e2, e2, cdp->a);
+
+ element_mul(e2, e2, table[i]); //Recall that table[i]=1/2y_i
+ //x1 = lambda^2 - 2x
+ element_double(e1, q->x);
+ element_square(e0, e2);
+ element_sub(e0, e0, e1);
+ //y1 = (x - x1)lambda - y
+ element_sub(e1, q->x, e0);
+ element_mul(e1, e1, e2);
+ element_sub(e1, e1, q->y);
+ element_set(r->x, e0);
+ element_set(r->y, e1);
+ r->inf_flag = 0;
+ }
+
+ element_clear(e0);
+ element_clear(e1);
+ element_clear(e2);
+ for(i=0; i<n; i++){
+ element_clear(table[i]);
+ }
+ pbc_free(table);
+}
+
+//compute c_i=a_i+b_i at one time.
+static void multi_add(element_ptr c[], element_ptr a[], element_ptr b[], int n){
+ int i;
+ element_t* table = pbc_malloc(sizeof(element_t)*n); //a big problem?
+ point_ptr p, q, r;
+ element_t e0, e1, e2;
+ curve_data_ptr cdp = a[0]->field->data;
+
+ p = a[0]->data;
+ q = b[0]->data;
+ element_init(e0, p->x->field);
+ element_init(e1, p->x->field);
+ element_init(e2, p->x->field);
+
+ element_init(table[0], p->x->field);
+ element_sub(table[0], q->x, p->x);
+ for(i=1; i<n; i++){
+ p = a[i]->data;
+ q = b[i]->data;
+ element_init(table[i], p->x->field);
+ element_sub(table[i], q->x, p->x);
+ element_mul(table[i], table[i], table[i-1]);
+ }
+ element_invert(e2, table[n-1]);
+ for(i=n-1; i>0; i--){
+ p = a[i]->data;
+ q = b[i]->data;
+ element_mul(table[i], table[i-1], e2);
+ element_sub(e1, q->x, p->x);
+ element_mul(e2,e2,e1); //e2=e2*(x2_j-x1_j)
+ }
+ element_set(table[0],e2); //e2 no longer used.
+
+ for(i=0; i<n; i++){
+ p = a[i]->data;
+ q = b[i]->data;
+ r = c[i]->data;
+ if (p->inf_flag) {
+ curve_set(c[i], b[i]);
+ continue;
+ }
+ if (q->inf_flag) {
+ curve_set(c[i], a[i]);
+ continue;
+ }
+ if (!element_cmp(p->x, q->x)) { //a[i]=b[i]
+ if (!element_cmp(p->y, q->y)) {
+ if (element_is0(p->y)) {
+ r->inf_flag = 1;
+ continue;
+ } else {
+ double_no_check(r, p, cdp->a);
+ continue;
+ }
+ }
+ //points are inverses of each other
+ r->inf_flag = 1;
+ continue;
+ } else {
+ //lambda = (y2-y1)/(x2-x1)
+ element_sub(e2, q->y, p->y);
+ element_mul(e2, e2, table[i]);
+ //x3 = lambda^2 - x1 - x2
+ element_square(e0, e2);
+ element_sub(e0, e0, p->x);
+ element_sub(e0, e0, q->x);
+ //y3 = (x1-x3)lambda - y1
+ element_sub(e1, p->x, e0);
+ element_mul(e1, e1, e2);
+ element_sub(e1, e1, p->y);
+ element_set(r->x, e0);
+ element_set(r->y, e1);
+ r->inf_flag = 0;
+ }
+ }
+ element_clear(e0);
+ element_clear(e1);
+ element_clear(e2);
+ for(i=0; i<n; i++){
+ element_clear(table[i]);
+ }
+ pbc_free(table);
+}
+
+
+static inline int point_cmp(point_ptr p, point_ptr q) {
+ if (p->inf_flag || q->inf_flag) {
+ return !(p->inf_flag && q->inf_flag);
+ }
+ return element_cmp(p->x, q->x) || element_cmp(p->y, q->y);
+}
+
+static int curve_cmp(element_ptr a, element_ptr b) {
+ if (a == b) {
+ return 0;
+ } else {
+ // If we're working with a quotient group we must account for different
+ // representatives of the same coset.
+ curve_data_ptr cdp = a->field->data;
+ if (cdp->quotient_cmp) {
+ element_t e;
+ element_init_same_as(e, a);
+ element_div(e, a, b);
+ element_pow_mpz(e, e, cdp->quotient_cmp);
+ int result = !element_is1(e);
+ element_clear(e);
+ return result;
+ }
+ return point_cmp(a->data, b->data);
+ }
+}
+
+static void curve_set1(element_ptr x) {
+ point_ptr p = x->data;
+ p->inf_flag = 1;
+}
+
+static int curve_is1(element_ptr x) {
+ point_ptr p = x->data;
+ return p->inf_flag;
+}
+
+static void curve_random_no_cofac_solvefory(element_ptr a) {
+ //TODO: with 0.5 probability negate y-coord
+ curve_data_ptr cdp = a->field->data;
+ point_ptr p = a->data;
+ element_t t;
+
+ element_init(t, cdp->field);
+ p->inf_flag = 0;
+ do {
+ element_random(p->x);
+ element_square(t, p->x);
+ element_add(t, t, cdp->a);
+ element_mul(t, t, p->x);
+ element_add(t, t, cdp->b);
+ } while (!element_is_sqr(t));
+ element_sqrt(p->y, t);
+ element_clear(t);
+}
+
+static void curve_random_solvefory(element_ptr a) {
+ curve_data_ptr cdp = a->field->data;
+ curve_random_no_cofac_solvefory(a);
+ if (cdp->cofac) element_mul_mpz(a, a, cdp->cofac);
+}
+
+static void curve_random_pointmul(element_ptr a) {
+ curve_data_ptr cdp = a->field->data;
+ mpz_t x;
+ mpz_init(x);
+
+ pbc_mpz_random(x, a->field->order);
+ element_mul_mpz(a, cdp->gen, x);
+ mpz_clear(x);
+}
+
+void field_curve_use_random_solvefory(field_ptr f) {
+ f->random = curve_random_solvefory;
+}
+
+void curve_set_gen_no_cofac(element_ptr a) {
+ curve_data_ptr cdp = a->field->data;
+ element_set(a, cdp->gen_no_cofac);
+}
+
+static int curve_sign(element_ptr e) {
+ point_ptr p = e->data;
+ if (p->inf_flag) return 0;
+ return element_sign(p->y);
+}
+
+static void curve_from_hash(element_t a, void *data, int len) {
+ element_t t, t1;
+ point_ptr p = a->data;
+ curve_data_ptr cdp = a->field->data;
+
+ element_init(t, cdp->field);
+ element_init(t1, cdp->field);
+ p->inf_flag = 0;
+ element_from_hash(p->x, data, len);
+ for(;;) {
+ element_square(t, p->x);
+ element_add(t, t, cdp->a);
+ element_mul(t, t, p->x);
+ element_add(t, t, cdp->b);
+ if (element_is_sqr(t)) break;
+ // Compute x <- x^2 + 1 and try again.
+ element_square(p->x, p->x);
+ element_set1(t);
+ element_add(p->x, p->x, t);
+ }
+ element_sqrt(p->y, t);
+ if (element_sgn(p->y) < 0) element_neg(p->y, p->y);
+
+ if (cdp->cofac) element_mul_mpz(a, a, cdp->cofac);
+
+ element_clear(t);
+ element_clear(t1);
+}
+
+static size_t curve_out_str(FILE *stream, int base, element_ptr a) {
+ point_ptr p = a->data;
+ size_t result, status;
+ if (p->inf_flag) {
+ if (EOF == fputc('O', stream)) return 0;
+ return 1;
+ }
+ if (EOF == fputc('[', stream)) return 0;
+ result = element_out_str(stream, base, p->x);
+ if (!result) return 0;
+ if (EOF == fputs(", ", stream)) return 0;
+ status = element_out_str(stream, base, p->y);
+ if (!status) return 0;
+ if (EOF == fputc(']', stream)) return 0;
+ return result + status + 4;
+}
+
+static int curve_snprint(char *s, size_t n, element_ptr a) {
+ point_ptr p = a->data;
+ size_t result = 0, left;
+ int status;
+
+ #define clip_sub() { \
+ result += status; \
+ left = result >= n ? 0 : n - result; \
+ }
+
+ if (p->inf_flag) {
+ status = snprintf(s, n, "O");
+ if (status < 0) return status;
+ return 1;
+ }
+
+ status = snprintf(s, n, "[");
+ if (status < 0) return status;
+ clip_sub();
+ status = element_snprint(s + result, left, p->x);
+ if (status < 0) return status;
+ clip_sub();
+ status = snprintf(s + result, left, ", ");
+ if (status < 0) return status;
+ clip_sub();
+ status = element_snprint(s + result, left, p->y);
+ if (status < 0) return status;
+ clip_sub();
+ status = snprintf(s + result, left, "]");
+ if (status < 0) return status;
+ return result + status;
+ #undef clip_sub
+}
+
+static void curve_set_multiz(element_ptr a, multiz m) {
+ if (multiz_is_z(m)) {
+ if (multiz_is0(m)) {
+ element_set0(a);
+ return;
+ }
+ pbc_warn("bad multiz");
+ return;
+ } else {
+ if (multiz_count(m) < 2) {
+ pbc_warn("multiz has too few coefficients");
+ return;
+ }
+ point_ptr p = a->data;
+ p->inf_flag = 0;
+ element_set_multiz(p->x, multiz_at(m, 0));
+ element_set_multiz(p->y, multiz_at(m, 1));
+ }
+}
+
+static int curve_set_str(element_ptr e, const char *s, int base) {
+ point_ptr p = e->data;
+ const char *cp = s;
+ element_set0(e);
+ while (*cp && isspace(*cp)) cp++;
+ if (*cp == 'O') {
+ return cp - s + 1;
+ }
+ p->inf_flag = 0;
+ if (*cp != '[') return 0;
+ cp++;
+ cp += element_set_str(p->x, cp, base);
+ while (*cp && isspace(*cp)) cp++;
+ if (*cp != ',') return 0;
+ cp++;
+ cp += element_set_str(p->y, cp, base);
+ if (*cp != ']') return 0;
+
+ if (!curve_is_valid_point(e)) {
+ element_set0(e);
+ return 0;
+ }
+ return cp - s + 1;
+}
+
+static void field_clear_curve(field_t f) {
+ curve_data_ptr cdp;
+ cdp = f->data;
+ element_clear(cdp->gen);
+ element_clear(cdp->gen_no_cofac);
+ if (cdp->cofac) {
+ mpz_clear(cdp->cofac);
+ pbc_free(cdp->cofac);
+ }
+ if (cdp->quotient_cmp) {
+ mpz_clear(cdp->quotient_cmp);
+ pbc_free(cdp->quotient_cmp);
+ }
+ element_clear(cdp->a);
+ element_clear(cdp->b);
+ pbc_free(cdp);
+}
+
+static int curve_length_in_bytes(element_ptr x) {
+ point_ptr p = x->data;
+ return element_length_in_bytes(p->x) + element_length_in_bytes(p->y);
+}
+
+static int curve_to_bytes(unsigned char *data, element_t e) {
+ point_ptr P = e->data;
+ int len;
+ len = element_to_bytes(data, P->x);
+ len += element_to_bytes(data + len, P->y);
+ return len;
+}
+
+static int curve_from_bytes(element_t e, unsigned char *data) {
+ point_ptr P = e->data;
+ int len;
+
+ P->inf_flag = 0;
+ len = element_from_bytes(P->x, data);
+ len += element_from_bytes(P->y, data + len);
+ //if point does not lie on curve, set it to O
+ if (!curve_is_valid_point(e)) {
+ element_set0(e);
+ }
+ return len;
+}
+
+static void curve_out_info(FILE *out, field_t f) {
+ int len;
+ fprintf(out, "elliptic curve");
+ if ((len = f->fixed_length_in_bytes)) {
+ fprintf(out, ", bits per coord = %d", len * 8 / 2);
+ } else {
+ fprintf(out, "variable-length");
+ }
+}
+
+static int odd_curve_is_sqr(element_ptr e) {
+ UNUSED_VAR(e);
+ return 1;
+}
+
+//TODO: untested
+static int even_curve_is_sqr(element_ptr e) {
+ mpz_t z;
+ element_t e1;
+ int result;
+
+ mpz_init(z);
+ element_init(e1, e->field);
+ mpz_sub_ui(z, e->field->order, 1);
+ mpz_fdiv_q_2exp(z, z, 1);
+ element_pow_mpz(e1, e, z);
+ result = element_is1(e1);
+
+ mpz_clear(z);
+ element_clear(e1);
+ return result;
+}
+
+static int curve_item_count(element_ptr e) {
+ if (element_is0(e)) {
+ return 0;
+ }
+ return 2;
+}
+
+static element_ptr curve_item(element_ptr e, int i) {
+ if (element_is0(e)) return NULL;
+ point_ptr P = e->data;
+ switch(i) {
+ case 0:
+ return P->x;
+ case 1:
+ return P->y;
+ default:
+ return NULL;
+ }
+}
+
+static element_ptr curve_get_x(element_ptr e) {
+ point_ptr P = e->data;
+ return P->x;
+}
+
+static element_ptr curve_get_y(element_ptr e) {
+ point_ptr P = e->data;
+ return P->y;
+}
+
+void field_init_curve_ab(field_ptr f, element_ptr a, element_ptr b, mpz_t order, mpz_t cofac) {
+ /*
+ if (element_is0(a)) {
+ c->double_nocheck = cc_double_no_check_ais0;
+ } else {
+ c->double_nocheck = cc_double_no_check;
+ }
+ */
+ curve_data_ptr cdp;
+ field_init(f);
+ mpz_set(f->order, order);
+ cdp = f->data = pbc_malloc(sizeof(*cdp));
+ cdp->field = a->field;
+ element_init(cdp->a, cdp->field);
+ element_init(cdp->b, cdp->field);
+ element_set(cdp->a, a);
+ element_set(cdp->b, b);
+
+ f->init = curve_init;
+ f->clear = curve_clear;
+ f->neg = f->invert = curve_invert;
+ f->square = f->doub = curve_double;
+ f->multi_doub = multi_double;
+ f->add = f->mul = curve_mul;
+ f->multi_add = multi_add;
+ f->mul_mpz = element_pow_mpz;
+ f->cmp = curve_cmp;
+ f->set0 = f->set1 = curve_set1;
+ f->is0 = f->is1 = curve_is1;
+ f->sign = curve_sign;
+ f->set = curve_set;
+ f->random = curve_random_pointmul;
+ //f->random = curve_random_solvefory;
+ f->from_hash = curve_from_hash;
+ f->out_str = curve_out_str;
+ f->snprint = curve_snprint;
+ f->set_multiz = curve_set_multiz;
+ f->set_str = curve_set_str;
+ f->field_clear = field_clear_curve;
+ if (cdp->field->fixed_length_in_bytes < 0) {
+ f->length_in_bytes = curve_length_in_bytes;
+ } else {
+ f->fixed_length_in_bytes = 2 * cdp->field->fixed_length_in_bytes;
+ }
+ f->to_bytes = curve_to_bytes;
+ f->from_bytes = curve_from_bytes;
+ f->out_info = curve_out_info;
+ f->item_count = curve_item_count;
+ f->item = curve_item;
+ f->get_x = curve_get_x;
+ f->get_y = curve_get_y;
+
+ if (mpz_odd_p(order)) {
+ f->is_sqr = odd_curve_is_sqr;
+ } else {
+ f->is_sqr = even_curve_is_sqr;
+ }
+
+ element_init(cdp->gen_no_cofac, f);
+ element_init(cdp->gen, f);
+ curve_random_no_cofac_solvefory(cdp->gen_no_cofac);
+ if (cofac) {
+ cdp->cofac = pbc_malloc(sizeof(mpz_t));
+ mpz_init(cdp->cofac);
+ mpz_set(cdp->cofac, cofac);
+ element_mul_mpz(cdp->gen, cdp->gen_no_cofac, cofac);
+ } else{
+ cdp->cofac = NULL;
+ element_set(cdp->gen, cdp->gen_no_cofac);
+ }
+ cdp->quotient_cmp = NULL;
+}
+
+// Requires e to be a point on an elliptic curve.
+int element_to_bytes_compressed(unsigned char *data, element_ptr e) {
+ point_ptr P = e->data;
+ int len;
+ len = element_to_bytes(data, P->x);
+ if (element_sign(P->y) > 0) {
+ data[len] = 1;
+ } else {
+ data[len] = 0;
+ }
+ len++;
+ return len;
+}
+
+// Computes a point on the elliptic curve Y^2 = X^3 + a X + b given its
+// x-coordinate.
+// Requires a solution to exist.
+static void point_from_x(point_ptr p, element_t x, element_t a, element_t b) {
+ element_t t;
+
+ element_init(t, x->field);
+ p->inf_flag = 0;
+ element_square(t, x);
+ element_add(t, t, a);
+ element_mul(t, t, x);
+ element_add(t, t, b);
+ element_sqrt(p->y, t);
+ element_set(p->x, x);
+
+ element_clear(t);
+}
+
+void curve_from_x(element_ptr e, element_t x) {
+ curve_data_ptr cdp = e->field->data;
+ point_from_x(e->data, x, cdp->a, cdp->b);
+}
+
+// Requires e to be a point on an elliptic curve.
+int element_from_bytes_compressed(element_ptr e, unsigned char *data) {
+ curve_data_ptr cdp = e->field->data;
+ point_ptr P = e->data;
+ int len;
+ len = element_from_bytes(P->x, data);
+ point_from_x(P, P->x, cdp->a, cdp->b);
+
+ if (data[len]) {
+ if (element_sign(P->y) < 0) element_neg(P->y, P->y);
+ } else if (element_sign(P->y) > 0) {
+ element_neg(P->y, P->y);
+ }
+ len++;
+ return len;
+}
+
+int element_length_in_bytes_compressed(element_ptr e) {
+ point_ptr P = e->data;
+ return element_length_in_bytes(P->x) + 1;
+}
+
+// Requires e to be a point on an elliptic curve.
+int element_to_bytes_x_only(unsigned char *data, element_ptr e) {
+ point_ptr P = e->data;
+ int len;
+ len = element_to_bytes(data, P->x);
+ return len;
+}
+
+// Requires e to be a point on an elliptic curve.
+int element_from_bytes_x_only(element_ptr e, unsigned char *data) {
+ curve_data_ptr cdp = e->field->data;
+ point_ptr P = e->data;
+ int len;
+ len = element_from_bytes(P->x, data);
+ point_from_x(P, P->x, cdp->a, cdp->b);
+ return len;
+}
+
+int element_length_in_bytes_x_only(element_ptr e) {
+ point_ptr P = e->data;
+ return element_length_in_bytes(P->x);
+}
+
+inline element_ptr curve_x_coord(element_t e) {
+ return ((point_ptr) e->data)->x;
+}
+
+inline element_ptr curve_y_coord(element_t e) {
+ return ((point_ptr) e->data)->y;
+}
+
+inline element_ptr curve_a_coeff(element_t e) {
+ return ((curve_data_ptr) e->field->data)->a;
+}
+
+inline element_ptr curve_b_coeff(element_t e) {
+ return ((curve_data_ptr) e->field->data)->b;
+}
+
+inline element_ptr curve_field_a_coeff(field_t f) {
+ return ((curve_data_ptr) f->data)->a;
+}
+
+inline element_ptr curve_field_b_coeff(field_t f) {
+ return ((curve_data_ptr) f->data)->b;
+}
+
+void field_init_curve_ab_map(field_t cnew, field_t c,
+ fieldmap map, field_ptr mapdest,
+ mpz_t ordernew, mpz_t cofacnew) {
+ element_t a, b;
+ curve_data_ptr cdp = c->data;
+
+ element_init(a, mapdest);
+ element_init(b, mapdest);
+
+ map(a, cdp->a);
+ map(b, cdp->b);
+
+ field_init_curve_ab(cnew, a, b, ordernew, cofacnew);
+ element_clear(a);
+ element_clear(b);
+}
+
+// Existing points are invalidated as this mangles c.
+void field_reinit_curve_twist(field_ptr c) {
+ curve_data_ptr cdp = c->data;
+ element_ptr nqr = field_get_nqr(cdp->field);
+ element_mul(cdp->a, cdp->a, nqr);
+ element_mul(cdp->a, cdp->a, nqr);
+ element_mul(cdp->b, cdp->b, nqr);
+ element_mul(cdp->b, cdp->b, nqr);
+ element_mul(cdp->b, cdp->b, nqr);
+
+ // Recompute generators.
+ curve_random_no_cofac_solvefory(cdp->gen_no_cofac);
+ if (cdp->cofac) {
+ element_mul_mpz(cdp->gen, cdp->gen_no_cofac, cdp->cofac);
+ } else{
+ element_set(cdp->gen, cdp->gen_no_cofac);
+ }
+}
+
+// I could generalize this for all fields, but is there any point?
+void field_curve_set_quotient_cmp(field_ptr c, mpz_t quotient_cmp) {
+ curve_data_ptr cdp = c->data;
+ cdp->quotient_cmp = pbc_malloc(sizeof(mpz_t));
+ mpz_init(cdp->quotient_cmp);
+ mpz_set(cdp->quotient_cmp, quotient_cmp);
+}
+
+// Requires j != 0, 1728.
+void field_init_curve_j(field_ptr f, element_ptr j, mpz_t order, mpz_t cofac) {
+ element_t a, b;
+ element_init(a, j->field);
+ element_init(b, j->field);
+
+ element_set_si(a, 1728);
+ element_sub(a, a, j);
+ element_invert(a, a);
+ element_mul(a, a, j);
+
+ //b = 2 j / (1728 - j)
+ element_add(b, a, a);
+ //a = 3 j / (1728 - j)
+ element_add(a, a, b);
+ field_init_curve_ab(f, a, b, order, cofac);
+
+ element_clear(a);
+ element_clear(b);
+}
+
+void field_init_curve_b(field_ptr f, element_ptr b, mpz_t order, mpz_t cofac) {
+ element_t a;
+ element_init(a, b->field);
+ field_init_curve_ab(f, a, b, order, cofac);
+
+ element_clear(a);
+}
+
+// Compute trace of Frobenius at q^n given trace at q.
+// See p.105 of Blake, Seroussi and Smart.
+void pbc_mpz_trace_n(mpz_t res, mpz_t q, mpz_t trace, int n) {
+ int i;
+ mpz_t c0, c1, c2;
+ mpz_t t0;
+
+ mpz_init(c0);
+ mpz_init(c1);
+ mpz_init(c2);
+ mpz_init(t0);
+ mpz_set_ui(c2, 2);
+ mpz_set(c1, trace);
+ for (i=2; i<=n; i++) {
+ mpz_mul(c0, trace, c1);
+ mpz_mul(t0, q, c2);
+ mpz_sub(c0, c0, t0);
+ mpz_set(c2, c1);
+ mpz_set(c1, c0);
+ }
+ mpz_set(res, c1);
+ mpz_clear(t0);
+ mpz_clear(c2);
+ mpz_clear(c1);
+ mpz_clear(c0);
+}
+
+// Given q, t such that #E(F_q) = q - t + 1, compute #E(F_q^k).
+void pbc_mpz_curve_order_extn(mpz_t res, mpz_t q, mpz_t t, int k) {
+ mpz_t z;
+ mpz_t tk;
+ mpz_init(z);
+ mpz_init(tk);
+ mpz_pow_ui(z, q, k);
+ mpz_add_ui(z, z, 1);
+ pbc_mpz_trace_n(tk, q, t, k);
+ mpz_sub(z, z, tk);
+ mpz_set(res, z);
+ mpz_clear(z);
+ mpz_clear(tk);
+}
+
+void curve_set_si(element_t R, long int x, long int y) {
+ point_ptr p = R->data;
+ element_set_si(p->x, x);
+ element_set_si(p->y, y);
+ p->inf_flag = 0;
+}
diff --git a/moon-abe/pbc-0.5.14/ecc/d_param.c b/moon-abe/pbc-0.5.14/ecc/d_param.c
new file mode 100644
index 00000000..8b7d6ac5
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/ecc/d_param.c
@@ -0,0 +1,1258 @@
+// Type D pairings, aka MNT curves.
+
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h>
+#include <string.h>
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_poly.h"
+#include "pbc_hilbert.h"
+#include "pbc_fp.h"
+#include "pbc_fieldquadratic.h"
+#include "pbc_mnt.h"
+#include "pbc_curve.h"
+#include "pbc_param.h"
+#include "pbc_pairing.h"
+#include "pbc_memory.h"
+#include "pbc_d_param.h"
+#include "ecc/param.h"
+
+struct d_param_s {
+ mpz_t q; // curve defined over F_q
+ mpz_t n; // has order n (= q - t + 1) in F_q
+ mpz_t h; // h * r = n, r is prime
+ mpz_t r;
+ mpz_t a, b; // curve equation is y^2 = x^3 + ax + b
+ int k; // embedding degree
+ mpz_t nk; // order of curve over F_q^k
+ mpz_t hk; // hk * r^2 = nk
+ mpz_t *coeff; // coefficients of polynomial used to extend F_q by k/2
+ mpz_t nqr; // a quadratic nonresidue in F_q^d that lies in F_q
+};
+
+typedef struct d_param_s d_param_t[1];
+typedef struct d_param_s *d_param_ptr;
+
+// Per-pairing data.
+typedef struct {
+ field_t Fq, Fqx, Fqd, Fqk; // The fields F_q, F_q[x], F_q^d, F_q^k.
+ field_t Eq, Etwist; // The curves E(F_q) and E'(F_q^d).
+ // Let v be the quadratic nonresidue used to construct F_q^k from F_q^d,
+ // namely Fqk = Fqd[sqrt(v)].
+ element_t nqrinv, nqrinv2; // The constants v^-1 and v^-2.
+ mpz_t tateexp; // The Tate exponent,
+ // to standardize coset representatives.
+ int k; // The embedding degree, usually 6.
+ // Let x be the element used to build Fqd from Fq, i.e. Fqd = Fq[x].
+ element_t xpowq, xpowq2; // x^q and x^{2q} in F_q^d.
+} *pptr;
+
+static void d_clear(void *data) {
+ d_param_ptr param = data;
+ int d = param->k / 2;
+ int i;
+ mpz_clear(param->q);
+ mpz_clear(param->n);
+ mpz_clear(param->h);
+ mpz_clear(param->r);
+ mpz_clear(param->a);
+ mpz_clear(param->b);
+ mpz_clear(param->nk);
+ mpz_clear(param->hk);
+ mpz_clear(param->nqr);
+ for (i=0; i<d; i++) {
+ mpz_clear(param->coeff[i]);
+ }
+ pbc_free(param->coeff);
+ pbc_free(data);
+}
+
+static void d_out_str(FILE *stream, void *data) {
+ d_param_ptr p = data;
+ int d = p->k / 2;
+ int i;
+ char s[8];
+ param_out_type(stream, "d");
+ param_out_mpz(stream, "q", p->q);
+ param_out_mpz(stream, "n", p->n);
+ param_out_mpz(stream, "h", p->h);
+ param_out_mpz(stream, "r", p->r);
+ param_out_mpz(stream, "a", p->a);
+ param_out_mpz(stream, "b", p->b);
+ param_out_int(stream, "k", p->k);
+ param_out_mpz(stream, "nk", p->nk);
+ param_out_mpz(stream, "hk", p->hk);
+ for (i=0; i<d; i++) {
+ sprintf(s, "coeff%d", i);
+ param_out_mpz(stream, s, p->coeff[i]);
+ }
+ param_out_mpz(stream, "nqr", p->nqr);
+}
+
+// Define l = aX + bY + c where a, b, c are in Fq.
+// Compute e0 = l(Q) specialized for the case when Q has the form
+// (Qx, Qy * sqrt(v)) where Qx, Qy are in Fqd and v is the quadratic nonresidue
+// used to construct the quadratic field extension Fqk of Fqd.
+static inline void d_miller_evalfn(element_t e0,
+ element_t a, element_t b, element_t c, element_t Qx, element_t Qy) {
+ element_ptr re_out = element_x(e0);
+ element_ptr im_out = element_y(e0);
+
+ int i;
+ int d = polymod_field_degree(re_out->field);
+ for (i = 0; i < d; i++) {
+ element_mul(element_item(re_out, i), element_item(Qx, i), a);
+ element_mul(element_item(im_out, i), element_item(Qy, i), b);
+ }
+ element_add(element_item(re_out, 0), element_item(re_out, 0), c);
+}
+
+// Miller's algorithm, assuming we can ignore the denominator. We can do this
+// with careful group selection when the embedding degree is even. See thesis.
+// This version uses projective coordinates, which don't seem much faster.
+static void cc_miller_no_denom_proj(element_t res, mpz_t q, element_t P,
+ element_ptr Qx, element_ptr Qy) {
+ int m;
+ element_t v;
+ element_t Z;
+ element_t a, b, c;
+ element_t t0, t1;
+ element_ptr t2 = a, t3 = b, t4 = c;
+ element_t e0;
+ element_t z, z2;
+ element_ptr Zx, Zy;
+ const element_ptr curve_a = curve_a_coeff(P);
+ const element_ptr Px = curve_x_coord(P);
+ const element_ptr Py = curve_y_coord(P);
+
+ #define proj_double() { \
+ /* t0 = 3x^2 + (curve_a) z^4 */ \
+ element_square(t0, Zx); \
+ /* element_mul_si(t0, t0, 3); */ \
+ element_double(t1, t0); \
+ element_add(t0, t0, t1); \
+ element_square(t1, z2); \
+ element_mul(t1, t1, curve_a); \
+ element_add(t0, t0, t1); \
+ \
+ /* z_out = 2 y z */ \
+ element_mul(z, Zy, z); \
+ /* element_mul_si(z, z, 2); */ \
+ element_double(z, z); \
+ element_square(z2, z); \
+ \
+ /* t1 = 4 x y^2 */ \
+ element_square(t2, Zy); \
+ element_mul(t1, Zx, t2); \
+ /* element_mul_si(t1, t1, 4); */ \
+ element_double(t1, t1); \
+ element_double(t1, t1); \
+ \
+ /* x_out = t0^2 - 2 t1 */ \
+ /* element_mul_si(t3, t1, 2); */ \
+ element_double(t3, t1); \
+ element_square(Zx, t0); \
+ element_sub(Zx, Zx, t3); \
+ \
+ /* t2 = 8y^4 */ \
+ element_square(t2, t2); \
+ /* element_mul_si(t2, t2, 8); */ \
+ element_double(t2, t2); \
+ element_double(t2, t2); \
+ element_double(t2, t2); \
+ \
+ /* y_out = t0(t1 - x_out) - t2 */ \
+ element_sub(t1, t1, Zx); \
+ element_mul(t0, t0, t1); \
+ element_sub(Zy, t0, t2); \
+ }
+
+ #define proj_mixin() { \
+ /* t2 = Px z^2 */ \
+ element_mul(t2, z2, Px); \
+ \
+ /* t3 = Zx - t2 */ \
+ element_sub(t3, Zx, t2); \
+ \
+ /* t0 = Py z^3 */ \
+ element_mul(t0, z2, Py); \
+ element_mul(t0, t0, z); \
+ \
+ /* t1 = Zy - t0 */ \
+ element_sub(t1, Zy, t0); \
+ \
+ /* e7 = Zx + t2, use t2 to double for e7 */ \
+ element_add(t2, Zx, t2); \
+ \
+ /* e8 = Zy + t0, use t0 to double for e8 */ \
+ element_add(t0, Zy, t0); \
+ \
+ /* z = z t3 */ \
+ element_mul(z, z, t3); \
+ element_square(z2, z); \
+ \
+ /* Zx = t1^2 - e7 t3^2 */ \
+ /* t3 now holds t3^3, */ \
+ /* t4 holds e7 t3^2. */ \
+ element_square(t4, t3); \
+ element_mul(t3, t4, t3); \
+ element_square(Zx, t1); \
+ element_mul(t4, t2, t4); \
+ element_sub(Zx, Zx, t4); \
+ \
+ /* t4 = e7 t3^2 - 2 Zx */ \
+ element_sub(t4, t4, Zx); \
+ element_sub(t4, t4, Zx); \
+ \
+ /* Zy = (t4 t1 - e8 t3^3)/2 */ \
+ element_mul(t4, t4, t1); \
+ element_mul(t0, t0, t3); \
+ element_sub(t4, t4, t0); \
+ element_halve(Zy, t4); \
+ }
+
+ #define do_tangent() { \
+ /* a = -(3x^2 + cca z^4) */ \
+ /* b = 2 y z^3 */ \
+ /* c = -(2 y^2 + x a) */ \
+ /* a = z^2 a */ \
+ element_square(a, z2); \
+ element_mul(a, a, curve_a); \
+ element_square(b, Zx); \
+ /* element_mul_si(b, b, 3); */ \
+ element_double(t0, b); \
+ element_add(b, b, t0); \
+ element_add(a, a, b); \
+ element_neg(a, a); \
+ \
+ element_mul(b, z, z2); \
+ element_mul(b, b, Zy); \
+ element_mul_si(b, b, 2); \
+ \
+ element_mul(c, Zx, a); \
+ element_mul(a, a, z2); \
+ element_square(t0, Zy); \
+ element_mul_si(t0, t0, 2); \
+ element_add(c, c, t0); \
+ element_neg(c, c); \
+ \
+ d_miller_evalfn(e0, a, b, c, Qx, Qy); \
+ element_mul(v, v, e0); \
+ }
+
+ #define do_line() { \
+ /* a = -(Py z^3 - Zy) */ \
+ /* b = Px z^3 - Zx z */ \
+ /* c = Zx z Py - Zy Px; */ \
+ \
+ element_mul(t0, Zx, z); \
+ element_mul(t1, z2, z); \
+ \
+ element_mul(a, Py, t1); \
+ element_sub(a, Zy, a); \
+ \
+ element_mul(b, Px, t1); \
+ element_sub(b, b, t0); \
+ \
+ element_mul(t0, t0, Py); \
+ element_mul(c, Zy, Px); \
+ element_sub(c, t0, c); \
+ \
+ d_miller_evalfn(e0, a, b, c, Qx, Qy); \
+ element_mul(v, v, e0); \
+ }
+
+ element_init(a, Px->field);
+ element_init(b, a->field);
+ element_init(c, a->field);
+ element_init(t0, a->field);
+ element_init(t1, a->field);
+ element_init(e0, res->field);
+ element_init(z, a->field);
+ element_init(z2, a->field);
+ element_set1(z);
+ element_set1(z2);
+
+ element_init(v, res->field);
+ element_init(Z, P->field);
+
+ element_set(Z, P);
+ Zx = curve_x_coord(Z);
+ Zy = curve_x_coord(Z);
+
+ element_set1(v);
+ m = mpz_sizeinbase(q, 2) - 2;
+
+ for(;;) {
+ do_tangent();
+ if (!m) break;
+ proj_double();
+ if (mpz_tstbit(q, m)) {
+ do_line();
+ proj_mixin();
+ }
+ m--;
+ element_square(v, v);
+ }
+
+ element_set(res, v);
+
+ element_clear(v);
+ element_clear(Z);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(t0);
+ element_clear(t1);
+ element_clear(e0);
+ element_clear(z);
+ element_clear(z2);
+ #undef proj_double
+ #undef proj_mixin
+ #undef do_tangent
+ #undef do_line
+}
+
+// Same as above, but with affine coordinates.
+static void cc_miller_no_denom_affine(element_t res, mpz_t q, element_t P,
+ element_ptr Qx, element_ptr Qy) {
+ int m;
+ element_t v;
+ element_t Z;
+ element_t a, b, c;
+ element_t t0;
+ element_t e0;
+ const element_ptr cca = curve_a_coeff(P);
+ const element_ptr Px = curve_x_coord(P);
+ const element_ptr Py = curve_y_coord(P);
+ element_ptr Zx, Zy;
+
+ /* TODO: when exactly is this not needed?
+ void do_vertical() {
+ mapbase(e0, Z->x);
+ element_sub(e0, Qx, e0);
+ element_mul(v, v, e0);
+ }
+ */
+
+ #define do_tangent() { \
+ /* a = -(3 Zx^2 + cc->a) */ \
+ /* b = 2 * Zy */ \
+ /* c = -(2 Zy^2 + a Zx); */ \
+ \
+ element_square(a, Zx); \
+ element_mul_si(a, a, 3); \
+ element_add(a, a, cca); \
+ element_neg(a, a); \
+ \
+ element_add(b, Zy, Zy); \
+ \
+ element_mul(t0, b, Zy); \
+ element_mul(c, a, Zx); \
+ element_add(c, c, t0); \
+ element_neg(c, c); \
+ \
+ d_miller_evalfn(e0, a, b, c, Qx, Qy); \
+ element_mul(v, v, e0); \
+ }
+
+ #define do_line() { \
+ /* a = -(B.y - A.y) / (B.x - A.x); */ \
+ /* b = 1; */ \
+ /* c = -(A.y + a * A.x); */ \
+ /* but we multiply by B.x - A.x to avoid division. */ \
+ \
+ element_sub(b, Px, Zx); \
+ element_sub(a, Zy, Py); \
+ element_mul(t0, b, Zy); \
+ element_mul(c, a, Zx); \
+ element_add(c, c, t0); \
+ element_neg(c, c); \
+ \
+ d_miller_evalfn(e0, a, b, c, Qx, Qy); \
+ element_mul(v, v, e0); \
+ }
+
+ element_init(a, Px->field);
+ element_init(b, a->field);
+ element_init(c, a->field);
+ element_init(t0, a->field);
+ element_init(e0, res->field);
+
+ element_init(v, res->field);
+ element_init(Z, P->field);
+
+ element_set(Z, P);
+ Zx = curve_x_coord(Z);
+ Zy = curve_y_coord(Z);
+
+ element_set1(v);
+ m = mpz_sizeinbase(q, 2) - 2;
+
+ for(;;) {
+ do_tangent();
+
+ if (!m) break;
+
+ element_double(Z, Z);
+ if (mpz_tstbit(q, m)) {
+ do_line();
+ element_add(Z, Z, P);
+ }
+ m--;
+ element_square(v, v);
+ }
+
+ element_set(res, v);
+
+ element_clear(v);
+ element_clear(Z);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(t0);
+ element_clear(e0);
+ #undef do_tangent
+ #undef do_line
+}
+
+static void (*cc_miller_no_denom_fn)(element_t res, mpz_t q, element_t P,
+ element_ptr Qx, element_ptr Qy);
+
+static void d_pairing_option_set(pairing_t pairing, char *key, char *value) {
+ UNUSED_VAR(pairing);
+ if (!strcmp(key, "method")) {
+ if (!strcmp(value, "miller")) {
+ cc_miller_no_denom_fn = cc_miller_no_denom_proj;
+ } else if (!strcmp(value, "miller-affine")) {
+ cc_miller_no_denom_fn = cc_miller_no_denom_affine;
+ }
+ }
+}
+
+// Requires cofactor is even. TODO: This seems to contradict a comment below.
+// Requires in != out.
+// Mangles in.
+static void lucas_even(element_ptr out, element_ptr in, mpz_t cofactor) {
+ if (element_is1(in)) {
+ element_set(out, in);
+ return;
+ }
+ element_t temp;
+ element_init_same_as(temp, out);
+ element_ptr in0 = element_x(in);
+ element_ptr in1 = element_y(in);
+ element_ptr v0 = element_x(out);
+ element_ptr v1 = element_y(out);
+ element_ptr t0 = element_x(temp);
+ element_ptr t1 = element_y(temp);
+ int j;
+
+ element_set_si(t0, 2);
+ element_double(t1, in0);
+
+ element_set(v0, t0);
+ element_set(v1, t1);
+
+ j = mpz_sizeinbase(cofactor, 2) - 1;
+ for (;;) {
+ if (!j) {
+ element_mul(v1, v0, v1);
+ element_sub(v1, v1, t1);
+ element_square(v0, v0);
+ element_sub(v0, v0, t0);
+ break;
+ }
+ if (mpz_tstbit(cofactor, j)) {
+ element_mul(v0, v0, v1);
+ element_sub(v0, v0, t1);
+ element_square(v1, v1);
+ element_sub(v1, v1, t0);
+ } else {
+ element_mul(v1, v0, v1);
+ element_sub(v1, v1, t1);
+ element_square(v0, v0);
+ element_sub(v0, v0, t0);
+ }
+ j--;
+ }
+
+ // Assume cofactor = (q^2 - q + 1) / r is odd
+ // thus v1 = V_k, v0 = V_{k-1}
+ // U = (P v1 - 2 v0) / (P^2 - 4)
+
+ element_double(v0, v0);
+ element_mul(in0, t1, v1);
+ element_sub(in0, in0, v0);
+
+ element_square(t1, t1);
+ element_sub(t1, t1, t0);
+ element_sub(t1, t1, t0);
+
+ element_halve(v0, v1);
+ element_div(v1, in0, t1);
+ element_mul(v1, v1, in1);
+
+ element_clear(temp);
+}
+
+// The final powering, where we standardize the coset representative.
+static void cc_tatepower(element_ptr out, element_ptr in, pairing_t pairing) {
+ pptr p = pairing->data;
+ #define qpower(sign) { \
+ polymod_const_mul(e2, inre[1], p->xpowq); \
+ element_set(e0re, e2); \
+ polymod_const_mul(e2, inre[2], p->xpowq2); \
+ element_add(e0re, e0re, e2); \
+ element_add(e0re0, e0re0, inre[0]); \
+ \
+ if (sign > 0) { \
+ polymod_const_mul(e2, inim[1], p->xpowq); \
+ element_set(e0im, e2); \
+ polymod_const_mul(e2, inim[2], p->xpowq2); \
+ element_add(e0im, e0im, e2); \
+ element_add(e0im0, e0im0, inim[0]); \
+ } else { \
+ polymod_const_mul(e2, inim[1], p->xpowq); \
+ element_neg(e0im, e2); \
+ polymod_const_mul(e2, inim[2], p->xpowq2); \
+ element_sub(e0im, e0im, e2); \
+ element_sub(e0im0, e0im0, inim[0]); \
+ } \
+ }
+ if (p->k == 6) {
+ // See thesis, section 6.9, "The Final Powering", which gives a formula
+ // for the first step of the final powering when Fq6 has been implemented
+ // as a quadratic extension on top of a cubic extension.
+ element_t e0, e2, e3;
+ element_init(e0, p->Fqk);
+ element_init(e2, p->Fqd);
+ element_init(e3, p->Fqk);
+ element_ptr e0re = element_x(e0);
+ element_ptr e0im = element_y(e0);
+ element_ptr e0re0 = ((element_t *) e0re->data)[0];
+ element_ptr e0im0 = ((element_t *) e0im->data)[0];
+ element_t *inre = element_x(in)->data;
+ element_t *inim = element_y(in)->data;
+ // Expressions in the formula are similar, hence the following function.
+ qpower(1);
+ element_set(e3, e0);
+ element_set(e0re, element_x(in));
+ element_neg(e0im, element_y(in));
+ element_mul(e3, e3, e0);
+ qpower(-1);
+ element_mul(e0, e0, in);
+ element_invert(e0, e0);
+ element_mul(in, e3, e0);
+
+ element_set(e0, in);
+ // We use Lucas sequences to complete the final powering.
+ lucas_even(out, e0, pairing->phikonr);
+
+ element_clear(e0);
+ element_clear(e2);
+ element_clear(e3);
+ } else {
+ element_pow_mpz(out, in, p->tateexp);
+ }
+ #undef qpower
+}
+
+static void cc_finalpow(element_t e) {
+ cc_tatepower(e->data, e->data, e->field->pairing);
+}
+
+static void cc_pairing(element_ptr out, element_ptr in1, element_ptr in2,
+ pairing_t pairing) {
+ element_ptr Qbase = in2;
+ element_t Qx, Qy;
+ pptr p = pairing->data;
+
+ element_init(Qx, p->Fqd);
+ element_init(Qy, p->Fqd);
+ // Twist: (x, y) --> (v^-1 x, v^-(3/2) y)
+ // where v is the quadratic nonresidue used to construct the twist.
+ element_mul(Qx, curve_x_coord(Qbase), p->nqrinv);
+ // v^-3/2 = v^-2 * v^1/2
+ element_mul(Qy, curve_y_coord(Qbase), p->nqrinv2);
+ cc_miller_no_denom_fn(out, pairing->r, in1, Qx, Qy);
+ cc_tatepower(out, out, pairing);
+ element_clear(Qx);
+ element_clear(Qy);
+}
+
+
+//do many millers at one time with affine coordinates.
+static void cc_millers_no_denom_affine(element_t res, mpz_t q, element_t P[],
+ element_t Qx[], element_t Qy[], int n_prod) {
+ int m, i;
+ element_t v;
+ element_t a, b, c;
+ element_t t0;
+ element_t e0;
+ const element_ptr cca = curve_a_coeff(P[0]);
+ element_ptr Px, Py;
+ element_t* Z = pbc_malloc(sizeof(element_t)*n_prod);
+ element_ptr Zx, Zy;
+
+ /* TODO: when exactly is this not needed?
+ void do_vertical() {
+ mapbase(e0, Z->x);
+ element_sub(e0, Qx, e0);
+ element_mul(v, v, e0);
+ }
+ */
+
+ #define do_tangents() { \
+ /* a = -(3 Zx^2 + cc->a) */ \
+ /* b = 2 * Zy */ \
+ /* c = -(2 Zy^2 + a Zx); */ \
+ for(i=0; i<n_prod; i++){ \
+ Px = curve_x_coord(P[i]); \
+ Py = curve_y_coord(P[i]); \
+ Zx = curve_x_coord(Z[i]); \
+ Zy = curve_y_coord(Z[i]); \
+ \
+ element_square(a, Zx); \
+ element_mul_si(a, a, 3); \
+ element_add(a, a, cca); \
+ element_neg(a, a); \
+ \
+ element_add(b, Zy, Zy); \
+ \
+ element_mul(t0, b, Zy); \
+ element_mul(c, a, Zx); \
+ element_add(c, c, t0); \
+ element_neg(c, c); \
+ \
+ d_miller_evalfn(e0, a, b, c, Qx[i], Qy[i]); \
+ element_mul(v, v, e0); \
+ } \
+ }
+
+ #define do_lines() { \
+ /* a = -(B.y - A.y) / (B.x - A.x); */ \
+ /* b = 1; */ \
+ /* c = -(A.y + a * A.x); */ \
+ /* but we multiply by B.x - A.x to avoid division. */ \
+ for(i=0; i<n_prod; i++){ \
+ Px = curve_x_coord(P[i]); \
+ Py = curve_y_coord(P[i]); \
+ Zx = curve_x_coord(Z[i]); \
+ Zy = curve_y_coord(Z[i]); \
+ \
+ element_sub(b, Px, Zx); \
+ element_sub(a, Zy, Py); \
+ element_mul(t0, b, Zy); \
+ element_mul(c, a, Zx); \
+ element_add(c, c, t0); \
+ element_neg(c, c); \
+ \
+ d_miller_evalfn(e0, a, b, c, Qx[i], Qy[i]); \
+ element_mul(v, v, e0); \
+ } \
+ }
+
+ Px= curve_x_coord(P[0]); //temporally used to initial a,b, c and etc.
+ element_init(a, Px->field);
+ element_init(b, a->field);
+ element_init(c, a->field);
+ element_init(t0, a->field);
+ element_init(e0, res->field);
+
+ element_init(v, res->field);
+ for(i=0; i<n_prod; i++){
+ element_init(Z[i], P[i]->field);
+ element_set(Z[i], P[i]);
+ }
+
+ element_set1(v);
+ m = mpz_sizeinbase(q, 2) - 2;
+
+ for(;;) {
+ do_tangents();
+
+ if (!m) break;
+ element_multi_double(Z, Z, n_prod); //Z_i=Z_i+Z_i for all i.
+
+ if (mpz_tstbit(q, m)) {
+ do_lines();
+ element_multi_add(Z, Z, P, n_prod); //Z_i=Z_i+P_i for all i.
+ }
+ m--;
+ element_square(v, v);
+ }
+
+ element_set(res, v);
+
+ element_clear(v);
+ for(i=0; i<n_prod; i++){
+ element_clear(Z[i]);
+ }
+ pbc_free(Z);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(t0);
+ element_clear(e0);
+ #undef do_tangents
+ #undef do_lines
+}
+
+
+void cc_pairings_affine(element_ptr out, element_t in1[], element_t in2[],
+ int n_prod, pairing_t pairing) {
+ element_ptr Qbase;
+ element_t* Qx = pbc_malloc(sizeof(element_t)*n_prod);
+ element_t* Qy = pbc_malloc(sizeof(element_t)*n_prod);
+ pptr p = pairing->data;
+ int i;
+ for(i=0; i<n_prod; i++){
+ element_init(Qx[i], p->Fqd);
+ element_init(Qy[i], p->Fqd);
+ Qbase = in2[i];
+ // Twist: (x, y) --> (v^-1 x, v^-(3/2) y)
+ // where v is the quadratic nonresidue used to construct the twist.
+ element_mul(Qx[i], curve_x_coord(Qbase), p->nqrinv);
+ // v^-3/2 = v^-2 * v^1/2
+ element_mul(Qy[i], curve_y_coord(Qbase), p->nqrinv2);
+ }
+ cc_millers_no_denom_affine(out, pairing->r, in1, Qx, Qy, n_prod);
+ cc_tatepower(out, out, pairing);
+
+ for(i=0; i<n_prod; i++){
+ element_clear(Qx[i]);
+ element_clear(Qy[i]);
+ }
+ pbc_free(Qx);
+ pbc_free(Qy);
+}
+
+
+static int cc_is_almost_coddh(element_ptr a, element_ptr b,
+ element_ptr c, element_ptr d,
+ pairing_t pairing) {
+ int res = 0;
+ element_t t0, t1, t2;
+ element_t cx, cy;
+ element_t dx, dy;
+ pptr p = pairing->data;
+
+ element_init(cx, p->Fqd);
+ element_init(cy, p->Fqd);
+ element_init(dx, p->Fqd);
+ element_init(dy, p->Fqd);
+
+ element_init(t0, p->Fqk);
+ element_init(t1, p->Fqk);
+ element_init(t2, p->Fqk);
+ // Twist: (x, y) --> (v^-1 x, v^-(3/2) y)
+ // where v is the quadratic nonresidue used to construct the twist.
+ element_mul(cx, curve_x_coord(c), p->nqrinv);
+ element_mul(dx, curve_x_coord(d), p->nqrinv);
+ // v^-3/2 = v^-2 * v^1/2
+ element_mul(cy, curve_y_coord(c), p->nqrinv2);
+ element_mul(dy, curve_y_coord(d), p->nqrinv2);
+
+ cc_miller_no_denom_fn(t0, pairing->r, a, dx, dy);
+ cc_miller_no_denom_fn(t1, pairing->r, b, cx, cy);
+ cc_tatepower(t0, t0, pairing);
+ cc_tatepower(t1, t1, pairing);
+ element_mul(t2, t0, t1);
+ if (element_is1(t2)) res = 1; // We were given g, g^x, h, h^-x.
+ else {
+ // Cheaply check the other case.
+ element_invert(t1, t1);
+ element_mul(t2, t0, t1);
+ if (element_is1(t2)) res = 1; // We were given g, g^x, h, h^x.
+ }
+ element_clear(cx);
+ element_clear(cy);
+ element_clear(dx);
+ element_clear(dy);
+ element_clear(t0);
+ element_clear(t1);
+ element_clear(t2);
+ return res;
+}
+
+struct pp_coeff_s {
+ element_t a;
+ element_t b;
+ element_t c;
+};
+typedef struct pp_coeff_s pp_coeff_t[1];
+typedef struct pp_coeff_s *pp_coeff_ptr;
+
+static void d_pairing_pp_init(pairing_pp_t p, element_ptr in1, pairing_t pairing) {
+ element_ptr P = in1;
+ const element_ptr Px = curve_x_coord(P);
+ const element_ptr Py = curve_y_coord(P);
+ element_t Z;
+ int m;
+ pptr info = pairing->data;
+ element_t t0;
+ element_t a, b, c;
+ field_ptr Fq = info->Fq;
+ pp_coeff_t *coeff;
+ mpz_ptr q = pairing->r;
+ pp_coeff_ptr pp;
+ const element_ptr cca = curve_a_coeff(P);
+ element_ptr Zx;
+ element_ptr Zy;
+
+ #define store_abc() { \
+ element_init(pp->a, Fq); \
+ element_init(pp->b, Fq); \
+ element_init(pp->c, Fq); \
+ element_set(pp->a, a); \
+ element_set(pp->b, b); \
+ element_set(pp->c, c); \
+ pp++; \
+ }
+
+ #define do_tangent() { \
+ /* a = -slope_tangent(Z.x, Z.y); */ \
+ /* b = 1; */ \
+ /* c = -(Z.y + a * Z.x); */ \
+ /* but we multiply by 2*Z.y to avoid division. */ \
+ \
+ /* a = -Zx * (3 Zx + twicea_2) - a_4; */ \
+ /* Common curves: a2 = 0 (and cc->a is a_4), so */ \
+ /* a = -(3 Zx^2 + cc->a) */ \
+ /* b = 2 * Zy */ \
+ /* c = -(2 Zy^2 + a Zx); */ \
+ \
+ element_square(a, Zx); \
+ element_double(t0, a); \
+ element_add(a, a, t0); \
+ element_add(a, a, cca); \
+ element_neg(a, a); \
+ \
+ element_add(b, Zy, Zy); \
+ \
+ element_mul(t0, b, Zy); \
+ element_mul(c, a, Zx); \
+ element_add(c, c, t0); \
+ element_neg(c, c); \
+ \
+ store_abc(); \
+ }
+
+ #define do_line() { \
+ /* a = -(B.y - A.y) / (B.x - A.x); */ \
+ /* b = 1; */ \
+ /* c = -(A.y + a * A.x); */ \
+ /* but we'll multiply by B.x - A.x to avoid division */ \
+ \
+ element_sub(b, Px, Zx); \
+ element_sub(a, Zy, Py); \
+ element_mul(t0, b, Zy); \
+ element_mul(c, a, Zx); \
+ element_add(c, c, t0); \
+ element_neg(c, c); \
+ \
+ store_abc(); \
+ }
+
+ element_init(Z, P->field);
+ element_set(Z, P);
+ Zx = curve_x_coord(Z);
+ Zy = curve_y_coord(Z);
+
+ element_init(t0, Fq);
+ element_init(a, Fq);
+ element_init(b, Fq);
+ element_init(c, Fq);
+
+ m = mpz_sizeinbase(q, 2) - 2;
+ p->data = pbc_malloc(sizeof(pp_coeff_t) * 2 * m);
+ coeff = (pp_coeff_t *) p->data;
+ pp = coeff[0];
+
+ for(;;) {
+ do_tangent();
+
+ if (!m) break;
+
+ element_double(Z, Z);
+ if (mpz_tstbit(q, m)) {
+ do_line();
+ element_add(Z, Z, P);
+ }
+ m--;
+ }
+
+ element_clear(t0);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(Z);
+ #undef store_abc
+ #undef do_tangent
+ #undef do_line
+}
+
+static void d_pairing_pp_clear(pairing_pp_t p) {
+ // TODO: Better to store a sentinel value in p->data?
+ mpz_ptr q = p->pairing->r;
+ int m = mpz_sizeinbase(q, 2) + mpz_popcount(q) - 3;
+ int i;
+ pp_coeff_t *coeff = (pp_coeff_t *) p->data;
+ pp_coeff_ptr pp;
+ for (i=0; i<m; i++) {
+ pp = coeff[i];
+ element_clear(pp->a);
+ element_clear(pp->b);
+ element_clear(pp->c);
+ }
+ pbc_free(p->data);
+}
+
+static void d_pairing_pp_apply(element_ptr out, element_ptr in2,
+ pairing_pp_t p) {
+ mpz_ptr q = p->pairing->r;
+ pptr info = p->pairing->data;
+ int m = mpz_sizeinbase(q, 2) - 2;
+ pp_coeff_t *coeff = (pp_coeff_t *) p->data;
+ pp_coeff_ptr pp = coeff[0];
+ element_ptr Qbase = in2;
+ element_t e0;
+ element_t Qx, Qy;
+ element_t v;
+ element_init_same_as(e0, out);
+ element_init_same_as(v, out);
+ element_init(Qx, info->Fqd);
+ element_init(Qy, info->Fqd);
+
+ // Twist: (x, y) --> (v^-1 x, v^-(3/2) y)
+ // where v is the quadratic nonresidue used to construct the twist
+ element_mul(Qx, curve_x_coord(Qbase), info->nqrinv);
+ // v^-3/2 = v^-2 * v^1/2
+ element_mul(Qy, curve_y_coord(Qbase), info->nqrinv2);
+
+ element_set1(out);
+ for(;;) {
+ d_miller_evalfn(e0, pp->a, pp->b, pp->c, Qx, Qy);
+ element_mul(out, out, e0);
+ pp++;
+
+ if (!m) break;
+
+ if (mpz_tstbit(q, m)) {
+ d_miller_evalfn(e0, pp->a, pp->b, pp->c, Qx, Qy);
+ element_mul(out, out, e0);
+ pp++;
+ }
+ m--;
+ element_square(out, out);
+ }
+ cc_tatepower(out, out, p->pairing);
+
+ element_clear(e0);
+ element_clear(Qx);
+ element_clear(Qy);
+ element_clear(v);
+}
+
+static void d_pairing_clear(pairing_t pairing) {
+ field_clear(pairing->GT);
+ pptr p = pairing->data;
+
+ if (p->k == 6) {
+ element_clear(p->xpowq);
+ element_clear(p->xpowq2);
+ mpz_clear(pairing->phikonr);
+ } else {
+ mpz_clear(p->tateexp);
+ }
+
+ field_clear(p->Etwist);
+ field_clear(p->Eq);
+ element_clear(p->nqrinv);
+ element_clear(p->nqrinv2);
+ field_clear(p->Fqk);
+ field_clear(p->Fqd);
+ field_clear(p->Fqx);
+ field_clear(p->Fq);
+ field_clear(pairing->Zr);
+ mpz_clear(pairing->r);
+ pbc_free(p);
+}
+
+static void d_init_pairing(pairing_ptr pairing, void *data) {
+ d_param_ptr param = data;
+ pptr p;
+ element_t a, b;
+ element_t irred;
+ int d = param->k / 2;
+ int i;
+
+ if (param->k % 2) pbc_die("k must be even");
+
+ mpz_init(pairing->r);
+ mpz_set(pairing->r, param->r);
+ field_init_fp(pairing->Zr, pairing->r);
+ pairing->map = cc_pairing;
+ pairing->prod_pairings = cc_pairings_affine;
+ pairing->is_almost_coddh = cc_is_almost_coddh;
+
+ p = pairing->data = pbc_malloc(sizeof(*p));
+ field_init_fp(p->Fq, param->q);
+ element_init(a, p->Fq);
+ element_init(b, p->Fq);
+ element_set_mpz(a, param->a);
+ element_set_mpz(b, param->b);
+ field_init_curve_ab(p->Eq, a, b, pairing->r, param->h);
+
+ field_init_poly(p->Fqx, p->Fq);
+ element_init(irred, p->Fqx);
+ poly_set_coeff1(irred, d);
+ for (i = 0; i < d; i++) {
+ element_set_mpz(element_item(irred, i), param->coeff[i]);
+ }
+
+ field_init_polymod(p->Fqd, irred);
+ element_clear(irred);
+
+ p->Fqd->nqr = pbc_malloc(sizeof(element_t));
+ element_init(p->Fqd->nqr, p->Fqd);
+ element_set_mpz(((element_t *) p->Fqd->nqr->data)[0], param->nqr);
+
+ field_init_quadratic(p->Fqk, p->Fqd);
+
+ // Compute constants involved in the final powering.
+ if (param->k == 6) {
+ mpz_ptr q = param->q;
+ mpz_ptr z = pairing->phikonr;
+ mpz_init(z);
+ mpz_mul(z, q, q);
+ mpz_sub(z, z, q);
+ mpz_add_ui(z, z, 1);
+ mpz_divexact(z, z, pairing->r);
+
+ element_ptr e = p->xpowq;
+ element_init(e, p->Fqd);
+ element_set1(((element_t *) e->data)[1]);
+ element_pow_mpz(e, e, q);
+
+ element_init(p->xpowq2, p->Fqd);
+ element_square(p->xpowq2, e);
+ } else {
+ mpz_init(p->tateexp);
+ mpz_sub_ui(p->tateexp, p->Fqk->order, 1);
+ mpz_divexact(p->tateexp, p->tateexp, pairing->r);
+ }
+
+ field_init_curve_ab_map(p->Etwist, p->Eq, element_field_to_polymod, p->Fqd, pairing->r, NULL);
+ field_reinit_curve_twist(p->Etwist);
+
+ mpz_t ndonr;
+ mpz_init(ndonr);
+ // ndonr temporarily holds the trace.
+ mpz_sub(ndonr, param->q, param->n);
+ mpz_add_ui(ndonr, ndonr, 1);
+ // Negate it because we want the trace of the twist.
+ mpz_neg(ndonr, ndonr);
+ pbc_mpz_curve_order_extn(ndonr, param->q, ndonr, d);
+ mpz_divexact(ndonr, ndonr, param->r);
+ field_curve_set_quotient_cmp(p->Etwist, ndonr);
+ mpz_clear(ndonr);
+
+ element_init(p->nqrinv, p->Fqd);
+ element_invert(p->nqrinv, field_get_nqr(p->Fqd));
+ element_init(p->nqrinv2, p->Fqd);
+ element_square(p->nqrinv2, p->nqrinv);
+
+ pairing->G1 = p->Eq;
+ pairing->G2 = p->Etwist;
+
+ p->k = param->k;
+ pairing_GT_init(pairing, p->Fqk);
+ pairing->finalpow = cc_finalpow;
+
+ // By default use affine coordinates.
+ cc_miller_no_denom_fn = cc_miller_no_denom_affine;
+ pairing->option_set = d_pairing_option_set;
+ pairing->pp_init = d_pairing_pp_init;
+ pairing->pp_clear = d_pairing_pp_clear;
+ pairing->pp_apply = d_pairing_pp_apply;
+
+ pairing->clear_func = d_pairing_clear;
+
+ element_clear(a);
+ element_clear(b);
+}
+
+// Computes a curve and sets fp to the field it is defined over using the
+// complex multiplication method, where cm holds the appropriate information
+// (e.g. discriminant, field order).
+static void compute_cm_curve(d_param_ptr param, pbc_cm_ptr cm) {
+ element_t hp, root;
+ field_t fp, fpx;
+ field_t cc;
+
+ field_init_fp(fp, cm->q);
+ field_init_poly(fpx, fp);
+ element_init(hp, fpx);
+
+ mpz_t *coefflist;
+ int n = pbc_hilbert(&coefflist, cm->D);
+
+ // Temporarily set the coefficient of x^{n-1} to 1 so hp has degree n - 1,
+ // allowing us to use poly_coeff().
+ poly_set_coeff1(hp, n - 1);
+ int i;
+ for (i = 0; i < n; i++) {
+ element_set_mpz(element_item(hp, i), coefflist[i]);
+ }
+ pbc_hilbert_free(coefflist, n);
+
+ // TODO: Remove x = 0, 1728 roots.
+ // TODO: What if there are no roots?
+ //printf("hp ");
+ //element_out_str(stdout, 0, hp);
+ //printf("\n");
+
+ element_init(root, fp);
+ poly_findroot(root, hp);
+ //printf("root = ");
+ //element_out_str(stdout, 0, root);
+ //printf("\n");
+ element_clear(hp);
+ field_clear(fpx);
+
+ // The root is the j-invariant of the desired curve.
+ field_init_curve_j(cc, root, cm->n, NULL);
+ element_clear(root);
+
+ // We may need to twist it.
+ {
+ // Pick a random point P and twist the curve if it has the wrong order.
+ element_t P;
+ element_init(P, cc);
+ element_random(P);
+ element_mul_mpz(P, P, cm->n);
+ if (!element_is0(P)) field_reinit_curve_twist(cc);
+ element_clear(P);
+ }
+
+ mpz_set(param->q, cm->q);
+ mpz_set(param->n, cm->n);
+ mpz_set(param->h, cm->h);
+ mpz_set(param->r, cm->r);
+ element_to_mpz(param->a, curve_field_a_coeff(cc));
+ element_to_mpz(param->b, curve_field_b_coeff(cc));
+ param->k = cm->k;
+ {
+ mpz_t z;
+ mpz_init(z);
+ // Compute order of curve in F_q^k.
+ // n = q - t + 1 hence t = q - n + 1
+ mpz_sub(z, param->q, param->n);
+ mpz_add_ui(z, z, 1);
+ pbc_mpz_trace_n(z, param->q, z, param->k);
+ mpz_pow_ui(param->nk, param->q, param->k);
+ mpz_sub_ui(z, z, 1);
+ mpz_sub(param->nk, param->nk, z);
+ mpz_mul(z, param->r, param->r);
+ mpz_divexact(param->hk, param->nk, z);
+ mpz_clear(z);
+ }
+ field_clear(cc);
+ field_clear(fp);
+}
+
+static void d_param_init(pbc_param_ptr p) {
+ static pbc_param_interface_t interface = {{
+ d_clear,
+ d_init_pairing,
+ d_out_str,
+ }};
+ p->api = interface;
+ d_param_ptr param = p->data = pbc_malloc(sizeof(*param));
+ mpz_init(param->q);
+ mpz_init(param->n);
+ mpz_init(param->h);
+ mpz_init(param->r);
+ mpz_init(param->a);
+ mpz_init(param->b);
+ mpz_init(param->nk);
+ mpz_init(param->hk);
+ param->k = 0;
+ param->coeff = NULL;
+ mpz_init(param->nqr);
+}
+
+// Public interface:
+
+int pbc_param_init_d(pbc_param_ptr par, struct symtab_s *tab) {
+ d_param_init(par);
+ d_param_ptr p = par->data;
+ char s[80];
+ int i, d;
+
+ int err = 0;
+ err += lookup_mpz(p->q, tab, "q");
+ err += lookup_mpz(p->n, tab, "n");
+ err += lookup_mpz(p->h, tab, "h");
+ err += lookup_mpz(p->r, tab, "r");
+ err += lookup_mpz(p->a, tab, "a");
+ err += lookup_mpz(p->b, tab, "b");
+ err += lookup_int(&p->k, tab, "k");
+ err += lookup_mpz(p->nk, tab, "nk");
+ err += lookup_mpz(p->hk, tab, "hk");
+ err += lookup_mpz(p->nqr, tab, "nqr");
+
+ d = p->k / 2;
+ p->coeff = pbc_realloc(p->coeff, sizeof(mpz_t) * d);
+ for (i=0; i<d; i++) {
+ sprintf(s, "coeff%d", i);
+ mpz_init(p->coeff[i]);
+ err += lookup_mpz(p->coeff[i], tab, s);
+ }
+ return err;
+}
+
+void pbc_param_init_d_gen(pbc_param_ptr p, pbc_cm_ptr cm) {
+ d_param_init(p);
+ d_param_ptr param = p->data;
+ field_t Fq, Fqx, Fqd;
+ element_t irred, nqr;
+ int d = cm->k / 2;
+ int i;
+
+ compute_cm_curve(param, cm);
+
+ field_init_fp(Fq, param->q);
+ field_init_poly(Fqx, Fq);
+ element_init(irred, Fqx);
+ do {
+ poly_random_monic(irred, d);
+ } while (!poly_is_irred(irred));
+ field_init_polymod(Fqd, irred);
+
+ // Find a quadratic nonresidue of Fqd lying in Fq.
+ element_init(nqr, Fqd);
+ do {
+ element_random(((element_t *) nqr->data)[0]);
+ } while (element_is_sqr(nqr));
+
+ param->coeff = pbc_realloc(param->coeff, sizeof(mpz_t) * d);
+
+ for (i=0; i<d; i++) {
+ mpz_init(param->coeff[i]);
+ element_to_mpz(param->coeff[i], element_item(irred, i));
+ }
+ element_to_mpz(param->nqr, ((element_t *) nqr->data)[0]);
+
+ element_clear(nqr);
+ element_clear(irred);
+
+ field_clear(Fqx);
+ field_clear(Fqd);
+ field_clear(Fq);
+}
diff --git a/moon-abe/pbc-0.5.14/ecc/e_param.c b/moon-abe/pbc-0.5.14/ecc/e_param.c
new file mode 100644
index 00000000..53f7217c
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/ecc/e_param.c
@@ -0,0 +1,1006 @@
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h> //for rand, pbc_malloc, pbc_free
+#include <string.h> //for strcmp
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_fp.h"
+#include "pbc_param.h"
+#include "pbc_pairing.h"
+#include "pbc_curve.h"
+#include "pbc_random.h"
+#include "pbc_memory.h"
+#include "pbc_e_param.h"
+#include "ecc/param.h"
+
+struct e_param_s {
+ mpz_t q; // Curve is defined over F_q.
+ mpz_t r; // q = h r^2 + 1, r is prime.
+ mpz_t h; // h is 28 times some square.
+ mpz_t a, b; // Curve equation is Y^2 = X^3 + aX + b.
+ int exp2;
+ int exp1;
+ int sign1;
+ int sign0;
+};
+typedef struct e_param_s e_param_t[1];
+typedef struct e_param_s *e_param_ptr;
+
+struct e_pairing_data_s {
+ field_t Fq, Eq;
+ int exp2, exp1;
+ int sign1, sign0;
+ element_t R;
+};
+typedef struct e_pairing_data_s e_pairing_data_t[1];
+typedef struct e_pairing_data_s *e_pairing_data_ptr;
+
+static void e_clear(void *data) {
+ e_param_ptr ep = data;
+ mpz_clear(ep->q);
+ mpz_clear(ep->r);
+ mpz_clear(ep->h);
+ mpz_clear(ep->a);
+ mpz_clear(ep->b);
+ pbc_free(data);
+}
+
+static void e_out_str(FILE *stream, void *data) {
+ e_param_ptr p = data;
+ param_out_type(stream, "e");
+ param_out_mpz(stream, "q", p->q);
+ param_out_mpz(stream, "r", p->r);
+ param_out_mpz(stream, "h", p->h);
+ param_out_mpz(stream, "a", p->a);
+ param_out_mpz(stream, "b", p->b);
+ param_out_int(stream, "exp2", p->exp2);
+ param_out_int(stream, "exp1", p->exp1);
+ param_out_int(stream, "sign1", p->sign1);
+ param_out_int(stream, "sign0", p->sign0);
+}
+
+static void e_miller_proj(element_t res, element_t P,
+ element_ptr QR, element_ptr R,
+ e_pairing_data_ptr p) {
+ //collate divisions
+ int n;
+ element_t v, vd;
+ element_t v1, vd1;
+ element_t Z, Z1;
+ element_t a, b, c;
+ const element_ptr cca = curve_a_coeff(P);
+ element_t e0, e1;
+ const element_ptr e2 = a, e3 = b;
+ element_t z, z2;
+ int i;
+ element_ptr Zx, Zy;
+ const element_ptr Px = curve_x_coord(P);
+ const element_ptr numx = curve_x_coord(QR);
+ const element_ptr numy = curve_y_coord(QR);
+ const element_ptr denomx = curve_x_coord(R);
+ const element_ptr denomy = curve_y_coord(R);
+
+ //convert Z from weighted projective (Jacobian) to affine
+ //i.e. (X, Y, Z) --> (X/Z^2, Y/Z^3)
+ //also sets z to 1
+ #define to_affine() { \
+ element_invert(z, z); \
+ element_square(e0, z); \
+ element_mul(Zx, Zx, e0); \
+ element_mul(e0, e0, z); \
+ element_mul(Zy, Zy, e0); \
+ element_set1(z); \
+ element_set1(z2); \
+ }
+
+ #define proj_double() { \
+ const element_ptr x = Zx; \
+ const element_ptr y = Zy; \
+ /* e0 = 3x^2 + (cc->a) z^4 */ \
+ element_square(e0, x); \
+ /* element_mul_si(e0, e0, 3); */ \
+ element_double(e1, e0); \
+ element_add(e0, e0, e1); \
+ element_square(e1, z2); \
+ element_mul(e1, e1, cca); \
+ element_add(e0, e0, e1); \
+ \
+ /* z_out = 2 y z */ \
+ element_mul(z, y, z); \
+ /* element_mul_si(z, z, 2); */ \
+ element_double(z, z); \
+ element_square(z2, z); \
+ \
+ /* e1 = 4 x y^2 */ \
+ element_square(e2, y); \
+ element_mul(e1, x, e2); \
+ /* element_mul_si(e1, e1, 4); */ \
+ element_double(e1, e1); \
+ element_double(e1, e1); \
+ \
+ /* x_out = e0^2 - 2 e1 */ \
+ /* element_mul_si(e3, e1, 2); */ \
+ element_double(e3, e1); \
+ element_square(x, e0); \
+ element_sub(x, x, e3); \
+ \
+ /* e2 = 8y^4 */ \
+ element_square(e2, e2); \
+ /* element_mul_si(e2, e2, 8); */ \
+ element_double(e2, e2); \
+ element_double(e2, e2); \
+ element_double(e2, e2); \
+ \
+ /* y_out = e0(e1 - x_out) - e2 */ \
+ element_sub(e1, e1, x); \
+ element_mul(e0, e0, e1); \
+ element_sub(y, e0, e2); \
+ }
+
+ #define do_tangent(e, edenom) { \
+ /* a = -(3x^2 + cca z^4) */ \
+ /* b = 2 y z^3 */ \
+ /* c = -(2 y^2 + x a) */ \
+ /* a = z^2 a */ \
+ element_square(a, z2); \
+ element_mul(a, a, cca); \
+ element_square(b, Zx); \
+ /* element_mul_si(b, b, 3); */ \
+ element_double(e0, b); \
+ element_add(b, b, e0); \
+ element_add(a, a, b); \
+ element_neg(a, a); \
+ \
+ /* element_mul_si(e0, Zy, 2); */ \
+ element_double(e0, Zy); \
+ element_mul(b, e0, z2); \
+ element_mul(b, b, z); \
+ \
+ element_mul(c, Zx, a); \
+ element_mul(a, a, z2); \
+ element_mul(e0, e0, Zy); \
+ element_add(c, c, e0); \
+ element_neg(c, c); \
+ \
+ element_mul(e0, a, numx); \
+ element_mul(e1, b, numy); \
+ element_add(e0, e0, e1); \
+ element_add(e0, e0, c); \
+ element_mul(e, e, e0); \
+ \
+ element_mul(e0, a, denomx); \
+ element_mul(e1, b, denomy); \
+ element_add(e0, e0, e1); \
+ element_add(e0, e0, c); \
+ element_mul(edenom, edenom, e0); \
+ }
+
+ #define do_vertical(e, edenom, Ax) { \
+ element_mul(e0, numx, z2); \
+ element_sub(e0, e0, Ax); \
+ element_mul(e, e, e0); \
+ \
+ element_mul(e0, denomx, z2); \
+ element_sub(e0, e0, Ax); \
+ element_mul(edenom, edenom, e0); \
+ }
+
+ #define do_line(e, edenom, A, B) { \
+ element_ptr Ax = curve_x_coord(A); \
+ element_ptr Ay = curve_y_coord(A); \
+ element_ptr Bx = curve_x_coord(B); \
+ element_ptr By = curve_y_coord(B); \
+ \
+ element_sub(b, Bx, Ax); \
+ element_sub(a, Ay, By); \
+ element_mul(c, Ax, By); \
+ element_mul(e0, Ay, Bx); \
+ element_sub(c, c, e0); \
+ \
+ element_mul(e0, a, numx); \
+ element_mul(e1, b, numy); \
+ element_add(e0, e0, e1); \
+ element_add(e0, e0, c); \
+ element_mul(e, e, e0); \
+ \
+ element_mul(e0, a, denomx); \
+ element_mul(e1, b, denomy); \
+ element_add(e0, e0, e1); \
+ element_add(e0, e0, c); \
+ element_mul(edenom, edenom, e0); \
+ }
+
+ element_init(a, res->field);
+ element_init(b, res->field);
+ element_init(c, res->field);
+ element_init(e0, res->field);
+ element_init(e1, res->field);
+ element_init(z, res->field);
+ element_init(z2, res->field);
+ element_set1(z);
+ element_set1(z2);
+
+ element_init(v, res->field);
+ element_init(vd, res->field);
+ element_init(v1, res->field);
+ element_init(vd1, res->field);
+ element_init(Z, P->field);
+ element_init(Z1, P->field);
+
+ element_set(Z, P);
+ Zx = curve_x_coord(Z);
+ Zy = curve_y_coord(Z);
+
+ element_set1(v);
+ element_set1(vd);
+ element_set1(v1);
+ element_set1(vd1);
+
+ n = p->exp1;
+ for (i=0; i<n; i++) {
+ element_square(v, v);
+ element_square(vd, vd);
+ do_tangent(v, vd);
+ proj_double();
+ do_vertical(vd, v, Zx);
+ }
+ to_affine();
+ if (p->sign1 < 0) {
+ element_set(v1, vd);
+ element_set(vd1, v);
+ do_vertical(vd1, v1, Zx);
+ element_neg(Z1, Z);
+ } else {
+ element_set(v1, v);
+ element_set(vd1, vd);
+ element_set(Z1, Z);
+ }
+ n = p->exp2;
+ for (; i<n; i++) {
+ element_square(v, v);
+ element_square(vd, vd);
+ do_tangent(v, vd);
+ proj_double();
+ do_vertical(vd, v, Zx);
+ }
+ to_affine();
+ element_mul(v, v, v1);
+ element_mul(vd, vd, vd1);
+ do_line(v, vd, Z, Z1);
+ element_add(Z, Z, Z1);
+ do_vertical(vd, v, Zx);
+
+ if (p->sign0 > 0) {
+ do_vertical(v, vd, Px);
+ }
+
+ element_invert(vd, vd);
+ element_mul(res, v, vd);
+
+ element_clear(v);
+ element_clear(vd);
+ element_clear(v1);
+ element_clear(vd1);
+ element_clear(z);
+ element_clear(z2);
+ element_clear(Z);
+ element_clear(Z1);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(e0);
+ element_clear(e1);
+ #undef to_affine
+ #undef proj_double
+ #undef do_tangent
+ #undef do_vertical
+ #undef do_line
+}
+
+static void e_miller_affine(element_t res, element_t P,
+ element_ptr QR, element_ptr R,
+ e_pairing_data_ptr p) {
+ //collate divisions
+ int n;
+ element_t v, vd;
+ element_t v1, vd1;
+ element_t Z, Z1;
+ element_t a, b, c;
+ element_t e0, e1;
+ const element_ptr Px = curve_x_coord(P);
+ const element_ptr cca = curve_a_coeff(P);
+ element_ptr Zx, Zy;
+ int i;
+ const element_ptr numx = curve_x_coord(QR);
+ const element_ptr numy = curve_y_coord(QR);
+ const element_ptr denomx = curve_x_coord(R);
+ const element_ptr denomy = curve_y_coord(R);
+
+ #define do_vertical(e, edenom, Ax) { \
+ element_sub(e0, numx, Ax); \
+ element_mul(e, e, e0); \
+ \
+ element_sub(e0, denomx, Ax); \
+ element_mul(edenom, edenom, e0); \
+ }
+
+ #define do_tangent(e, edenom) { \
+ /* a = -slope_tangent(A.x, A.y); */ \
+ /* b = 1; */ \
+ /* c = -(A.y + a * A.x); */ \
+ /* but we multiply by 2*A.y to avoid division */ \
+ \
+ /* a = -Ax * (Ax + Ax + Ax + twicea_2) - a_4; */ \
+ /* Common curves: a2 = 0 (and cc->a is a_4), so */ \
+ /* a = -(3 Ax^2 + cc->a) */ \
+ /* b = 2 * Ay */ \
+ /* c = -(2 Ay^2 + a Ax); */ \
+ \
+ element_square(a, Zx); \
+ element_mul_si(a, a, 3); \
+ element_add(a, a, cca); \
+ element_neg(a, a); \
+ \
+ element_add(b, Zy, Zy); \
+ \
+ element_mul(e0, b, Zy); \
+ element_mul(c, a, Zx); \
+ element_add(c, c, e0); \
+ element_neg(c, c); \
+ \
+ element_mul(e0, a, numx); \
+ element_mul(e1, b, numy); \
+ element_add(e0, e0, e1); \
+ element_add(e0, e0, c); \
+ element_mul(e, e, e0); \
+ \
+ element_mul(e0, a, denomx); \
+ element_mul(e1, b, denomy); \
+ element_add(e0, e0, e1); \
+ element_add(e0, e0, c); \
+ element_mul(edenom, edenom, e0); \
+ }
+
+ #define do_line(e, edenom, A, B) { \
+ element_ptr Ax = curve_x_coord(A); \
+ element_ptr Ay = curve_y_coord(A); \
+ element_ptr Bx = curve_x_coord(B); \
+ element_ptr By = curve_y_coord(B); \
+ \
+ element_sub(b, Bx, Ax); \
+ element_sub(a, Ay, By); \
+ element_mul(c, Ax, By); \
+ element_mul(e0, Ay, Bx); \
+ element_sub(c, c, e0); \
+ \
+ element_mul(e0, a, numx); \
+ element_mul(e1, b, numy); \
+ element_add(e0, e0, e1); \
+ element_add(e0, e0, c); \
+ element_mul(e, e, e0); \
+ \
+ element_mul(e0, a, denomx); \
+ element_mul(e1, b, denomy); \
+ element_add(e0, e0, e1); \
+ element_add(e0, e0, c); \
+ element_mul(edenom, edenom, e0); \
+ }
+
+ element_init(a, res->field);
+ element_init(b, res->field);
+ element_init(c, res->field);
+ element_init(e0, res->field);
+ element_init(e1, res->field);
+
+ element_init(v, res->field);
+ element_init(vd, res->field);
+ element_init(v1, res->field);
+ element_init(vd1, res->field);
+ element_init(Z, P->field);
+ element_init(Z1, P->field);
+
+ element_set(Z, P);
+ Zx = curve_x_coord(Z);
+ Zy = curve_y_coord(Z);
+
+ element_set1(v);
+ element_set1(vd);
+ element_set1(v1);
+ element_set1(vd1);
+
+ n = p->exp1;
+ for (i=0; i<n; i++) {
+ element_square(v, v);
+ element_square(vd, vd);
+ do_tangent(v, vd);
+ element_double(Z, Z);
+ do_vertical(vd, v, Zx);
+ }
+ if (p->sign1 < 0) {
+ element_set(v1, vd);
+ element_set(vd1, v);
+ do_vertical(vd1, v1, Zx);
+ element_neg(Z1, Z);
+ } else {
+ element_set(v1, v);
+ element_set(vd1, vd);
+ element_set(Z1, Z);
+ }
+ n = p->exp2;
+ for (; i<n; i++) {
+ element_square(v, v);
+ element_square(vd, vd);
+ do_tangent(v, vd);
+ element_double(Z, Z);
+ do_vertical(vd, v, Zx);
+ }
+ element_mul(v, v, v1);
+ element_mul(vd, vd, vd1);
+ do_line(v, vd, Z, Z1);
+ element_add(Z, Z, Z1);
+ do_vertical(vd, v, Zx);
+
+ if (p->sign0 > 0) {
+ do_vertical(v, vd, Px);
+ }
+
+ element_invert(vd, vd);
+ element_mul(res, v, vd);
+
+ element_clear(v);
+ element_clear(vd);
+ element_clear(v1);
+ element_clear(vd1);
+ element_clear(Z);
+ element_clear(Z1);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(e0);
+ element_clear(e1);
+ #undef do_vertical
+ #undef do_tangent
+ #undef do_line
+}
+
+static void (*e_miller_fn)(element_t res, element_t P,
+ element_ptr QR, element_ptr R,
+ e_pairing_data_ptr p);
+
+static void e_pairing(element_ptr out, element_ptr in1, element_ptr in2,
+ pairing_t pairing) {
+ e_pairing_data_ptr p = pairing->data;
+ element_ptr Q = in2;
+ element_t QR;
+ element_init(QR, p->Eq);
+ element_add(QR, Q, p->R);
+ e_miller_fn(out, in1, QR, p->R, p);
+ element_pow_mpz(out, out, pairing->phikonr);
+ element_clear(QR);
+}
+
+// in1, in2 are from E(F_q), out from F_q^2.
+// Pairing via elliptic nets (see Stange).
+static void e_pairing_ellnet(element_ptr out, element_ptr in1, element_ptr in2,
+ pairing_t pairing) {
+ const element_ptr a = curve_a_coeff(in1);
+ const element_ptr b = curve_b_coeff(in1);
+
+ element_ptr x = curve_x_coord(in1);
+ element_ptr y = curve_y_coord(in1);
+
+ element_ptr x2 = curve_x_coord(in2);
+ element_ptr y2 = curve_y_coord(in2);
+
+ //notation: cmi means c_{k-i}, ci means c_{k+i}
+ element_t cm3, cm2, cm1, c0, c1, c2, c3, c4;
+ element_t dm1, d0, d1;
+ element_t A, B, C;
+
+ element_init_same_as(cm3, x);
+ element_init_same_as(cm2, x);
+ element_init_same_as(cm1, x);
+ element_init_same_as(c0, x);
+ element_init_same_as(c1, x);
+ element_init_same_as(c2, x);
+ element_init_same_as(c3, x);
+ element_init_same_as(c4, x);
+ element_init_same_as(C, x);
+
+ element_init_same_as(dm1, out);
+ element_init_same_as(d0, out);
+ element_init_same_as(d1, out);
+ element_init_same_as(A, x);
+ element_init_same_as(B, out);
+
+ // c1 = 2y
+ // cm3 = -2y
+ element_double(c1, y);
+ element_neg(cm3, c1);
+
+ //use c0, cm1, cm2, C, c4 as temp variables for now
+ //compute c3, c2
+ element_square(cm2, x);
+ element_square(C, cm2);
+ element_mul(cm1, b, x);
+ element_double(cm1, cm1);
+ element_square(c4, a);
+
+ element_mul(c2, cm1, cm2);
+ element_double(c2, c2);
+ element_mul(c0, a, C);
+ element_add(c2, c2, c0);
+ element_mul(c0, c4, cm2);
+ element_sub(c2, c2, c0);
+ element_double(c0, c2);
+ element_double(c0, c0);
+ element_add(c2, c2, c0);
+
+ element_mul(c0, cm1, a);
+ element_square(c3, b);
+ element_double(c3, c3);
+ element_double(c3, c3);
+ element_add(c0, c0, c3);
+ element_double(c0, c0);
+ element_mul(c3, a, c4);
+ element_add(c0, c0, c3);
+ element_sub(c2, c2, c0);
+ element_mul(c0, cm2, C);
+ element_add(c3, c0, c2);
+ element_mul(c3, c3, c1);
+ element_double(c3, c3);
+
+ element_mul(c0, a, cm2);
+ element_add(c0, c0, cm1);
+ element_double(c0, c0);
+ element_add(c0, c0, C);
+ element_double(c2, c0);
+ element_add(c0, c0, c2);
+ element_sub(c2, c0, c4);
+
+ // c0 = 1
+ // cm2 = -1
+ element_set1(c0);
+ element_neg(cm2, c0);
+
+ // c4 = c_5 = c_2^3 c_4 - c_3^3 = c1^3 c3 - c2^3
+ element_square(C, c1);
+ element_mul(c4, C, c1);
+ element_mul(c4, c4, c3);
+ element_square(C, c2);
+ element_mul(C, C, c2);
+ element_sub(c4, c4, C);
+
+ //compute A, B, d1 (which is d_2 since k = 1)
+ element_sub(A, x, x2);
+ element_double(C, x);
+ element_add(C, C, x2);
+ element_square(cm1, A);
+ element_mul(cm1, C, cm1);
+ element_add(d1, y, y2);
+ element_square(d1, d1);
+ element_sub(B, cm1, d1);
+ element_invert(B, B);
+ element_invert(A, A);
+
+ element_sub(d1, y, y2);
+ element_mul(d1, d1, A);
+ element_square(d1, d1);
+ element_sub(d1, C, d1);
+
+ // cm1 = 0
+ // C = (2y)^-1
+ element_set0(cm1);
+ element_invert(C, c1);
+
+ element_set1(dm1);
+ element_set1(d0);
+
+ element_t sm2, sm1;
+ element_t s0, s1, s2, s3;
+ element_t tm2, tm1;
+ element_t t0, t1, t2, t3;
+ element_t e0, e1;
+ element_t u, v;
+
+ element_init_same_as(sm2, x);
+ element_init_same_as(sm1, x);
+ element_init_same_as(s0, x);
+ element_init_same_as(s1, x);
+ element_init_same_as(s2, x);
+ element_init_same_as(s3, x);
+
+ element_init_same_as(tm2, x);
+ element_init_same_as(tm1, x);
+ element_init_same_as(t0, x);
+ element_init_same_as(t1, x);
+ element_init_same_as(t2, x);
+ element_init_same_as(t3, x);
+
+ element_init_same_as(e0, x);
+ element_init_same_as(e1, x);
+
+ element_init_same_as(u, d0);
+ element_init_same_as(v, d0);
+
+ int m = mpz_sizeinbase(pairing->r, 2) - 2;
+ for (;;) {
+ element_square(sm2, cm2);
+ element_square(sm1, cm1);
+ element_square(s0, c0);
+ element_square(s1, c1);
+ element_square(s2, c2);
+ element_square(s3, c3);
+
+ element_mul(tm2, cm3, cm1);
+ element_mul(tm1, cm2, c0);
+ element_mul(t0, cm1, c1);
+ element_mul(t1, c0, c2);
+ element_mul(t2, c1, c3);
+ element_mul(t3, c2, c4);
+
+ element_square(u, d0);
+ element_mul(v, dm1, d1);
+
+ if (mpz_tstbit(pairing->r, m)) {
+ //double-and-add
+ element_mul(e0, t0, sm2);
+ element_mul(e1, tm2, s0);
+ element_sub(cm3, e0, e1);
+ element_mul(cm3, cm3, C);
+
+ element_mul(e0, t0, sm1);
+ element_mul(e1, tm1, s0);
+ element_sub(cm2, e0, e1);
+
+ element_mul(e0, t1, sm1);
+ element_mul(e1, tm1, s1);
+ element_sub(cm1, e0, e1);
+ element_mul(cm1, cm1, C);
+
+ element_mul(e0, t1, s0);
+ element_mul(e1, t0, s1);
+ element_sub(c0, e0, e1);
+
+ element_mul(e0, t2, s0);
+ element_mul(e1, t0, s2);
+ element_sub(c1, e0, e1);
+ element_mul(c1, c1, C);
+
+ element_mul(e0, t2, s1);
+ element_mul(e1, t1, s2);
+ element_sub(c2, e0, e1);
+
+ element_mul(e0, t3, s1);
+ element_mul(e1, t1, s3);
+ element_sub(c3, e0, e1);
+ element_mul(c3, c3, C);
+
+ element_mul(e0, t3, s2);
+ element_mul(e1, t2, s3);
+ element_sub(c4, e0, e1);
+
+ element_mul(out, u, t0);
+ element_mul(dm1, v, s0);
+ element_sub(dm1, dm1, out);
+
+ element_mul(out, u, t1);
+ element_mul(d0, v, s1);
+ element_sub(d0, d0, out);
+ element_mul(d0, d0, A);
+
+ element_mul(out, u, t2);
+ element_mul(d1, v, s2);
+ element_sub(d1, d1, out);
+ element_mul(d1, d1, B);
+ } else {
+ //double
+ element_mul(e0, tm1, sm2);
+ element_mul(e1, tm2, sm1);
+ element_sub(cm3, e0, e1);
+
+ element_mul(e0, t0, sm2);
+ element_mul(e1, tm2, s0);
+ element_sub(cm2, e0, e1);
+ element_mul(cm2, cm2, C);
+
+ element_mul(e0, t0, sm1);
+ element_mul(e1, tm1, s0);
+ element_sub(cm1, e0, e1);
+
+ element_mul(e0, t1, sm1);
+ element_mul(e1, tm1, s1);
+ element_sub(c0, e0, e1);
+ element_mul(c0, c0, C);
+
+ element_mul(e0, t1, s0);
+ element_mul(e1, t0, s1);
+ element_sub(c1, e0, e1);
+
+ element_mul(e0, t2, s0);
+ element_mul(e1, t0, s2);
+ element_sub(c2, e0, e1);
+ element_mul(c2, c2, C);
+
+ element_mul(e0, t2, s1);
+ element_mul(e1, t1, s2);
+ element_sub(c3, e0, e1);
+
+ element_mul(e0, t3, s1);
+ element_mul(e1, t1, s3);
+ element_sub(c4, e0, e1);
+ element_mul(c4, c4, C);
+
+ element_mul(out, u, tm1);
+ element_mul(dm1, v, sm1);
+ element_sub(dm1, dm1, out);
+
+ element_mul(out, u, t0);
+ element_mul(d0, v, s0);
+ element_sub(d0, d0, out);
+
+ element_mul(out, u, t1);
+ element_mul(d1, v, s1);
+ element_sub(d1, d1, out);
+ element_mul(d1, d1, A);
+ }
+ if (!m) break;
+ m--;
+ }
+ element_invert(c1, c1);
+ element_mul(d1, d1, c1);
+
+ element_pow_mpz(out, d1, pairing->phikonr);
+
+ element_clear(dm1);
+ element_clear(d0);
+ element_clear(d1);
+
+ element_clear(cm3);
+ element_clear(cm2);
+ element_clear(cm1);
+ element_clear(c0);
+ element_clear(c1);
+ element_clear(c2);
+ element_clear(c3);
+ element_clear(c4);
+
+ element_clear(sm2);
+ element_clear(sm1);
+ element_clear(s0);
+ element_clear(s1);
+ element_clear(s2);
+ element_clear(s3);
+
+ element_clear(tm2);
+ element_clear(tm1);
+ element_clear(t0);
+ element_clear(t1);
+ element_clear(t2);
+ element_clear(t3);
+
+ element_clear(e0);
+ element_clear(e1);
+ element_clear(A);
+ element_clear(B);
+ element_clear(C);
+ element_clear(u);
+ element_clear(v);
+}
+
+static void phi_identity(element_ptr out, element_ptr in, pairing_ptr pairing) {
+ (void) pairing;
+ element_set(out, in);
+}
+
+static void e_pairing_option_set(pairing_t pairing, char *key, char *value) {
+ //TODO: this affects every type E pairing!
+ UNUSED_VAR(pairing);
+ if (!strcmp(key, "method")) {
+ if (!strcmp(value, "miller")) {
+ pairing->map = e_pairing;
+ e_miller_fn = e_miller_proj;
+ } else if (!strcmp(value, "miller-affine")) {
+ pairing->map = e_pairing;
+ e_miller_fn = e_miller_affine;
+ } else if (!strcmp(value, "shipsey-stange")) {
+ pairing->map = e_pairing_ellnet;
+ }
+ }
+}
+
+static void e_pairing_clear(pairing_t pairing) {
+ field_clear(pairing->GT);
+ e_pairing_data_ptr p = pairing->data;
+ field_clear(p->Fq);
+ field_clear(p->Eq);
+ element_clear(p->R);
+ pbc_free(p);
+
+ mpz_clear(pairing->phikonr);
+ mpz_clear(pairing->r);
+ field_clear(pairing->Zr);
+}
+
+static void e_finalpow(element_ptr e) {
+ element_pow_mpz(e->data, e->data, e->field->pairing->phikonr);
+}
+
+static void e_init_pairing(pairing_t pairing, void *data) {
+ e_param_ptr param = data;
+ e_pairing_data_ptr p;
+ element_t a, b;
+
+ mpz_init(pairing->r);
+ mpz_set(pairing->r, param->r);
+ field_init_fp(pairing->Zr, pairing->r);
+ pairing->map = e_pairing;
+ e_miller_fn = e_miller_proj;
+
+ p = pairing->data = pbc_malloc(sizeof(e_pairing_data_t));
+ p->exp2 = param->exp2;
+ p->exp1 = param->exp1;
+ p->sign1 = param->sign1;
+ p->sign0 = param->sign0;
+ field_init_fp(p->Fq, param->q);
+ element_init(a, p->Fq);
+ element_init(b, p->Fq);
+ element_set_mpz(a, param->a);
+ element_set_mpz(b, param->b);
+ field_init_curve_ab(p->Eq, a, b, pairing->r, param->h);
+
+ //k=1, hence phikonr = (p-1)/r
+ mpz_init(pairing->phikonr);
+ mpz_sub_ui(pairing->phikonr, p->Fq->order, 1);
+ mpz_divexact(pairing->phikonr, pairing->phikonr, pairing->r);
+
+ pairing->G2 = pairing->G1 = p->Eq;
+ pairing_GT_init(pairing, p->Fq);
+ pairing->finalpow = e_finalpow;
+ pairing->phi = phi_identity;
+ pairing->option_set = e_pairing_option_set;
+ pairing->clear_func = e_pairing_clear;
+
+ element_init(p->R, p->Eq);
+ curve_set_gen_no_cofac(p->R);
+
+ element_clear(a);
+ element_clear(b);
+}
+
+static void e_init(pbc_param_ptr p) {
+ static pbc_param_interface_t interface = {{
+ e_clear,
+ e_init_pairing,
+ e_out_str,
+ }};
+ p->api = interface;
+ e_param_ptr ep = p->data = pbc_malloc(sizeof(*ep));
+ mpz_init(ep->q);
+ mpz_init(ep->r);
+ mpz_init(ep->h);
+ mpz_init(ep->a);
+ mpz_init(ep->b);
+}
+
+// Public interface:
+
+int pbc_param_init_e(pbc_param_ptr par, struct symtab_s *tab) {
+ e_init(par);
+ e_param_ptr p = par->data;
+
+ int err = 0;
+ err += lookup_mpz(p->q, tab, "q");
+ err += lookup_mpz(p->r, tab, "r");
+ err += lookup_mpz(p->h, tab, "h");
+ err += lookup_mpz(p->a, tab, "a");
+ err += lookup_mpz(p->b, tab, "b");
+ err += lookup_int(&p->exp2, tab, "exp2");
+ err += lookup_int(&p->exp1, tab, "exp1");
+ err += lookup_int(&p->sign1, tab, "sign1");
+ err += lookup_int(&p->sign0, tab, "sign0");
+ return err;
+}
+
+void pbc_param_init_e_gen(pbc_param_t par, int rbits, int qbits) {
+ e_init(par);
+ e_param_ptr p = par->data;
+ //3 takes 2 bits to represent
+ int hbits = (qbits - 2) / 2 - rbits;
+ mpz_ptr q = p->q;
+ mpz_ptr r = p->r;
+ mpz_ptr h = p->h;
+ mpz_t n;
+ field_t Fq;
+ field_t cc;
+ element_t j;
+ int found = 0;
+
+ //won't find any curves is hbits is too low
+ if (hbits < 3) hbits = 3;
+
+ mpz_init(n);
+
+ do {
+ int i;
+ mpz_set_ui(r, 0);
+
+ if (rand() % 2) {
+ p->exp2 = rbits - 1;
+ p->sign1 = 1;
+ } else {
+ p->exp2 = rbits;
+ p->sign1 = -1;
+ }
+ mpz_setbit(r, p->exp2);
+
+ p->exp1 = (rand() % (p->exp2 - 1)) + 1;
+ //use q as a temp variable
+ mpz_set_ui(q, 0);
+ mpz_setbit(q, p->exp1);
+
+ if (p->sign1 > 0) {
+ mpz_add(r, r, q);
+ } else {
+ mpz_sub(r, r, q);
+ }
+
+ if (rand() % 2) {
+ p->sign0 = 1;
+ mpz_add_ui(r, r, 1);
+ } else {
+ p->sign0 = -1;
+ mpz_sub_ui(r, r, 1);
+ }
+ if (!mpz_probab_prime_p(r, 10)) continue;
+ for (i=0; i<10; i++) {
+ //use q as a temp variable
+ mpz_set_ui(q, 0);
+ mpz_setbit(q, hbits + 1);
+ pbc_mpz_random(h, q);
+ mpz_mul(h, h, h);
+ mpz_mul_ui(h, h, 3);
+ //finally q takes the value it should
+ mpz_mul(n, r, r);
+ mpz_mul(n, n, h);
+ mpz_add_ui(q, n, 1);
+ if (mpz_probab_prime_p(q, 10)) {
+ found = 1;
+ break;
+ }
+ }
+ } while (!found);
+ /*
+ do {
+ mpz_set_ui(r, 0);
+ mpz_setbit(r, rbits);
+ pbc_mpz_random(r, r);
+ mpz_nextprime(r, r);
+ mpz_mul(n, r, r);
+ mpz_mul_ui(n, n, 3);
+ mpz_add_ui(q, n, 1);
+ } while (!mpz_probab_prime_p(q, 10));
+ */
+
+ field_init_fp(Fq, q);
+ element_init(j, Fq);
+ element_set_si(j, 1);
+ field_init_curve_b(cc, j, n, NULL);
+ element_clear(j);
+ // We may need to twist it.
+ {
+ // Pick a random point P and twist the curve if P has the wrong order.
+ element_t P;
+ element_init(P, cc);
+ element_random(P);
+ element_mul_mpz(P, P, n);
+ if (!element_is0(P)) field_reinit_curve_twist(cc);
+ element_clear(P);
+ }
+ element_to_mpz(p->a, curve_field_a_coeff(cc));
+ element_to_mpz(p->b, curve_field_b_coeff(cc));
+
+ mpz_clear(n);
+}
diff --git a/moon-abe/pbc-0.5.14/ecc/eta_T_3.c b/moon-abe/pbc-0.5.14/ecc/eta_T_3.c
new file mode 100644
index 00000000..44396b76
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/ecc/eta_T_3.c
@@ -0,0 +1,835 @@
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h>
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_fp.h"
+#include "pbc_memory.h"
+#include "pbc_param.h"
+#include "pbc_pairing.h"
+#include "pbc_ternary_extension_field.h"
+#include "param.h"
+
+typedef struct { /* private data of $GF(3^m)$ */
+ unsigned int len; /* the number of native machine integers required to represent one GF(3^m) element */
+ int m; /* the irreducible polynomial is $x^m + x^t + 2$ */
+ int t; /* the irreducible polynomial is $x^m + x^t + 2$ */
+ element_ptr p; /* $p$ is the irreducible polynomial. */
+ mpz_t n; /* group order of $G_1$, $G_2$, $G_T$ */
+ mpz_t n2; /* order(elliptic curve points) / order(G_1) */
+} params;
+
+struct pairing_data {
+ field_t gf3m, gf32m, gf36m;
+ mpz_t n2; // cofactor
+};
+typedef struct pairing_data *pairing_data_ptr;
+
+#define PARAM(e) ((params *)e->field->data)
+#define ITEM(e,x,y) (element_item(element_item(e,x),y))
+#define print(e) {printf(#e": "); element_out_str(stdout, 10, e); printf("\n");}
+
+struct point_s { // points on the elliptic curve $y^2=x^3-x+1$
+ int isinf;
+ element_t x, y;
+};
+typedef struct point_s *point_ptr;
+typedef struct point_s point_t[1];
+
+#define FIELD(e) ((field_ptr) e->field)
+#define BASE(e) ((field_ptr) FIELD(e)->data)
+#define DATA(e) ((point_ptr) e->data)
+
+static void point_set(element_t e, element_t a) {
+ point_ptr r = DATA(e), p = DATA(a);
+ r->isinf = p->isinf;
+ if (!p->isinf) {
+ element_set(r->x, p->x);
+ element_set(r->y, p->y);
+ }
+}
+
+static void point_init(element_t e) {
+ field_ptr f = BASE(e);
+ e->data = pbc_malloc(sizeof(struct point_s));
+ point_ptr p = DATA(e);
+ element_init(p->x, f);
+ element_init(p->y, f);
+ p->isinf = 1;
+}
+
+static void point_clear(element_t e) {
+ point_ptr p = DATA(e);
+ element_clear(p->x);
+ element_clear(p->y);
+ pbc_free(p);
+}
+
+/* return 1 if $a!=b$, 0 otherwise. */
+static int point_cmp(element_t a, element_t b) {
+ point_ptr pa = DATA(a), pb = DATA(b);
+ if (pa->isinf == pb->isinf) {
+ if (pa->isinf)
+ return 0;
+ else
+ return element_cmp(pa->x, pb->x) || element_cmp(pa->y, pb->y);
+ } else
+ return 1;
+}
+
+static void point_set0(element_ptr e) {
+ DATA(e)->isinf = 1;
+}
+
+static int point_is0(element_ptr e) {
+ return DATA(e)->isinf;
+}
+
+static void point_random(element_t a) {
+ point_ptr p = DATA(a);
+ element_ptr x = p->x, y = p->y;
+ field_ptr f = x->field;
+ p->isinf = 0;
+ element_t t, t2, e1;
+ element_init(t, f);
+ element_init(e1, f);
+ element_set1(e1);
+ element_init(t2, f);
+ do {
+ element_random(x);
+ if (element_is0(x))
+ continue;
+ element_cubic(t, x); // t == x^3
+ element_sub(t, t, x); // t == x^3 - x
+ element_add(t, t, e1); // t == x^3 - x + 1
+ element_sqrt(y, t); // y == sqrt(x^3 - x + 1)
+ element_mul(t2, y, y); // t2 == x^3 - x + 1
+ } while (element_cmp(t2, t)); // t2 != t
+
+ // make sure order of $a$ is order of $G_1$
+ pairing_ptr pairing = FIELD(a)->pairing;
+ pairing_data_ptr dp = pairing->data;
+ element_pow_mpz(a, a, dp->n2);
+
+ element_clear(t);
+ element_clear(t2);
+ element_clear(e1);
+}
+
+static void point_add(element_t c, element_t a, element_t b) {
+ point_ptr p1 = DATA(a), p2 = DATA(b), p3 = DATA(c);
+ int inf1 = p1->isinf, inf2 = p2->isinf;
+ element_ptr x1 = p1->x, y1 = p1->y, x2 = p2->x, y2 = p2->y;
+ field_ptr f = FIELD(x1);
+ if (inf1) {
+ point_set(c, b);
+ return;
+ }
+ if (inf2) {
+ point_set(c, a);
+ return;
+ }
+ element_t v0, v1, v2, v3, v4, ny2;
+ element_init(v0, f);
+ element_init(v1, f);
+ element_init(v2, f);
+ element_init(v3, f);
+ element_init(v4, f);
+ element_init(ny2, f);
+ if (!element_cmp(x1, x2)) { // x1 == x2
+ element_neg(ny2, y2); // ny2 == -y2
+ if (!element_cmp(y1, ny2)) {
+ p3->isinf = 1;
+ goto end;
+ }
+ if (!element_cmp(y1, y2)) { // y1 == y2
+ element_invert(v0, y1); // v0 == y1^{-1}
+ element_mul(v1, v0, v0); // v1 == [y1^{-1}]^2
+ element_add(p3->x, v1, x1); // v1 == [y1^{-1}]^2 + x1
+ element_cubic(v2, v0); // v2 == [y1^{-1}]^3
+ element_add(v2, v2, y1); // v2 == [y1^{-1}]^3 + y1
+ element_neg(p3->y, v2); // p3 == -([y1^{-1}]^3 + y1)
+ p3->isinf = 0;
+ goto end;
+ }
+ }
+ // $P1 \ne \pm P2$
+ element_sub(v0, x2, x1); // v0 == x2-x1
+ element_invert(v1, v0); // v1 == (x2-x1)^{-1}
+ element_sub(v0, y2, y1); // v0 == y2-y1
+ element_mul(v2, v0, v1); // v2 == (y2-y1)/(x2-x1)
+ element_mul(v3, v2, v2); // v3 == [(y2-y1)/(x2-x1)]^2
+ element_cubic(v4, v2); // v4 == [(y2-y1)/(x2-x1)]^3
+ element_add(v0, x1, x2); // v0 == x1+x2
+ element_sub(v3, v3, v0); // v3 == [(y2-y1)/(x2-x1)]^2 - (x1+x2)
+ element_add(v0, y1, y2); // v0 == y1+y2
+ element_sub(v4, v0, v4); // v4 == (y1+y2) - [(y2-y1)/(x2-x1)]^3
+ p3->isinf = 0;
+ element_set(p3->x, v3);
+ element_set(p3->y, v4);
+ end: element_clear(v0);
+ element_clear(v1);
+ element_clear(v2);
+ element_clear(v3);
+ element_clear(v4);
+ element_clear(ny2);
+}
+
+static void point_invert(element_ptr e, element_ptr a) {
+ point_ptr r = DATA(e), p = DATA(a);
+ r->isinf = p->isinf;
+ if (!p->isinf) {
+ element_set(r->x, p->x);
+ element_neg(r->y, p->y);
+ }
+}
+
+static size_t point_out_str(FILE *stream, int base, element_ptr a) {
+ point_ptr p = DATA(a);
+ size_t size = 0;
+ if (p->isinf)
+ return fprintf(stream, "O");
+ else {
+ size += element_out_str(stream, base, p->x);
+ size += element_out_str(stream, base, p->y);
+ return size;
+ }
+}
+
+static void point_field_clear(field_ptr f) {
+ UNUSED_VAR(f);
+}
+
+void field_init_eta_T_3(field_t f, field_t base) {
+ field_init(f);
+ f->data = (void *) base;
+ f->init = point_init;
+ f->clear = point_clear;
+ f->random = point_random;
+ f->set = point_set;
+ f->cmp = point_cmp;
+ f->invert = f->neg = point_invert;
+ f->mul = f->add = point_add;
+ f->set1 = f->set0 = point_set0;
+ f->is1 = f->is0 = point_is0;
+ f->mul_mpz = f->pow_mpz;
+ f->out_str = point_out_str;
+ f->field_clear = point_field_clear;
+ f->name = "eta_T_3 point group";
+}
+
+/* computing of $(-t^2 +u*s -t*p -p^2)^3$
+ * The algorithm is by J.Beuchat et.al, in the paper of "Algorithms and Arithmetic Operators for Computing
+ * the $eta_T$ Pairing in Characteristic Three", algorithm 4 in the appendix */
+static void algorithm4a(element_t S, element_t t, element_t u) {
+ field_ptr f = FIELD(t);
+ element_t e1, c0, c1, m0, v0, v2;
+ element_init(e1, f);
+ element_init(c0, f);
+ element_init(c1, f);
+ element_init(m0, f);
+ element_init(v0, f);
+ element_init(v2, f);
+ element_set1(e1);
+ element_cubic(c0, t); // c0 == t^3
+ element_cubic(c1, u);
+ element_neg(c1, c1); // c1 == -u^3
+ element_mul(m0, c0, c0); // m0 == c0^2
+ element_neg(v0, m0); // v0 == -c0^2
+ element_sub(v0, v0, c0); // v0 == -c0^2 -c0
+ element_sub(v0, v0, e1); // v0 == -c0^2 -c0 -1
+ element_set1(v2);
+ element_sub(v2, v2, c0); // v2 == 1 -c0
+ // v1 == c1
+ // S == [[v0, v1], [v2, f3m.zero()], [f3m.two(), f3m.zero()]]
+ element_set(ITEM(S,0,0), v0);
+ element_set(ITEM(S,0,1), c1);
+ element_set(ITEM(S,1,0), v2);
+ element_set0(ITEM(S,1,1));
+ element_neg(ITEM(S,2,0), e1);
+ element_set0(ITEM(S,2,1));
+ element_clear(e1);
+ element_clear(c0);
+ element_clear(c1);
+ element_clear(m0);
+ element_clear(v0);
+ element_clear(v2);
+}
+
+static void algorithm5(element_t c, element_ptr xp, element_ptr yp,
+ element_ptr xq, element_ptr yq) {
+ params *p = PARAM(xp);
+ unsigned int re = p->m % 12;
+ field_ptr f = FIELD(xp) /*GF(3^m)*/, f6 = FIELD(c) /*GF(3^{6*m})*/;
+ element_t e1, xpp, ypp, xqq, yqq, t, nt, nt2, v1, v2, a1, a2, R, u, nu, S, S2;
+ element_init(e1, f);
+ element_init(xpp, f);
+ element_init(ypp, f);
+ element_init(xqq, f);
+ element_init(yqq, f);
+ element_init(t, f);
+ element_init(nt, f);
+ element_init(nt2, f);
+ element_init(v1, f);
+ element_init(v2, f);
+ element_init(a1, f6);
+ element_init(a2, f6);
+ element_init(R, f6);
+ element_init(u, f);
+ element_init(nu, f);
+ element_init(S, f6);
+ element_init(S2, f6);
+ element_set1(e1);
+ element_set(xpp, xp);
+ xp = xpp; // clone
+ element_add(xp, xp, e1); // xp == xp + b
+ element_set(ypp, yp);
+ yp = ypp; // clone
+ if (re == 1 || re == 11)
+ element_neg(yp, yp); // yp == -\mu*b*yp, \mu == 1 when re==1, or 11
+ element_set(xqq, xq);
+ xq = xqq; // clone
+ element_cubic(xq, xq); // xq == xq^3
+ element_set(yqq, yq);
+ yq = yqq; // clone
+ element_cubic(yq, yq); // yq == yq^3
+ element_add(t, xp, xq); // t == xp+xq
+ element_neg(nt, t); // nt == -t
+ element_mul(nt2, t, nt); // nt2 == -t^2
+ element_mul(v2, yp, yq); // v2 == yp*yq
+ element_mul(v1, yp, t); // v1 == yp*t
+ if (re == 7 || re == 11) { // \lambda == 1
+ element_t nyp, nyq;
+ element_init(nyp, f);
+ element_init(nyq, f);
+ element_neg(nyp, yp); // nyp == -yp
+ element_neg(nyq, yq); // nyq == -yq
+ element_set(ITEM(a1,0,0), v1);
+ element_set(ITEM(a1,0,1), nyq);
+ element_set(ITEM(a1,1,0), nyp);
+ element_clear(nyp);
+ element_clear(nyq);
+ } else { // \lambda == -1
+ element_neg(v1, v1); // v1 == -yp*t
+ element_set(ITEM(a1,0,0), v1);
+ element_set(ITEM(a1,0,1), yq);
+ element_set(ITEM(a1,1,0), yp);
+ }
+ // a2 == -t^2 +yp*yq*s -t*p -p^2
+ element_set(ITEM(a2,0,0), nt2);
+ element_set(ITEM(a2,0,1), v2);
+ element_set(ITEM(a2,1,0), nt);
+ element_neg(ITEM(a2,2,0), e1);
+ element_mul(R, a1, a2);
+ int i;
+ for (i = 0; i < (p->m - 1) / 4; i++) {
+ element_cubic(R, R);
+ element_cubic(R, R); // R <= R^9
+ element_cubic(xq, xq);
+ element_cubic(xq, xq);
+ element_sub(xq, xq, e1); // xq <= xq^9-b
+ element_cubic(yq, yq);
+ element_cubic(yq, yq); // yq <= yq^9
+ element_add(t, xp, xq); // t == xp+xq
+ element_mul(u, yp, yq); // u == yp*yq
+ element_neg(nu, u); // nu == -yp*yq
+ algorithm4a(S, t, nu); // S == (-t^2 -u*s -t*p -p^2)^3
+ element_cubic(xq, xq);
+ element_cubic(xq, xq);
+ element_sub(xq, xq, e1); // xq <= xq^9-b
+ element_cubic(yq, yq);
+ element_cubic(yq, yq); // yq <= yq^9
+ element_add(t, xp, xq); // t == xp+xq
+ element_mul(u, yp, yq); // u == yp*yq
+ element_neg(nt, t); // nt == -t
+ element_mul(nt2, t, nt); // nt2 == -t^2
+ // S2 = [[nt2, u], [nt, f3m.zero()], [f3m.two(), f3m.zero()]]
+ // S2 == -t^2 +u*s -t*p -p^2
+ element_set(ITEM(S2,0,0), nt2);
+ element_set(ITEM(S2,0,1), u);
+ element_set(ITEM(S2,1,0), nt);
+ element_set0(ITEM(S2,1,1));
+ element_neg(ITEM(S2,2,0), e1);
+ element_set0(ITEM(S2,2,1));
+ element_mul(S, S, S2);
+ element_mul(R, R, S);
+ }
+ element_set(c, R);
+ element_clear(e1);
+ element_clear(xpp);
+ element_clear(ypp);
+ element_clear(xqq);
+ element_clear(yqq);
+ element_clear(t);
+ element_clear(nt);
+ element_clear(nt2);
+ element_clear(v1);
+ element_clear(v2);
+ element_clear(a1);
+ element_clear(a2);
+ element_clear(R);
+ element_clear(u);
+ element_clear(nu);
+ element_clear(S);
+ element_clear(S2);
+}
+
+/* this is the algorithm 4 in the paper of J.Beuchat et.al, "Algorithms and Arithmetic Operators for Computing
+ * the $eta_T$ Pairing in Characteristic Three" */
+static void algorithm4(element_t c, element_ptr xp, element_ptr yp,
+ element_ptr xq, element_ptr yq) {
+ params *p = PARAM(xp);
+ unsigned int re = p->m % 12;
+ field_ptr f = FIELD(xp) /*GF(3^m)*/, f6 = FIELD(c) /*GF(3^{6*m})*/;
+ element_t e1, xpp, ypp, xqq, yqq, t, nt, nt2, v1, v2, a1, a2, R, u, S;
+ element_init(e1, f);
+ element_init(xpp, f);
+ element_init(ypp, f);
+ element_init(xqq, f);
+ element_init(yqq, f);
+ element_init(t, f);
+ element_init(nt, f);
+ element_init(nt2, f);
+ element_init(v1, f);
+ element_init(v2, f);
+ element_init(a1, f6);
+ element_init(a2, f6);
+ element_init(R, f6);
+ element_init(u, f);
+ element_init(S, f6);
+ element_set1(e1);
+ element_set(xpp, xp);
+ xp = xpp; // clone
+ element_add(xp, xp, e1); // xp == xp + b
+ element_set(ypp, yp);
+ yp = ypp; // clone
+ if (re == 1 || re == 11)
+ element_neg(yp, yp); // yp == -\mu*b*yp, \mu == 1 when re==1, or 11
+ element_set(xqq, xq);
+ xq = xqq; // clone
+ element_cubic(xq, xq); // xq == xq^3
+ element_set(yqq, yq);
+ yq = yqq; // clone
+ element_cubic(yq, yq); // yq == yq^3
+ element_add(t, xp, xq); // t == xp+xq
+ element_neg(nt, t); // nt == -t
+ element_mul(nt2, t, nt); // nt2 == -t^2
+ element_mul(v2, yp, yq); // v2 == yp*yq
+ element_mul(v1, yp, t); // v1 == yp*t
+ if (re == 7 || re == 11) { // \lambda == 1
+ element_t nyp, nyq;
+ element_init(nyp, f);
+ element_init(nyq, f);
+ element_neg(nyp, yp); // nyp == -yp
+ element_neg(nyq, yq); // nyq == -yq
+ element_set(ITEM(a1,0,0), v1);
+ element_set(ITEM(a1,0,1), nyq);
+ element_set(ITEM(a1,1,0), nyp);
+ element_clear(nyp);
+ element_clear(nyq);
+ } else { // \lambda == -1
+ element_neg(v1, v1); // v1 == -yp*t
+ element_set(ITEM(a1,0,0), v1);
+ element_set(ITEM(a1,0,1), yq);
+ element_set(ITEM(a1,1,0), yp);
+ }
+ // a2 == -t^2 +yp*yq*s -t*p -p^2
+ element_set(ITEM(a2,0,0), nt2);
+ element_set(ITEM(a2,0,1), v2);
+ element_set(ITEM(a2,1,0), nt);
+ element_neg(ITEM(a2,2,0), e1);
+ element_mul(R, a1, a2);
+ int i;
+ for (i = 0; i < (p->m - 1) / 2; i++) {
+ element_cubic(R, R);
+ element_cubic(xq, xq);
+ element_cubic(xq, xq);
+ element_sub(xq, xq, e1); // xq <= xq^9-b
+ element_cubic(yq, yq);
+ element_cubic(yq, yq);
+ element_neg(yq, yq); // yq <= -yq^9
+ element_add(t, xp, xq); // t == xp+xq
+ element_neg(nt, t); // nt == -t
+ element_mul(nt2, t, nt); // nt2 == -t^2
+ element_mul(u, yp, yq); // u == yp*yq
+ element_set0(S);
+ element_set(ITEM(S,0,0), nt2);
+ element_set(ITEM(S,0,1), u);
+ element_set(ITEM(S,1,0), nt);
+ element_neg(ITEM(S,2,0), e1);
+ element_mul(R, R, S);
+ }
+ element_set(c, R);
+ element_clear(e1);
+ element_clear(xpp);
+ element_clear(ypp);
+ element_clear(xqq);
+ element_clear(yqq);
+ element_clear(t);
+ element_clear(nt);
+ element_clear(nt2);
+ element_clear(v1);
+ element_clear(v2);
+ element_clear(a1);
+ element_clear(a2);
+ element_clear(R);
+ element_clear(u);
+ element_clear(S);
+}
+
+/* computation of $c <- U ^ {3^{3m} - 1}$
+ * This is the algorithm 6 in the paper above. */
+static void algorithm6(element_t c, element_t u) {
+ element_ptr u0 = ITEM(u,0,0), u1 = ITEM(u,0,1), u2 = ITEM(u,1,0), u3 =
+ ITEM(u,1,1), u4 = ITEM(u,2,0), u5 = ITEM(u,2,1);
+ field_ptr f = FIELD(u0); /*GF(3^m)*/
+ field_t f3; /*GF(3^{3*m})*/
+ field_init_gf33m(f3, f);
+ element_t v0, v1, m0, m1, m2, a0, a1, i;
+ element_init(v0, f3);
+ element_init(v1, f3);
+ element_init(m0, f3);
+ element_init(m1, f3);
+ element_init(m2, f3);
+ element_init(a0, f3);
+ element_init(a1, f3);
+ element_init(i, f3);
+ element_set(element_item(v0, 0), u0);
+ element_set(element_item(v0, 1), u2);
+ element_set(element_item(v0, 2), u4);
+ element_set(element_item(v1, 0), u1);
+ element_set(element_item(v1, 1), u3);
+ element_set(element_item(v1, 2), u5);
+ element_mul(m0, v0, v0);
+ element_mul(m1, v1, v1);
+ element_mul(m2, v0, v1);
+ element_sub(a0, m0, m1);
+ element_add(a1, m0, m1);
+ element_invert(i, a1);
+ element_mul(v0, a0, i);
+ element_mul(v1, m2, i);
+ element_set(ITEM(c,0,0), element_item(v0, 0));
+ element_set(ITEM(c,1,0), element_item(v0, 1));
+ element_set(ITEM(c,2,0), element_item(v0, 2));
+ element_set(ITEM(c,0,1), element_item(v1, 0));
+ element_set(ITEM(c,1,1), element_item(v1, 1));
+ element_set(ITEM(c,2,1), element_item(v1, 2));
+ element_clear(v0);
+ element_clear(v1);
+ element_clear(m0);
+ element_clear(m1);
+ element_clear(m2);
+ element_clear(a0);
+ element_clear(a1);
+ element_clear(i);
+ field_clear(f3);
+}
+
+/* computation of $c <- U ^ {3^m+1}$, $U \in T_2(F_{3^3M})$
+ * This is the algorithm 7 in the paper above. */
+static void algorithm7(element_t c, element_t u) {
+ element_ptr u0 = ITEM(u,0,0), u1 = ITEM(u,0,1), u2 = ITEM(u,1,0), u3 =
+ ITEM(u,1,1), u4 = ITEM(u,2,0), u5 = ITEM(u,2,1);
+ field_ptr f = FIELD(u0); /*GF(3^m)*/
+ params *p = PARAM(u0);
+ element_t a0, a1, a2, a3, a4, a5, a6, m0, m1, m2, m3, m4, m5, m6, m7, m8,
+ v0, v1, v2, v3, v4, v5, e1;
+ element_init(a0, f);
+ element_init(a1, f);
+ element_init(a2, f);
+ element_init(a3, f);
+ element_init(a4, f);
+ element_init(a5, f);
+ element_init(a6, f);
+ element_init(m0, f);
+ element_init(m1, f);
+ element_init(m2, f);
+ element_init(m3, f);
+ element_init(m4, f);
+ element_init(m5, f);
+ element_init(m6, f);
+ element_init(m7, f);
+ element_init(m8, f);
+ element_init(v0, f);
+ element_init(v1, f);
+ element_init(v2, f);
+ element_init(v3, f);
+ element_init(v4, f);
+ element_init(v5, f);
+ element_init(e1, f);
+ element_set1(e1);
+ element_add(a0, u0, u1);
+ element_add(a1, u2, u3);
+ element_sub(a2, u4, u5);
+ element_mul(m0, u0, u4);
+ element_mul(m1, u1, u5);
+ element_mul(m2, u2, u4);
+ element_mul(m3, u3, u5);
+ element_mul(m4, a0, a2);
+ element_mul(m5, u1, u2);
+ element_mul(m6, u0, u3);
+ element_mul(m7, a0, a1);
+ element_mul(m8, a1, a2);
+ element_add(a3, m5, m6);
+ element_sub(a3, a3, m7);
+ element_neg(a4, m2);
+ element_sub(a4, a4, m3);
+ element_sub(a5, m3, m2);
+ element_sub(a6, m1, m0);
+ element_add(a6, a6, m4);
+ if (p->m % 6 == 1) {
+ element_add(v0, m0, m1);
+ element_add(v0, v0, a4);
+ element_add(v0, e1, v0);
+ element_sub(v1, m5, m6);
+ element_add(v1, v1, a6);
+ element_sub(v2, a4, a3);
+ element_add(v3, m8, a5);
+ element_sub(v3, v3, a6);
+ element_add(v4, a3, a4);
+ element_neg(v4, v4);
+ element_add(v5, m8, a5);
+ } else { // p->m % 6 == 5
+ element_add(v0, m0, m1);
+ element_sub(v0, v0, a4);
+ element_add(v0, e1, v0);
+ element_sub(v1, m6, m5);
+ element_add(v1, v1, a6);
+ element_set(v2, a3);
+ element_add(v3, m8, a5);
+ element_add(v3, v3, a6);
+ element_add(v4, a3, a4);
+ element_neg(v4, v4);
+ element_add(v5, m8, a5);
+ element_neg(v5, v5);
+ }
+ element_set(ITEM(c,0,0), v0);
+ element_set(ITEM(c,0,1), v1);
+ element_set(ITEM(c,1,0), v2);
+ element_set(ITEM(c,1,1), v3);
+ element_set(ITEM(c,2,0), v4);
+ element_set(ITEM(c,2,1), v5);
+ element_clear(a0);
+ element_clear(a1);
+ element_clear(a2);
+ element_clear(a3);
+ element_clear(a4);
+ element_clear(a5);
+ element_clear(a6);
+ element_clear(m0);
+ element_clear(m1);
+ element_clear(m2);
+ element_clear(m3);
+ element_clear(m4);
+ element_clear(m5);
+ element_clear(m6);
+ element_clear(m7);
+ element_clear(m8);
+ element_clear(v0);
+ element_clear(v1);
+ element_clear(v2);
+ element_clear(v3);
+ element_clear(v4);
+ element_clear(v5);
+ element_clear(e1);
+}
+
+/* computing $c <- U^M, M=(3^{3m}-1)*(3^m+1)*(3^m+1-\mu*b*3^{(m+1)//2})$
+ * This is the algorithm 8 in the paper above. */
+static void algorithm8(element_t c, element_t u) {
+ field_ptr f6 = FIELD(u), f = FIELD(ITEM(u,0,0));
+ params *p = (params *) f->data;
+ element_t v, w;
+ element_init(v, f6);
+ element_init(w, f6);
+ algorithm6(v, u);
+ algorithm7(v, v);
+ element_set(w, v);
+ int i;
+ for (i = 0; i < (p->m + 1) / 2; i++)
+ element_cubic(w, w);
+ algorithm7(v, v);
+ if (p->m % 12 == 1 || p->m % 12 == 11) { // w <= w^{-\mu*b}
+ element_ptr e;
+ e = ITEM(w,0,1);
+ element_neg(e, e);
+ e = ITEM(w,1,1);
+ element_neg(e, e);
+ e = ITEM(w,2,1);
+ element_neg(e, e);
+ }
+ element_mul(c, v, w);
+ element_clear(v);
+ element_clear(w);
+}
+
+/* computing the Eta_T bilinear pairing $c <- Eta_T pairing(P,R)$ */
+static void eta_T_pairing(element_ptr c, element_ptr P, element_ptr R, struct pairing_s *p) {
+ UNUSED_VAR(p);
+ if (DATA(P)->isinf || DATA(R)->isinf)
+ element_set1(c);
+ else {
+ element_ptr x1 = DATA(P)->x, y1 = DATA(P)->y, x2 = DATA(R)->x, y2 =
+ DATA(R)->y;
+ if((PARAM(x1)->m - 1) / 2 % 2 == 0)
+ algorithm5(c, x1, y1, x2, y2);
+ else
+ algorithm4(c, x1, y1, x2, y2);
+ algorithm8(c, c);
+ }
+}
+
+static void eta_T_3_clear(params *p) {
+ mpz_clear(p->n);
+ mpz_clear(p->n2);
+ pbc_free(p);
+}
+
+static void GT_random(element_ptr e) {
+ element_t a, b;
+ element_init(a, e->field->pairing->G1);
+ element_init(b, e->field->pairing->G1);
+ element_random(a);
+ element_random(b);
+ element_pairing(e, a, b);
+ element_clear(a);
+ element_clear(b);
+}
+
+static void eta_T_3_pairing_clear(pairing_t pairing) {
+ mpz_clear(pairing->r);
+ field_clear(pairing->Zr);
+ field_clear(pairing->GT);
+ field_clear(pairing->G1);
+ pbc_free(pairing->G1);
+ pairing_data_ptr dp = pairing->data;
+ field_clear(dp->gf3m);
+ field_clear(dp->gf32m);
+ field_clear(dp->gf36m);
+ mpz_clear(dp->n2);
+ pbc_free(dp);
+}
+
+static void eta_T_3_init_pairing(pairing_t pairing, params *p) {
+ mpz_init(pairing->r);
+ mpz_set(pairing->r, p->n);
+ field_init_fp(pairing->Zr, pairing->r);
+
+ pairing_data_ptr dp = pbc_malloc(sizeof(*dp));
+ mpz_init(dp->n2);
+ mpz_set(dp->n2, p->n2);
+ field_init_gf3m(dp->gf3m, p->m, p->t);
+ field_init_gf32m(dp->gf32m, dp->gf3m);
+ field_init_gf33m(dp->gf36m, dp->gf32m);
+ pairing_GT_init(pairing, dp->gf36m);
+ pairing->GT->name = "eta_T_3 group of roots of 1";
+ pairing->GT->random = GT_random;
+ pairing->G2 = pairing->G1 = pbc_malloc(sizeof(field_t));
+ field_init_eta_T_3(pairing->G1, dp->gf3m);
+ pairing->G1->pairing = pairing;
+ mpz_set(pairing->G1->order, p->n);
+ mpz_set(pairing->GT->order, p->n);
+ pairing->map = eta_T_pairing;
+ pairing->data = dp;
+ pairing->clear_func = eta_T_3_pairing_clear;
+}
+
+static void eta_T_3_out_str(FILE *stream, params *p) {
+ param_out_type(stream, "i");
+ param_out_int(stream, "m", p->m);
+ param_out_int(stream, "t", p->t);
+ param_out_mpz(stream, "n", p->n);
+ param_out_mpz(stream, "n2", p->n2);
+}
+
+static void param_init(pbc_param_ptr p) {
+ static pbc_param_interface_t interface = {{
+ (void (*)(void *))eta_T_3_clear,
+ (void (*)(pairing_t, void *))eta_T_3_init_pairing,
+ (void (*)(FILE *, void *))eta_T_3_out_str,
+ }};
+ p->api = interface;
+ params *param = p->data = pbc_malloc(sizeof(*param));
+ mpz_init(param->n);
+ mpz_init(param->n2);
+}
+
+int pbc_param_init_i(pbc_param_ptr p, struct symtab_s *tab) {
+ param_init(p);
+ params *param = p->data;
+ int err = 0;
+ err += lookup_int(&param->m, tab, "m");
+ err += lookup_int(&param->t, tab, "t");
+ err += lookup_mpz(param->n, tab, "n");
+ err += lookup_mpz(param->n2, tab, "n2");
+ return err;
+}
+
+void pbc_param_init_i_gen(pbc_param_ptr par, int group_size) {
+ param_init(par);
+ params *p = par->data;
+ if (group_size <= 150) {
+ p->m = 97;
+ p->t = 12;
+ mpz_set_str(p->n, "2726865189058261010774960798134976187171462721", 10);
+ mpz_set_str(p->n2, "7", 10);
+ } else if (group_size <= 206) {
+ p->m = 199;
+ p->t = 164;
+ mpz_set_str(p->n, "167725321489096000055336949742738378351010268990525380470313869", 10);
+ mpz_set_str(p->n2, "527874953560391326545598291952743", 10);
+ } else if (group_size <= 259) {
+ p->m = 235;
+ p->t = 26;
+ mpz_set_str(p->n, "1124316700897695330265827797088699345032488681307846555184025129863722718180241", 10);
+ mpz_set_str(p->n2, "11819693021332914275777073321995059", 10);
+ } else if (group_size <= 316) {
+ p->m = 385;
+ p->t = 22;
+ mpz_set_str(p->n, "140884762419712839999909157778648717913595360839856026704744558309545986970238264714753014287541", 10);
+ mpz_set_str(p->n2, "34899486997246711147841377458771182755186809219564106252058066150110543296498189654810187", 10);
+ } else if (group_size <= 376) {
+ p->m = 337;
+ p->t = 30;
+ mpz_set_str(p->n, "250796519030408069744426774377542635685621984993105288007781750196791322190409525696108840742205849171229571431053", 10);
+ mpz_set_str(p->n2, "245777055088325363697128811262733732423405120899", 10);
+ } else if (group_size <= 430) {
+ p->m = 373;
+ p->t = 198;
+ mpz_set_str(p->n, "2840685307599487500956683789051368080919805957805957356540760731597378326586402072132959867084691357708217739285576524329854284197", 10);
+ mpz_set_str(p->n2, "3256903458766749542151641063558247849550904613763", 10);
+ } else if (group_size <= 484) {
+ p->m = 395;
+ p->t = 338;
+ mpz_set_str(p->n, "80172097064154181257340545445945701478615643539554910656655431171167598268341527430200810544156625333601812351266052856520678455274751591367269291", 10);
+ mpz_set_str(p->n2, "3621365590261279902324876775553649595261567", 10);
+ } else if (group_size <= 552) {
+ p->m = 433;
+ p->t = 120;
+ mpz_set_str(p->n, "15699907553631673835088720676147779193076555382157913339177784853763686462870506492752576492212322736133645158157557950634628006965882177348385366381692092784577773463", 10);
+ mpz_set_str(p->n2, "24980791723059119877470531054938874784049", 10);
+ } else if (group_size <= 644) {
+ p->m = 467;
+ p->t = 48;
+ mpz_set_str(p->n, "108220469499363631995525712756135494735252733492048868417164002000654321383482753640072319529019505742300964525569770933946381504691909098938045089999753901375631613294579329433690943459352138231", 10);
+ mpz_set_str(p->n2, "60438898450096967424971813347", 10);
+ } else if (group_size <= 696) {
+ p->m = 503;
+ p->t = 104;
+ mpz_set_str(p->n, "545523657676112447260904563578912738373307867219686215849632469801471112426878939776725222290437653718473962733760874627315930933126581248465899651120481066111839081575164964589811985885719017214938514563804313", 10);
+ mpz_set_str(p->n2, "1799606423432800810122901025413", 10);
+ } else if (group_size <= 803) {
+ p->m = 509;
+ p->t = 358;
+ mpz_set_str(p->n, "102239946202586852409809887418093021457150612495255706614733003327526279081563687830782748305746187060264985869283524441819589592750998086186315250781067131293823177124077445718802216415539934838376431091001197641295264650596195201747790167311", 10);
+ mpz_set_str(p->n2, "7", 10);
+ } else if (group_size <= 892) {
+ p->m = 617;
+ p->t = 88;
+ mpz_set_str(p->n, "57591959284219511220590893724691916802833742568034971006633345422620650391172287893878655658086794200963521584019889327992536532560877385225451713282279597074750857647455565899702728629166541223955196002755787520206774906606158388947359746178875040401304783332742806641", 10);
+ mpz_set_str(p->n2, "42019638181715250622338241", 10);
+ } else
+ pbc_die("unsupported group size");
+}
+
diff --git a/moon-abe/pbc-0.5.14/ecc/f_param.c b/moon-abe/pbc-0.5.14/ecc/f_param.c
new file mode 100644
index 00000000..2477ace1
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/ecc/f_param.c
@@ -0,0 +1,599 @@
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h>
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_fp.h"
+#include "pbc_fieldquadratic.h"
+#include "pbc_param.h"
+#include "pbc_pairing.h"
+#include "pbc_poly.h"
+#include "pbc_curve.h"
+#include "pbc_memory.h"
+#include "pbc_f_param.h"
+#include "ecc/param.h"
+
+struct f_param_s {
+ mpz_t q; // Curve defined over F_q.
+ mpz_t r; // The order of the curve.
+ mpz_t b; // E: y^2 = x^3 + b
+ mpz_t beta; //beta is a quadratic nonresidue in Fq
+ //we use F_q^2 = F_q[sqrt(beta)]
+ mpz_t alpha0, alpha1;
+ //the polynomial x^6 + alpha0 + alpha1 sqrt(beta)
+ //is irreducible over F_q^2[x], so
+ //we can extend F_q^2 to F_q^12 using the
+ //sixth root of -(alpha0 + alpha1 sqrt(beta))
+};
+typedef struct f_param_s f_param_t[1];
+typedef struct f_param_s *f_param_ptr;
+
+// TODO: we never use phikonr so don't bother computing it,
+// but one day other routines might need it
+struct f_pairing_data_s {
+ field_t Fq, Fq2, Fq2x, Fq12;
+ field_t Eq, Etwist;
+ element_t negalpha;
+ element_t negalphainv;
+ mpz_t tateexp;
+
+ //for tate exponentiation speedup:
+ //x^{q^k} for various k
+ element_t xpowq2, xpowq6, xpowq8;
+};
+typedef struct f_pairing_data_s f_pairing_data_t[1];
+typedef struct f_pairing_data_s *f_pairing_data_ptr;
+
+static void f_clear(void *data) {
+ f_param_ptr fp = data;
+ mpz_clear(fp->q);
+ mpz_clear(fp->r);
+ mpz_clear(fp->b);
+ mpz_clear(fp->beta);
+ mpz_clear(fp->alpha0);
+ mpz_clear(fp->alpha1);
+ pbc_free(data);
+}
+
+static void f_out_str(FILE *stream, void *data) {
+ f_param_ptr p = data;
+ param_out_type(stream, "f");
+ param_out_mpz(stream, "q", p->q);
+ param_out_mpz(stream, "r", p->r);
+ param_out_mpz(stream, "b", p->b);
+ param_out_mpz(stream, "beta", p->beta);
+ param_out_mpz(stream, "alpha0", p->alpha0);
+ param_out_mpz(stream, "alpha1", p->alpha1);
+}
+
+static void tryminusx(mpz_ptr q, mpz_ptr x) {
+ //36x4 - 36x3 + 24x2 - 6x + 1
+ //= ((36(x - 1)x + 24)x - 6)x + 1
+ mpz_sub_ui(q, x, 1);
+ mpz_mul(q, q, x);
+ mpz_mul_ui(q, q, 36);
+ mpz_add_ui(q, q, 24);
+ mpz_mul(q, q, x);
+ mpz_sub_ui(q, q, 6);
+ mpz_mul(q, q, x);
+ mpz_add_ui(q, q, 1);
+}
+
+static void tryplusx(mpz_ptr q, mpz_ptr x) {
+ //36x4 + 36x3 + 24x2 + 6x + 1
+ //= ((36(x + 1)x + 24)x + 6)x + 1
+ mpz_add_ui(q, x, 1);
+ mpz_mul(q, q, x);
+ mpz_mul_ui(q, q, 36);
+ mpz_add_ui(q, q, 24);
+ mpz_mul(q, q, x);
+ mpz_add_ui(q, q, 6);
+ mpz_mul(q, q, x);
+ mpz_add_ui(q, q, 1);
+}
+
+static void cc_miller_no_denom(element_t res, mpz_t q, element_t P,
+ element_ptr Qx, element_ptr Qy, element_t negalpha) {
+ int m;
+ element_t v;
+ element_t Z;
+ element_t a, b, c;
+ element_t t0;
+ element_t e0, e1;
+ element_ptr Zx, Zy;
+ const element_ptr Px = curve_x_coord(P);
+ const element_ptr Py = curve_y_coord(P);
+
+ #define do_term(i, j, k, flag) { \
+ element_ptr e2; \
+ e2 = element_item(e0, i); \
+ element_mul(e1, element_item(v, j), Qx); \
+ if (flag == 1) element_mul(e1, e1, negalpha); \
+ element_mul(element_x(e1), element_x(e1), a); \
+ element_mul(element_y(e1), element_y(e1), a); \
+ element_mul(e2, element_item(v, k), Qy); \
+ element_mul(element_x(e2), element_x(e2), b); \
+ element_mul(element_y(e2), element_y(e2), b); \
+ element_add(e2, e2, e1); \
+ if (flag == 2) element_mul(e2, e2, negalpha); \
+ element_mul(element_x(e1), element_x(element_item(v, i)), c); \
+ element_mul(element_y(e1), element_y(element_item(v, i)), c); \
+ element_add(e2, e2, e1); \
+ }
+
+ // a, b, c lie in Fq
+ // Qx, Qy lie in Fq^2
+ // Qx is coefficient of x^4
+ // Qy is coefficient of x^3
+ //
+ // computes v *= (a Qx x^4 + b Qy x^3 + c)
+ //
+ // recall x^6 = -alpha thus
+ // x^4 (u0 + u1 x^1 + ... + u5 x^5) =
+ // u0 x^4 + u1 x^5
+ // - alpha u2 - alpha u3 x - alpha u4 x^2 - alpha u5 x^3
+ // and
+ // x^4 (u0 + u1 x^1 + ... + u5 x^5) =
+ // u0 x^3 + u1 x^4 + u2 x^5
+ // - alpha u3 - alpha u4 x - alpha u5 x^2
+ #define f_miller_evalfn() { \
+ do_term(0, 2, 3, 2); \
+ do_term(1, 3, 4, 2); \
+ do_term(2, 4, 5, 2); \
+ do_term(3, 5, 0, 1); \
+ do_term(4, 0, 1, 0); \
+ do_term(5, 1, 2, 0); \
+ element_set(v, e0); \
+ }
+ /*
+ element_ptr e1;
+
+ e1 = element_item(e0, 4);
+
+ element_mul(element_x(e1), element_x(Qx), a);
+ element_mul(element_y(e1), element_y(Qx), a);
+
+ e1 = element_item(e0, 3);
+
+ element_mul(element_x(e1), element_x(Qy), b);
+ element_mul(element_y(e1), element_y(Qy), b);
+
+ element_set(element_x(element_item(e0, 0)), c);
+
+ element_mul(v, v, e0);
+ */
+
+ //a = -3 Zx^2 since cc->a is 0 for D = 3
+ //b = 2 * Zy
+ //c = -(2 Zy^2 + a Zx);
+ #define do_tangent() { \
+ element_square(a, Zx); \
+ element_mul_si(a, a, 3); \
+ element_neg(a, a); \
+ \
+ element_add(b, Zy, Zy); \
+ \
+ element_mul(t0, b, Zy); \
+ element_mul(c, a, Zx); \
+ element_add(c, c, t0); \
+ element_neg(c, c); \
+ \
+ f_miller_evalfn(); \
+ }
+
+ //a = -(B.y - A.y) / (B.x - A.x);
+ //b = 1;
+ //c = -(A.y + a * A.x);
+ //but we'll multiply by B.x - A.x to avoid division
+ #define do_line() { \
+ element_sub(b, Px, Zx); \
+ element_sub(a, Zy, Py); \
+ element_mul(t0, b, Zy); \
+ element_mul(c, a, Zx); \
+ element_add(c, c, t0); \
+ element_neg(c, c); \
+ \
+ f_miller_evalfn(); \
+ }
+
+ element_init(a, Px->field);
+ element_init(b, a->field);
+ element_init(c, a->field);
+ element_init(t0, a->field);
+ element_init(e0, res->field);
+ element_init(e1, Qx->field);
+
+ element_init(v, res->field);
+ element_init(Z, P->field);
+
+ element_set(Z, P);
+ Zx = curve_x_coord(Z);
+ Zy = curve_y_coord(Z);
+
+ element_set1(v);
+ m = mpz_sizeinbase(q, 2) - 2;
+
+ //TODO: sliding NAF
+ for(;;) {
+ do_tangent();
+
+ if (!m) break;
+
+ element_double(Z, Z);
+ if (mpz_tstbit(q, m)) {
+ do_line();
+ element_add(Z, Z, P);
+ }
+ m--;
+ element_square(v, v);
+ }
+
+ element_set(res, v);
+
+ element_clear(v);
+ element_clear(Z);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(t0);
+ element_clear(e0);
+ element_clear(e1);
+ #undef do_term
+ #undef f_miller_evalfn
+ #undef do_tangent
+ #undef do_line
+}
+
+static void f_tateexp(element_t out) {
+ element_t x, y, epow;
+ f_pairing_data_ptr p = out->field->pairing->data;
+ element_init(x, p->Fq12);
+ element_init(y, p->Fq12);
+ element_init(epow, p->Fq2);
+
+ #define qpower(e1, e) { \
+ element_set(element_item(e1, 0), element_item(out, 0)); \
+ element_mul(element_item(e1, 1), element_item(out, 1), e); \
+ element_square(epow, e); \
+ element_mul(element_item(e1, 2), element_item(out, 2), epow); \
+ element_mul(epow, epow, e); \
+ element_mul(element_item(e1, 3), element_item(out, 3), epow); \
+ element_mul(epow, epow, e); \
+ element_mul(element_item(e1, 4), element_item(out, 4), epow); \
+ element_mul(epow, epow, e); \
+ element_mul(element_item(e1, 5), element_item(out, 5), epow); \
+ }
+
+ qpower(y, p->xpowq8);
+ qpower(x, p->xpowq6);
+ element_mul(y, y, x);
+ qpower(x, p->xpowq2);
+ element_mul(x, x, out);
+ element_invert(x, x);
+ element_mul(out, y, x);
+
+ element_clear(epow);
+ element_clear(x);
+ element_clear(y);
+ element_pow_mpz(out, out, p->tateexp);
+ #undef qpower
+}
+
+static void f_finalpow(element_t out) {
+ f_tateexp(out->data);
+}
+
+static void f_pairing(element_ptr out, element_ptr in1, element_ptr in2,
+ pairing_t pairing) {
+ element_ptr Qbase = in2;
+ element_t x, y;
+ f_pairing_data_ptr p = pairing->data;
+
+ element_init(x, p->Fq2);
+ element_init(y, p->Fq2);
+ //map from twist: (x, y) --> (v^-2 x, v^-3 y)
+ //where v is the sixth root used to construct the twist
+ //i.e. v^6 = -alpha
+ //thus v^-2 = -alpha^-1 v^4
+ //and v^-3 = -alpha^-1 v^3
+ element_mul(x, curve_x_coord(Qbase), p->negalphainv);
+ element_mul(y, curve_y_coord(Qbase), p->negalphainv);
+
+ cc_miller_no_denom(out, pairing->r, in1, x, y, p->negalpha);
+
+ element_clear(x);
+ element_clear(y);
+
+ f_tateexp(out);
+}
+
+static void f_pairing_clear(pairing_t pairing) {
+ field_clear(pairing->GT);
+ f_pairing_data_ptr p = pairing->data;
+ element_clear(p->negalpha);
+ element_clear(p->negalphainv);
+ mpz_clear(p->tateexp);
+ element_clear(p->xpowq2);
+ element_clear(p->xpowq6);
+ element_clear(p->xpowq8);
+ field_clear(p->Etwist);
+ field_clear(p->Eq);
+
+ field_clear(p->Fq12);
+ field_clear(p->Fq2x);
+ field_clear(p->Fq2);
+ field_clear(p->Fq);
+ pbc_free(p);
+
+ mpz_clear(pairing->r);
+ field_clear(pairing->Zr);
+}
+
+static void f_init_pairing(pairing_t pairing, void *data) {
+ f_param_ptr param = data;
+ f_pairing_data_ptr p;
+ element_t irred;
+ element_t e0, e1, e2;
+ p = pairing->data = pbc_malloc(sizeof(f_pairing_data_t));
+ mpz_init(pairing->r);
+ mpz_set(pairing->r, param->r);
+ field_init_fp(pairing->Zr, pairing->r);
+ field_init_fp(p->Fq, param->q);
+ p->Fq->nqr = pbc_malloc(sizeof(element_t));
+ element_init(p->Fq->nqr, p->Fq);
+ element_set_mpz(p->Fq->nqr, param->beta);
+ field_init_quadratic(p->Fq2, p->Fq);
+ field_init_poly(p->Fq2x, p->Fq2);
+ element_init(irred, p->Fq2x);
+ // Call poly_set_coeff1() first so we can use element_item() for the other
+ // coefficients.
+ poly_set_coeff1(irred, 6);
+
+ element_init(p->negalpha, p->Fq2);
+ element_init(p->negalphainv, p->Fq2);
+ element_set_mpz(element_x(p->negalpha), param->alpha0);
+ element_set_mpz(element_y(p->negalpha), param->alpha1);
+
+ element_set(element_item(irred, 0), p->negalpha);
+ field_init_polymod(p->Fq12, irred);
+ element_neg(p->negalpha, p->negalpha);
+ element_invert(p->negalphainv, p->negalpha);
+ element_clear(irred);
+
+ element_init(e0, p->Fq);
+ element_init(e1, p->Fq);
+ element_init(e2, p->Fq2);
+
+ // Initialize the curve Y^2 = X^3 + b.
+ element_set_mpz(e1, param->b);
+ field_init_curve_ab(p->Eq, e0, e1, pairing->r, NULL);
+
+ // Initialize the curve Y^2 = X^3 - alpha0 b - alpha1 sqrt(beta) b.
+ element_set_mpz(e0, param->alpha0);
+ element_neg(e0, e0);
+ element_mul(element_x(e2), e0, e1);
+ element_set_mpz(e0, param->alpha1);
+ element_neg(e0, e0);
+ element_mul(element_y(e2), e0, e1);
+ element_clear(e0);
+ element_init(e0, p->Fq2);
+ field_init_curve_ab(p->Etwist, e0, e2, pairing->r, NULL);
+ element_clear(e0);
+ element_clear(e1);
+ element_clear(e2);
+
+ mpz_t ndonr;
+ mpz_init(ndonr);
+ // ndonr temporarily holds the trace.
+ mpz_sub(ndonr, param->q, param->r);
+ mpz_add_ui(ndonr, ndonr, 1);
+ // TODO: We can use a smaller quotient_cmp, but I have to figure out
+ // BN curves again.
+ pbc_mpz_curve_order_extn(ndonr, param->q, ndonr, 12);
+ mpz_divexact(ndonr, ndonr, param->r);
+ mpz_divexact(ndonr, ndonr, param->r);
+ field_curve_set_quotient_cmp(p->Etwist, ndonr);
+ mpz_clear(ndonr);
+
+ pairing->G1 = p->Eq;
+ pairing->G2 = p->Etwist;
+ pairing_GT_init(pairing, p->Fq12);
+ pairing->finalpow = f_finalpow;
+ pairing->map = f_pairing;
+ pairing->clear_func = f_pairing_clear;
+
+ mpz_init(p->tateexp);
+ /* unoptimized tate exponent
+ mpz_pow_ui(p->tateexp, param->q, 12);
+ mpz_sub_ui(p->tateexp, p->tateexp, 1);
+ mpz_divexact(p->tateexp, p->tateexp, param->r);
+ */
+ mpz_ptr z = p->tateexp;
+ mpz_mul(z, param->q, param->q);
+ mpz_sub_ui(z, z, 1);
+ mpz_mul(z, z, param->q);
+ mpz_mul(z, z, param->q);
+ mpz_add_ui(z, z, 1);
+ mpz_divexact(z, z, param->r);
+
+ element_init(p->xpowq2, p->Fq2);
+ element_init(p->xpowq6, p->Fq2);
+ element_init(p->xpowq8, p->Fq2);
+ element_t xpowq;
+ element_init(xpowq, p->Fq12);
+
+ //there are smarter ways since we know q = 1 mod 6
+ //and that x^6 = -alpha
+ //but this is fast enough
+ element_set1(element_item(xpowq, 1));
+ element_pow_mpz(xpowq, xpowq, param->q);
+ element_pow_mpz(xpowq, xpowq, param->q);
+ element_set(p->xpowq2, element_item(xpowq, 1));
+
+ element_pow_mpz(xpowq, xpowq, param->q);
+ element_pow_mpz(xpowq, xpowq, param->q);
+ element_pow_mpz(xpowq, xpowq, param->q);
+ element_pow_mpz(xpowq, xpowq, param->q);
+ element_set(p->xpowq6, element_item(xpowq, 1));
+
+ element_pow_mpz(xpowq, xpowq, param->q);
+ element_pow_mpz(xpowq, xpowq, param->q);
+ element_set(p->xpowq8, element_item(xpowq, 1));
+
+ element_clear(xpowq);
+}
+
+static void f_init(pbc_param_ptr p) {
+ static pbc_param_interface_t interface = {{
+ f_clear,
+ f_init_pairing,
+ f_out_str,
+ }};
+ p->api = interface;
+ f_param_ptr fp = p->data = pbc_malloc(sizeof(*fp));
+ mpz_init(fp->q);
+ mpz_init(fp->r);
+ mpz_init(fp->b);
+ mpz_init(fp->beta);
+ mpz_init(fp->alpha0);
+ mpz_init(fp->alpha1);
+}
+
+// Public interface:
+
+int pbc_param_init_f(pbc_param_ptr par, struct symtab_s *tab) {
+ f_init(par);
+ f_param_ptr p = par->data;
+
+ int err = 0;
+ err += lookup_mpz(p->q, tab, "q");
+ err += lookup_mpz(p->r, tab, "r");
+ err += lookup_mpz(p->b, tab, "b");
+ err += lookup_mpz(p->beta, tab, "beta");
+ err += lookup_mpz(p->alpha0, tab, "alpha0");
+ err += lookup_mpz(p->alpha1, tab, "alpha1");
+ return err;
+}
+
+void pbc_param_init_f_gen(pbc_param_t p, int bits) {
+ f_init(p);
+ f_param_ptr fp = p->data;
+ //36 is a 6-bit number
+ int xbit = (bits - 6) / 4;
+ //TODO: use binary search to find smallest appropriate x
+ mpz_t x, t;
+ mpz_ptr q = fp->q;
+ mpz_ptr r = fp->r;
+ mpz_ptr b = fp->b;
+ field_t Fq, Fq2, Fq2x;
+ element_t e1;
+ element_t f;
+ field_t c;
+ element_t P;
+
+ mpz_init(x);
+ mpz_init(t);
+ mpz_setbit(x, xbit);
+ for (;;) {
+ mpz_mul(t, x, x);
+ mpz_mul_ui(t, t, 6);
+ mpz_add_ui(t, t, 1);
+ tryminusx(q, x);
+ mpz_sub(r, q, t);
+ mpz_add_ui(r, r, 1);
+ if (mpz_probab_prime_p(q, 10) && mpz_probab_prime_p(r, 10)) break;
+
+ tryplusx(q, x);
+ mpz_sub(r, q, t);
+ mpz_add_ui(r, r, 1);
+ if (mpz_probab_prime_p(q, 10) && mpz_probab_prime_p(r, 10)) break;
+
+ mpz_add_ui(x, x, 1);
+ }
+
+ field_init_fp(Fq, q);
+ element_init(e1, Fq);
+
+ for (;;) {
+ element_random(e1);
+ field_init_curve_b(c, e1, r, NULL);
+ element_init(P, c);
+
+ element_random(P);
+
+ element_mul_mpz(P, P, r);
+ if (element_is0(P)) break;
+ element_clear(P);
+ field_clear(c);
+ }
+ element_to_mpz(b, e1);
+ element_clear(e1);
+ field_init_quadratic(Fq2, Fq);
+ element_to_mpz(fp->beta, field_get_nqr(Fq));
+ field_init_poly(Fq2x, Fq2);
+ element_init(f, Fq2x);
+
+ // Find an irreducible polynomial of the form f = x^6 + alpha.
+ // Call poly_set_coeff1() first so we can use element_item() for the other
+ // coefficients.
+ poly_set_coeff1(f, 6);
+ for (;;) {
+ element_random(element_item(f, 0));
+ if (poly_is_irred(f)) break;
+ }
+
+ //extend F_q^2 using f = x^6 + alpha
+ //see if sextic twist contains a subgroup of order r
+ //if not, it's the wrong twist: replace alpha with alpha^5
+ {
+ field_t ctest;
+ element_t Ptest;
+ mpz_t z0, z1;
+ mpz_init(z0);
+ mpz_init(z1);
+ element_init(e1, Fq2);
+ element_set_mpz(e1, fp->b);
+ element_mul(e1, e1, element_item(f, 0));
+ element_neg(e1, e1);
+
+ field_init_curve_b(ctest, e1, r, NULL);
+ element_init(Ptest, ctest);
+ element_random(Ptest);
+
+ //I'm not sure what the #E'(F_q^2) is, but
+ //it definitely divides n_12 = #E(F_q^12). It contains a
+ //subgroup of order r if and only if
+ //(n_12 / r^2)P != O for some (in fact most) P in E'(F_q^6)
+ mpz_pow_ui(z0, q, 12);
+ mpz_add_ui(z0, z0, 1);
+ pbc_mpz_trace_n(z1, q, t, 12);
+ mpz_sub(z1, z0, z1);
+ mpz_mul(z0, r, r);
+ mpz_divexact(z1, z1, z0);
+
+ element_mul_mpz(Ptest, Ptest, z1);
+ if (element_is0(Ptest)) {
+ mpz_set_ui(z0, 5);
+ element_pow_mpz(element_item(f, 0), element_item(f, 0), z0);
+ }
+ element_clear(e1);
+ element_clear(Ptest);
+ field_clear(ctest);
+ mpz_clear(z0);
+ mpz_clear(z1);
+ }
+
+ element_to_mpz(fp->alpha0, element_x(element_item(f, 0)));
+ element_to_mpz(fp->alpha1, element_y(element_item(f, 0)));
+
+ element_clear(f);
+
+ field_clear(Fq2x);
+ field_clear(Fq2);
+ field_clear(Fq);
+
+ mpz_clear(t);
+ mpz_clear(x);
+}
diff --git a/moon-abe/pbc-0.5.14/ecc/g_param.c b/moon-abe/pbc-0.5.14/ecc/g_param.c
new file mode 100644
index 00000000..75a08c57
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/ecc/g_param.c
@@ -0,0 +1,1435 @@
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h>
+#include <string.h>
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_poly.h"
+#include "pbc_hilbert.h"
+#include "pbc_fp.h"
+#include "pbc_fieldquadratic.h"
+#include "pbc_mnt.h"
+#include "pbc_curve.h"
+#include "pbc_param.h"
+#include "pbc_pairing.h"
+#include "pbc_memory.h"
+#include "pbc_g_param.h"
+#include "ecc/param.h"
+
+struct g_param_s {
+ mpz_t q; // Curve defined over F_q.
+ mpz_t n; // n = #E(F_q) (= q - t + 1)
+ mpz_t h; // h * r = n, r is prime
+ mpz_t r;
+ mpz_t a, b; // E: y^2 = x^3 + ax + b
+
+ // k = 10 for these curves.
+ mpz_t nk; // #E(F_q^k)
+ mpz_t hk; // hk * r^2 = nk
+ mpz_t *coeff; //Coefficients of polynomial used to extend F_q by k/2
+ mpz_t nqr; // Quadratic nonresidue in F_q^d that lies in F_q.
+};
+
+typedef struct g_param_s g_param_t[1];
+typedef struct g_param_s *g_param_ptr;
+
+struct mnt_pairing_data_s {
+ field_t Fq, Fqx, Fqd, Fqk;
+ field_t Eq, Etwist;
+ element_t nqrinv, nqrinv2;
+ element_t xpowq, xpowq2, xpowq3, xpowq4;
+};
+typedef struct mnt_pairing_data_s mnt_pairing_data_t[1];
+typedef struct mnt_pairing_data_s *mnt_pairing_data_ptr;
+
+static void g_clear(void *data) {
+ g_param_ptr param = data;
+ int i;
+ mpz_clear(param->q);
+ mpz_clear(param->n);
+ mpz_clear(param->h);
+ mpz_clear(param->r);
+ mpz_clear(param->a);
+ mpz_clear(param->b);
+ mpz_clear(param->nk);
+ mpz_clear(param->hk);
+ mpz_clear(param->nqr);
+ for (i = 0; i < 5; i++) {
+ mpz_clear(param->coeff[i]);
+ }
+ pbc_free(param->coeff);
+ pbc_free(data);
+}
+
+static void g_out_str(FILE *stream, void *data) {
+ g_param_ptr p = data;
+ int i;
+ char s[8];
+ param_out_type(stream, "g");
+ param_out_mpz(stream, "q", p->q);
+ param_out_mpz(stream, "n", p->n);
+ param_out_mpz(stream, "h", p->h);
+ param_out_mpz(stream, "r", p->r);
+ param_out_mpz(stream, "a", p->a);
+ param_out_mpz(stream, "b", p->b);
+ param_out_mpz(stream, "nk", p->nk);
+ param_out_mpz(stream, "hk", p->hk);
+ for (i=0; i<5; i++) {
+ sprintf(s, "coeff%d", i);
+ param_out_mpz(stream, s, p->coeff[i]);
+ }
+ param_out_mpz(stream, "nqr", p->nqr);
+}
+
+static inline void d_miller_evalfn(element_t e0,
+ element_t a, element_t b, element_t c,
+ element_t Qx, element_t Qy) {
+ //a, b, c are in Fq
+ //point Q is (Qx, Qy * sqrt(nqr)) where nqr is used to construct
+ //the quadratic field extension Fqk of Fqd
+ element_ptr re_out = element_x(e0);
+ element_ptr im_out = element_y(e0);
+
+ int i;
+ int d = polymod_field_degree(re_out->field);
+ for (i=0; i<d; i++) {
+ element_mul(element_item(re_out, i), element_item(Qx, i), a);
+ element_mul(element_item(im_out, i), element_item(Qy, i), b);
+ }
+ element_add(element_item(re_out, 0), element_item(re_out, 0), c);
+}
+
+static void cc_miller_no_denom_proj(element_t res, mpz_t q, element_t P,
+ element_ptr Qx, element_ptr Qy) {
+ int m;
+ element_t v;
+ element_t Z;
+ element_t a, b, c;
+ element_t t0, t1;
+ element_ptr t2 = a, t3 = b, t4 = c;
+ element_t e0;
+ element_t z, z2;
+ element_ptr Zx, Zy;
+ const element_ptr curve_a = curve_a_coeff(P);
+ const element_ptr Px = curve_x_coord(P);
+ const element_ptr Py = curve_y_coord(P);
+
+ #define proj_double() { \
+ /* t0 = 3x^2 + (curve_a) z^4 */ \
+ element_square(t0, Zx); \
+ /* element_mul_si(t0, t0, 3); */ \
+ element_double(t1, t0); \
+ element_add(t0, t0, t1); \
+ element_square(t1, z2); \
+ element_mul(t1, t1, curve_a); \
+ element_add(t0, t0, t1); \
+ \
+ /* z_out = 2 y z */ \
+ element_mul(z, Zy, z); \
+ /* element_mul_si(z, z, 2); */ \
+ element_double(z, z); \
+ element_square(z2, z); \
+ \
+ /* t1 = 4 x y^2 */ \
+ element_square(t2, Zy); \
+ element_mul(t1, Zx, t2); \
+ /* element_mul_si(t1, t1, 4); */ \
+ element_double(t1, t1); \
+ element_double(t1, t1); \
+ \
+ /* x_out = t0^2 - 2 t1 */ \
+ /* element_mul_si(t3, t1, 2); */ \
+ element_double(t3, t1); \
+ element_square(Zx, t0); \
+ element_sub(Zx, Zx, t3); \
+ \
+ /* t2 = 8y^4 */ \
+ element_square(t2, t2); \
+ /* element_mul_si(t2, t2, 8); */ \
+ element_double(t2, t2); \
+ element_double(t2, t2); \
+ element_double(t2, t2); \
+ \
+ /* y_out = t0(t1 - x_out) - t2 */ \
+ element_sub(t1, t1, Zx); \
+ element_mul(t0, t0, t1); \
+ element_sub(Zy, t0, t2); \
+ }
+
+ #define proj_mixin() { \
+ /* t2 = Px z^2 */ \
+ element_mul(t2, z2, Px); \
+ \
+ /* t3 = Zx - t2 */ \
+ element_sub(t3, Zx, t2); \
+ \
+ /* t0 = Py z^3 */ \
+ element_mul(t0, z2, Py); \
+ element_mul(t0, t0, z); \
+ \
+ /* t1 = Zy - t0 */ \
+ element_sub(t1, Zy, t0); \
+ \
+ /* e7 = Zx + t2, use t2 to double for e7 */ \
+ element_add(t2, Zx, t2); \
+ \
+ /* e8 = Zy + t0, use t0 to double for e8 */ \
+ element_add(t0, Zy, t0); \
+ \
+ /* z = z t3 */ \
+ element_mul(z, z, t3); \
+ element_square(z2, z); \
+ \
+ /* Zx = t1^2 - e7 t3^2 */ \
+ /* t3 now holds t3^3, */ \
+ /* t4 holds e7 t3^2 */ \
+ element_square(t4, t3); \
+ element_mul(t3, t4, t3); \
+ element_square(Zx, t1); \
+ element_mul(t4, t2, t4); \
+ element_sub(Zx, Zx, t4); \
+ \
+ /* t4 = e7 t3^2 - 2 Zx */ \
+ element_sub(t4, t4, Zx); \
+ element_sub(t4, t4, Zx); \
+ \
+ /* Zy = (t4 t1 - e8 t3^3)/2 */ \
+ element_mul(t4, t4, t1); \
+ element_mul(t0, t0, t3); \
+ element_sub(t4, t4, t0); \
+ element_halve(Zy, t4); \
+ }
+
+ #define do_tangent() { \
+ /* a = -(3x^2 + cca z^4) */ \
+ /* b = 2 y z^3 */ \
+ /* c = -(2 y^2 + x a) */ \
+ /* a = z^2 a */ \
+ element_square(a, z2); \
+ element_mul(a, a, curve_a); \
+ element_square(b, Zx); \
+ /* element_mul_si(b, b, 3); */ \
+ element_double(t0, b); \
+ element_add(b, b, t0); \
+ element_add(a, a, b); \
+ element_neg(a, a); \
+ \
+ element_mul(b, z, z2); \
+ element_mul(b, b, Zy); \
+ element_mul_si(b, b, 2); \
+ \
+ element_mul(c, Zx, a); \
+ element_mul(a, a, z2); \
+ element_square(t0, Zy); \
+ element_mul_si(t0, t0, 2); \
+ element_add(c, c, t0); \
+ element_neg(c, c); \
+ \
+ d_miller_evalfn(e0, a, b, c, Qx, Qy); \
+ element_mul(v, v, e0); \
+ }
+
+ #define do_line() { \
+ /* a = -(Py z^3 - Zy) */ \
+ /* b = Px z^3 - Zx z */ \
+ /* c = Zx z Py - Zy Px; */ \
+ \
+ element_mul(t0, Zx, z); \
+ element_mul(t1, z2, z); \
+ \
+ element_mul(a, Py, t1); \
+ element_sub(a, Zy, a); \
+ \
+ element_mul(b, Px, t1); \
+ element_sub(b, b, t0); \
+ \
+ element_mul(t0, t0, Py); \
+ element_mul(c, Zy, Px); \
+ element_sub(c, t0, c); \
+ \
+ d_miller_evalfn(e0, a, b, c, Qx, Qy); \
+ element_mul(v, v, e0); \
+ }
+
+ element_init(a, Px->field);
+ element_init(b, a->field);
+ element_init(c, a->field);
+ element_init(t0, a->field);
+ element_init(t1, a->field);
+ element_init(e0, res->field);
+ element_init(z, a->field);
+ element_init(z2, a->field);
+ element_set1(z);
+ element_set1(z2);
+
+ element_init(v, res->field);
+ element_init(Z, P->field);
+
+ element_set(Z, P);
+ Zx = curve_x_coord(Z);
+ Zy = curve_x_coord(Z);
+
+ element_set1(v);
+ m = mpz_sizeinbase(q, 2) - 2;
+
+ for(;;) {
+ do_tangent();
+ if (!m) break;
+ proj_double();
+ if (mpz_tstbit(q, m)) {
+ do_line();
+ proj_mixin();
+ }
+ m--;
+ element_square(v, v);
+ }
+
+ element_set(res, v);
+
+ element_clear(v);
+ element_clear(Z);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(t0);
+ element_clear(t1);
+ element_clear(e0);
+ element_clear(z);
+ element_clear(z2);
+ #undef proj_double
+ #undef proj_mixin
+ #undef do_tangent
+ #undef do_line
+}
+
+static void cc_miller_no_denom_affine(element_t res, mpz_t q, element_t P,
+ element_ptr Qx, element_ptr Qy) {
+ int m;
+ element_t v;
+ element_t Z;
+ element_t a, b, c;
+ element_t t0;
+ element_t e0;
+ const element_ptr cca = curve_a_coeff(P);
+ const element_ptr Px = curve_x_coord(P);
+ const element_ptr Py = curve_y_coord(P);
+ element_ptr Zx, Zy;
+
+ /* TODO: when exactly is this not needed?
+ void do_vertical(void)
+ {
+ mapbase(e0, Z->x);
+ element_sub(e0, Qx, e0);
+ element_mul(v, v, e0);
+ }
+ */
+
+ #define do_tangent() { \
+ /* a = -(3 Zx^2 + cc->a) */ \
+ /* b = 2 * Zy */ \
+ /* c = -(2 Zy^2 + a Zx); */ \
+ element_square(a, Zx); \
+ element_mul_si(a, a, 3); \
+ element_add(a, a, cca); \
+ element_neg(a, a); \
+ \
+ element_add(b, Zy, Zy); \
+ \
+ element_mul(t0, b, Zy); \
+ element_mul(c, a, Zx); \
+ element_add(c, c, t0); \
+ element_neg(c, c); \
+ \
+ d_miller_evalfn(e0, a, b, c, Qx, Qy); \
+ element_mul(v, v, e0); \
+ }
+
+ #define do_line() { \
+ /* a = -(B.y - A.y) / (B.x - A.x); */ \
+ /* b = 1; */ \
+ /* c = -(A.y + a * A.x); */ \
+ /* but we'll multiply by B.x - A.x */ \
+ /* to avoid division */ \
+ \
+ element_sub(b, Px, Zx); \
+ element_sub(a, Zy, Py); \
+ element_mul(t0, b, Zy); \
+ element_mul(c, a, Zx); \
+ element_add(c, c, t0); \
+ element_neg(c, c); \
+ \
+ d_miller_evalfn(e0, a, b, c, Qx, Qy); \
+ element_mul(v, v, e0); \
+ }
+
+ element_init(a, Px->field);
+ element_init(b, a->field);
+ element_init(c, a->field);
+ element_init(t0, a->field);
+ element_init(e0, res->field);
+
+ element_init(v, res->field);
+ element_init(Z, P->field);
+
+ element_set(Z, P);
+ Zx = curve_x_coord(Z);
+ Zy = curve_y_coord(Z);
+
+ element_set1(v);
+ m = mpz_sizeinbase(q, 2) - 2;
+
+ for(;;) {
+ do_tangent();
+ if (!m) break;
+ element_double(Z, Z);
+ if (mpz_tstbit(q, m)) {
+ do_line();
+ element_add(Z, Z, P);
+ }
+ m--;
+ element_square(v, v);
+ }
+
+ element_set(res, v);
+
+ element_clear(v);
+ element_clear(Z);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(t0);
+ element_clear(e0);
+ #undef do_tangent
+ #undef do_line
+}
+
+// Requires cofactor is even.
+// Requires in != out.
+// Mangles in.
+static void lucas_even(element_ptr out, element_ptr in, mpz_t cofactor) {
+ element_t temp;
+ element_init_same_as(temp, out);
+ element_ptr in0 = element_x(in);
+ element_ptr in1 = element_y(in);
+ element_ptr v0 = element_x(out);
+ element_ptr v1 = element_y(out);
+ element_ptr t0 = element_x(temp);
+ element_ptr t1 = element_y(temp);
+ int j;
+
+ element_set_si(t0, 2);
+ element_double(t1, in0);
+
+ element_set(v0, t0);
+ element_set(v1, t1);
+
+ j = mpz_sizeinbase(cofactor, 2) - 1;
+ for (;;) {
+ if (!j) {
+ element_mul(v1, v0, v1);
+ element_sub(v1, v1, t1);
+ element_square(v0, v0);
+ element_sub(v0, v0, t0);
+ break;
+ }
+ if (mpz_tstbit(cofactor, j)) {
+ element_mul(v0, v0, v1);
+ element_sub(v0, v0, t1);
+ element_square(v1, v1);
+ element_sub(v1, v1, t0);
+ } else {
+ element_mul(v1, v0, v1);
+ element_sub(v1, v1, t1);
+ element_square(v0, v0);
+ element_sub(v0, v0, t0);
+ }
+ j--;
+ }
+
+ //assume cofactor = (q^2 - q + 1) / r is odd
+ //thus v1 = V_k, v0 = V_{k-1}
+ // U = (P v1 - 2 v0) / (P^2 - 4)
+
+ element_double(v0, v0);
+ element_mul(in0, t1, v1);
+ element_sub(in0, in0, v0);
+
+ element_square(t1, t1);
+ element_sub(t1, t1, t0);
+ element_sub(t1, t1, t0);
+
+ element_halve(v0, v1);
+ element_div(v1, in0, t1);
+ element_mul(v1, v1, in1);
+ element_clear(temp);
+}
+
+static void tatepower10(element_ptr out, element_ptr in, pairing_t pairing) {
+ mnt_pairing_data_ptr p = pairing->data;
+ element_t e0, e1, e2, e3;
+ element_init(e0, p->Fqk);
+ element_init(e1, p->Fqd);
+ element_init(e2, p->Fqd);
+ element_init(e3, p->Fqk);
+ element_ptr e0re = element_x(e0);
+ element_ptr e0im = element_y(e0);
+ element_ptr e0re0 = ((element_t *) e0re->data)[0];
+ element_ptr e0im0 = ((element_t *) e0im->data)[0];
+ element_t *inre = element_x(in)->data;
+ element_t *inim = element_y(in)->data;
+ //see thesis
+ #define qpower(sign) { \
+ polymod_const_mul(e2, inre[1], p->xpowq); \
+ element_set(e0re, e2); \
+ polymod_const_mul(e2, inre[2], p->xpowq2); \
+ element_add(e0re, e0re, e2); \
+ polymod_const_mul(e2, inre[3], p->xpowq3); \
+ element_add(e0re, e0re, e2); \
+ polymod_const_mul(e2, inre[4], p->xpowq4); \
+ element_add(e0re, e0re, e2); \
+ element_add(e0re0, e0re0, inre[0]); \
+ \
+ if (sign > 0) { \
+ polymod_const_mul(e2, inim[1], p->xpowq); \
+ element_set(e0im, e2); \
+ polymod_const_mul(e2, inim[2], p->xpowq2); \
+ element_add(e0im, e0im, e2); \
+ polymod_const_mul(e2, inim[3], p->xpowq3); \
+ element_add(e0im, e0im, e2); \
+ polymod_const_mul(e2, inim[4], p->xpowq4); \
+ element_add(e0im, e0im, e2); \
+ element_add(e0im0, e0im0, inim[0]); \
+ } else { \
+ polymod_const_mul(e2, inim[1], p->xpowq); \
+ element_neg(e0im, e2); \
+ polymod_const_mul(e2, inim[2], p->xpowq2); \
+ element_sub(e0im, e0im, e2); \
+ polymod_const_mul(e2, inim[3], p->xpowq3); \
+ element_sub(e0im, e0im, e2); \
+ polymod_const_mul(e2, inim[4], p->xpowq4); \
+ element_sub(e0im, e0im, e2); \
+ element_sub(e0im0, e0im0, inim[0]); \
+ } \
+ }
+ qpower(1);
+ element_set(e3, e0);
+ element_set(e0re, element_x(in));
+ element_neg(e0im, element_y(in));
+ element_mul(e3, e3, e0);
+ qpower(-1);
+ element_mul(e0, e0, in);
+ element_invert(e0, e0);
+ element_mul(in, e3, e0);
+
+ element_set(e0, in);
+ lucas_even(out, e0, pairing->phikonr);
+
+ element_clear(e0);
+ element_clear(e1);
+ element_clear(e2);
+ element_clear(e3);
+ #undef qpower
+}
+
+static void (*cc_miller_no_denom_fn)(element_t res, mpz_t q, element_t P,
+ element_ptr Qx, element_ptr Qy);
+
+static void cc_pairing(element_ptr out, element_ptr in1, element_ptr in2,
+ pairing_t pairing) {
+ element_ptr Qbase = in2;
+ element_t Qx, Qy;
+ mnt_pairing_data_ptr p = pairing->data;
+
+ element_init(Qx, p->Fqd);
+ element_init(Qy, p->Fqd);
+ //map from twist: (x, y) --> (v^-1 x, v^-(3/2) y)
+ //where v is the quadratic nonresidue used to construct the twist
+ element_mul(Qx, curve_x_coord(Qbase), p->nqrinv);
+ //v^-3/2 = v^-2 * v^1/2
+ element_mul(Qy, curve_y_coord(Qbase), p->nqrinv2);
+ cc_miller_no_denom_fn(out, pairing->r, in1, Qx, Qy);
+ tatepower10(out, out, pairing);
+ element_clear(Qx);
+ element_clear(Qy);
+}
+
+static int cc_is_almost_coddh(element_ptr a, element_ptr b,
+ element_ptr c, element_ptr d,
+ pairing_t pairing) {
+ int res = 0;
+ element_t t0, t1, t2;
+ element_t cx, cy;
+ element_t dx, dy;
+ mnt_pairing_data_ptr p = pairing->data;
+
+ element_init(cx, p->Fqd);
+ element_init(cy, p->Fqd);
+ element_init(dx, p->Fqd);
+ element_init(dy, p->Fqd);
+
+ element_init(t0, p->Fqk);
+ element_init(t1, p->Fqk);
+ element_init(t2, p->Fqk);
+ //map from twist: (x, y) --> (v^-1 x, v^-(3/2) y)
+ //where v is the quadratic nonresidue used to construct the twist
+ element_mul(cx, curve_x_coord(c), p->nqrinv);
+ element_mul(dx, curve_x_coord(d), p->nqrinv);
+ //v^-3/2 = v^-2 * v^1/2
+ element_mul(cy, curve_y_coord(c), p->nqrinv2);
+ element_mul(dy, curve_y_coord(d), p->nqrinv2);
+
+ cc_miller_no_denom_fn(t0, pairing->r, a, dx, dy);
+ cc_miller_no_denom_fn(t1, pairing->r, b, cx, cy);
+ tatepower10(t0, t0, pairing);
+ tatepower10(t1, t1, pairing);
+ element_mul(t2, t0, t1);
+ if (element_is1(t2)) {
+ //g, g^x, h, h^-x case
+ res = 1;
+ } else {
+ element_invert(t1, t1);
+ element_mul(t2, t0, t1);
+ if (element_is1(t2)) {
+ //g, g^x, h, h^x case
+ res = 1;
+ }
+ }
+ element_clear(cx);
+ element_clear(cy);
+ element_clear(dx);
+ element_clear(dy);
+ element_clear(t0);
+ element_clear(t1);
+ element_clear(t2);
+ return res;
+}
+
+struct pp_coeff_s {
+ element_t a;
+ element_t b;
+ element_t c;
+};
+typedef struct pp_coeff_s pp_coeff_t[1];
+typedef struct pp_coeff_s *pp_coeff_ptr;
+
+static void g_pairing_pp_init(pairing_pp_t p, element_ptr in1, pairing_t pairing) {
+ element_ptr P = in1;
+ const element_ptr Px = curve_x_coord(P);
+ const element_ptr Py = curve_y_coord(P);
+ element_t Z;
+ int m;
+ mnt_pairing_data_ptr info = pairing->data;
+ element_t t0;
+ element_t a, b, c;
+ field_ptr Fq = info->Fq;
+ pp_coeff_t *coeff;
+ mpz_ptr q = pairing->r;
+ pp_coeff_ptr pp;
+ const element_ptr cca = curve_a_coeff(P);
+ element_ptr Zx;
+ element_ptr Zy;
+
+ #define store_abc() { \
+ element_init(pp->a, Fq); \
+ element_init(pp->b, Fq); \
+ element_init(pp->c, Fq); \
+ element_set(pp->a, a); \
+ element_set(pp->b, b); \
+ element_set(pp->c, c); \
+ pp++; \
+ }
+
+ //a = -slope_tangent(Z.x, Z.y);
+ //b = 1;
+ //c = -(Z.y + a * Z.x);
+ //but we multiply by 2*Z.y to avoid division
+
+ //a = -Zx * (3 Zx + twicea_2) - a_4;
+ //Common curves: a2 = 0 (and cc->a is a_4), so
+ //a = -(3 Zx^2 + cc->a)
+ //b = 2 * Zy
+ //c = -(2 Zy^2 + a Zx);
+ #define do_tangent() { \
+ element_square(a, Zx); \
+ element_double(t0, a); \
+ element_add(a, a, t0); \
+ element_add(a, a, cca); \
+ element_neg(a, a); \
+ \
+ element_add(b, Zy, Zy); \
+ \
+ element_mul(t0, b, Zy); \
+ element_mul(c, a, Zx); \
+ element_add(c, c, t0); \
+ element_neg(c, c); \
+ \
+ store_abc(); \
+ }
+
+ //a = -(B.y - A.y) / (B.x - A.x);
+ //b = 1;
+ //c = -(A.y + a * A.x);
+ //but we'll multiply by B.x - A.x to avoid division
+ #define do_line() { \
+ element_sub(b, Px, Zx); \
+ element_sub(a, Zy, Py); \
+ element_mul(t0, b, Zy); \
+ element_mul(c, a, Zx); \
+ element_add(c, c, t0); \
+ element_neg(c, c); \
+ store_abc(); \
+ }
+
+ element_init(Z, P->field);
+ element_set(Z, P);
+ Zx = curve_x_coord(Z);
+ Zy = curve_y_coord(Z);
+
+ element_init(t0, Fq);
+ element_init(a, Fq);
+ element_init(b, Fq);
+ element_init(c, Fq);
+
+ m = mpz_sizeinbase(q, 2) - 2;
+ p->data = pbc_malloc(sizeof(pp_coeff_t) * 2 * m);
+ coeff = (pp_coeff_t *) p->data;
+ pp = coeff[0];
+
+ for(;;) {
+ do_tangent();
+ if (!m) break;
+ element_double(Z, Z);
+ if (mpz_tstbit(q, m)) {
+ do_line();
+ element_add(Z, Z, P);
+ }
+ m--;
+ }
+
+ element_clear(t0);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(Z);
+ #undef store_abc
+ #undef do_tangent
+ #undef do_line
+}
+
+static void g_pairing_pp_clear(pairing_pp_t p) {
+ //TODO: better to store a sentinel value in p->data?
+ mpz_ptr q = p->pairing->r;
+ int m = mpz_sizeinbase(q, 2) + mpz_popcount(q) - 3;
+ int i;
+ pp_coeff_t *coeff = (pp_coeff_t *) p->data;
+ pp_coeff_ptr pp;
+ for (i=0; i<m; i++) {
+ pp = coeff[i];
+ element_clear(pp->a);
+ element_clear(pp->b);
+ element_clear(pp->c);
+ }
+ pbc_free(p->data);
+}
+
+static void g_pairing_pp_apply(element_ptr out, element_ptr in2, pairing_pp_t p) {
+ mpz_ptr q = p->pairing->r;
+ mnt_pairing_data_ptr info = p->pairing->data;
+ int m = mpz_sizeinbase(q, 2) - 2;
+ pp_coeff_t *coeff = (pp_coeff_t *) p->data;
+ pp_coeff_ptr pp = coeff[0];
+ element_ptr Qbase = in2;
+ element_t e0;
+ element_t Qx, Qy;
+ element_t v;
+ element_init_same_as(e0, out);
+ element_init_same_as(v, out);
+ element_init(Qx, info->Fqd);
+ element_init(Qy, info->Fqd);
+
+ //map from twist: (x, y) --> (v^-1 x, v^-(3/2) y)
+ //where v is the quadratic nonresidue used to construct the twist
+ element_mul(Qx, curve_x_coord(Qbase), info->nqrinv);
+ //v^-3/2 = v^-2 * v^1/2
+ element_mul(Qy, curve_y_coord(Qbase), info->nqrinv2);
+
+ element_set1(out);
+ for(;;) {
+ d_miller_evalfn(e0, pp->a, pp->b, pp->c, Qx, Qy);
+ element_mul(out, out, e0);
+ pp++;
+
+ if (!m) break;
+
+ if (mpz_tstbit(q, m)) {
+ d_miller_evalfn(e0, pp->a, pp->b, pp->c, Qx, Qy);
+ element_mul(out, out, e0);
+ pp++;
+ }
+ m--;
+ element_square(out, out);
+ }
+ tatepower10(out, out, p->pairing);
+
+ element_clear(e0);
+ element_clear(Qx);
+ element_clear(Qy);
+ element_clear(v);
+}
+
+// in1, in2 are from E(F_q), out from F_q^2
+// Compute pairing via elliptic nets (see Stange).
+static void g_pairing_ellnet(element_ptr out, element_ptr in1, element_ptr in2,
+ pairing_t pairing) {
+ mnt_pairing_data_ptr p = pairing->data;
+
+ const element_ptr a = curve_a_coeff(in1);
+ const element_ptr b = curve_b_coeff(in1);
+
+ element_ptr x = curve_x_coord(in1);
+ element_ptr y = curve_y_coord(in1);
+
+ element_ptr x2 = curve_x_coord(in2);
+ element_ptr y2 = curve_y_coord(in2);
+
+ //we map (x2,y2) to (-x2, i y2) before pairing
+ //notation: cmi means c_{k-i}, ci means c_{k+i}
+ element_t cm3, cm2, cm1, c0, c1, c2, c3, c4;
+ element_t dm1, d0, d1;
+ element_t A, B, C;
+
+ element_init_same_as(cm3, x);
+ element_init_same_as(cm2, x);
+ element_init_same_as(cm1, x);
+ element_init_same_as(c0, x);
+ element_init_same_as(c1, x);
+ element_init_same_as(c2, x);
+ element_init_same_as(c3, x);
+ element_init_same_as(c4, x);
+ element_init_same_as(C, x);
+
+ element_init_same_as(dm1, out);
+ element_init_same_as(d0, out);
+ element_init_same_as(d1, out);
+ element_init_same_as(A, out);
+ element_init_same_as(B, out);
+
+ // c1 = 2y
+ // cm3 = -2y
+ element_double(c1, y);
+ element_neg(cm3, c1);
+
+ //use c0, cm1, cm2, C, c4 as temp variables for now
+ //compute c3, c2
+ element_square(cm2, x);
+ element_square(C, cm2);
+ element_mul(cm1, b, x);
+ element_double(cm1, cm1);
+ element_square(c4, a);
+
+ element_mul(c2, cm1, cm2);
+ element_double(c2, c2);
+ element_mul(c0, a, C);
+ element_add(c2, c2, c0);
+ element_mul(c0, c4, cm2);
+ element_sub(c2, c2, c0);
+ element_double(c0, c2);
+ element_double(c0, c0);
+ element_add(c2, c2, c0);
+
+ element_mul(c0, cm1, a);
+ element_square(c3, b);
+ element_double(c3, c3);
+ element_double(c3, c3);
+ element_add(c0, c0, c3);
+ element_double(c0, c0);
+ element_mul(c3, a, c4);
+ element_add(c0, c0, c3);
+ element_sub(c2, c2, c0);
+ element_mul(c0, cm2, C);
+ element_add(c3, c0, c2);
+ element_mul(c3, c3, c1);
+ element_double(c3, c3);
+
+ element_mul(c0, a, cm2);
+ element_add(c0, c0, cm1);
+ element_double(c0, c0);
+ element_add(c0, c0, C);
+ element_double(c2, c0);
+ element_add(c0, c0, c2);
+ element_sub(c2, c0, c4);
+
+ // c0 = 1
+ // cm2 = -1
+ element_set1(c0);
+ element_neg(cm2, c0);
+
+ // c4 = c_5 = c_2^3 c_4 - c_3^3 = c1^3 c3 - c2^3
+ element_square(C, c1);
+ element_mul(c4, C, c1);
+ element_mul(c4, c4, c3);
+ element_square(C, c2);
+ element_mul(C, C, c2);
+ element_sub(c4, c4, C);
+
+ //compute A, B, d1
+
+ element_mul(element_x(d0), x2, p->nqrinv);
+ element_neg(A, d0);
+ element_add(element_item(element_x(A), 0), element_item(element_x(A), 0), x);
+
+ element_double(C, x);
+ element_add(element_item(element_x(d0), 0), element_item(element_x(d0), 0), C);
+
+ element_square(dm1, A);
+ element_mul(dm1, d0, dm1);
+
+ element_mul(element_y(d1), y2, p->nqrinv2);
+ element_set(element_item(element_x(d1), 0), y);
+
+ element_square(d1, d1);
+ element_sub(d1, dm1, d1);
+ element_invert(B, d1);
+
+ element_invert(A, A);
+
+ element_mul(element_y(d1), y2, p->nqrinv2);
+ element_set0(element_x(d1));
+ element_neg(element_item(element_x(d1), 0), y);
+ element_mul(d1, d1, A);
+ element_square(d1, d1);
+ element_sub(d1, d0, d1);
+
+ // cm1 = 0
+ // C = (2y)^-1
+ element_set0(cm1);
+ element_invert(C, c1);
+
+ element_set1(dm1);
+ element_set1(d0);
+
+ element_t sm2, sm1;
+ element_t s0, s1, s2, s3;
+ element_t tm2, tm1;
+ element_t t0, t1, t2, t3;
+ element_t e0, e1;
+ element_t u, v;
+
+ element_init_same_as(sm2, x);
+ element_init_same_as(sm1, x);
+ element_init_same_as(s0, x);
+ element_init_same_as(s1, x);
+ element_init_same_as(s2, x);
+ element_init_same_as(s3, x);
+
+ element_init_same_as(tm2, x);
+ element_init_same_as(tm1, x);
+ element_init_same_as(t0, x);
+ element_init_same_as(t1, x);
+ element_init_same_as(t2, x);
+ element_init_same_as(t3, x);
+
+ element_init_same_as(e0, x);
+ element_init_same_as(e1, x);
+
+ element_init_same_as(u, d0);
+ element_init_same_as(v, d0);
+
+ int m = mpz_sizeinbase(pairing->r, 2) - 2;
+ for (;;) {
+ element_square(sm2, cm2);
+ element_square(sm1, cm1);
+ element_square(s0, c0);
+ element_square(s1, c1);
+ element_square(s2, c2);
+ element_square(s3, c3);
+
+ element_mul(tm2, cm3, cm1);
+ element_mul(tm1, cm2, c0);
+ element_mul(t0, cm1, c1);
+ element_mul(t1, c0, c2);
+ element_mul(t2, c1, c3);
+ element_mul(t3, c2, c4);
+
+ element_square(u, d0);
+ element_mul(v, dm1, d1);
+
+ if (mpz_tstbit(pairing->r, m)) {
+ //double-and-add
+ element_mul(e0, t0, sm2);
+ element_mul(e1, tm2, s0);
+ element_sub(cm3, e0, e1);
+ element_mul(cm3, cm3, C);
+
+ element_mul(e0, t0, sm1);
+ element_mul(e1, tm1, s0);
+ element_sub(cm2, e0, e1);
+
+ element_mul(e0, t1, sm1);
+ element_mul(e1, tm1, s1);
+ element_sub(cm1, e0, e1);
+ element_mul(cm1, cm1, C);
+
+ element_mul(e0, t1, s0);
+ element_mul(e1, t0, s1);
+ element_sub(c0, e0, e1);
+
+ element_mul(e0, t2, s0);
+ element_mul(e1, t0, s2);
+ element_sub(c1, e0, e1);
+ element_mul(c1, c1, C);
+
+ element_mul(e0, t2, s1);
+ element_mul(e1, t1, s2);
+ element_sub(c2, e0, e1);
+
+ element_mul(e0, t3, s1);
+ element_mul(e1, t1, s3);
+ element_sub(c3, e0, e1);
+ element_mul(c3, c3, C);
+
+ element_mul(e0, t3, s2);
+ element_mul(e1, t2, s3);
+ element_sub(c4, e0, e1);
+
+ polymod_const_mul(element_x(out), t0, element_x(u));
+ polymod_const_mul(element_y(out), t0, element_y(u));
+ polymod_const_mul(element_x(dm1), s0, element_x(v));
+ polymod_const_mul(element_y(dm1), s0, element_y(v));
+ element_sub(dm1, dm1, out);
+
+ polymod_const_mul(element_x(out), t1, element_x(u));
+ polymod_const_mul(element_y(out), t1, element_y(u));
+ polymod_const_mul(element_x(d0), s1, element_x(v));
+ polymod_const_mul(element_y(d0), s1, element_y(v));
+ element_sub(d0, d0, out);
+ element_mul(d0, d0, A);
+
+ polymod_const_mul(element_x(out), t2, element_x(u));
+ polymod_const_mul(element_y(out), t2, element_y(u));
+ polymod_const_mul(element_x(d1), s2, element_x(v));
+ polymod_const_mul(element_y(d1), s2, element_y(v));
+ element_sub(d1, d1, out);
+ element_mul(d1, d1, B);
+ } else {
+ //double
+ element_mul(e0, tm1, sm2);
+ element_mul(e1, tm2, sm1);
+ element_sub(cm3, e0, e1);
+
+ element_mul(e0, t0, sm2);
+ element_mul(e1, tm2, s0);
+ element_sub(cm2, e0, e1);
+ element_mul(cm2, cm2, C);
+
+ element_mul(e0, t0, sm1);
+ element_mul(e1, tm1, s0);
+ element_sub(cm1, e0, e1);
+
+ element_mul(e0, t1, sm1);
+ element_mul(e1, tm1, s1);
+ element_sub(c0, e0, e1);
+ element_mul(c0, c0, C);
+
+ element_mul(e0, t1, s0);
+ element_mul(e1, t0, s1);
+ element_sub(c1, e0, e1);
+
+ element_mul(e0, t2, s0);
+ element_mul(e1, t0, s2);
+ element_sub(c2, e0, e1);
+ element_mul(c2, c2, C);
+
+ element_mul(e0, t2, s1);
+ element_mul(e1, t1, s2);
+ element_sub(c3, e0, e1);
+
+ element_mul(e0, t3, s1);
+ element_mul(e1, t1, s3);
+ element_sub(c4, e0, e1);
+ element_mul(c4, c4, C);
+
+ polymod_const_mul(element_x(out), tm1, element_x(u));
+ polymod_const_mul(element_y(out), tm1, element_y(u));
+ polymod_const_mul(element_x(dm1), sm1, element_x(v));
+ polymod_const_mul(element_y(dm1), sm1, element_y(v));
+ element_sub(dm1, dm1, out);
+
+ polymod_const_mul(element_x(out), t0, element_x(u));
+ polymod_const_mul(element_y(out), t0, element_y(u));
+ polymod_const_mul(element_x(d0), s0, element_x(v));
+ polymod_const_mul(element_y(d0), s0, element_y(v));
+ element_sub(d0, d0, out);
+
+ polymod_const_mul(element_x(out), t1, element_x(u));
+ polymod_const_mul(element_y(out), t1, element_y(u));
+ polymod_const_mul(element_x(d1), s1, element_x(v));
+ polymod_const_mul(element_y(d1), s1, element_y(v));
+ element_sub(d1, d1, out);
+ element_mul(d1, d1, A);
+ }
+ if (!m) break;
+ m--;
+ }
+ // since c_k lies base field
+ // it gets killed by the final powering
+ //element_invert(c1, c1);
+ //element_mul(element_x(d1), element_x(d1), c1);
+ //element_mul(element_y(d1), element_y(d1), c1);
+
+ tatepower10(out, d1, pairing);
+
+ element_clear(dm1);
+ element_clear(d0);
+ element_clear(d1);
+
+ element_clear(cm3);
+ element_clear(cm2);
+ element_clear(cm1);
+ element_clear(c0);
+ element_clear(c1);
+ element_clear(c2);
+ element_clear(c3);
+ element_clear(c4);
+
+ element_clear(sm2);
+ element_clear(sm1);
+ element_clear(s0);
+ element_clear(s1);
+ element_clear(s2);
+ element_clear(s3);
+
+ element_clear(tm2);
+ element_clear(tm1);
+ element_clear(t0);
+ element_clear(t1);
+ element_clear(t2);
+ element_clear(t3);
+
+ element_clear(e0);
+ element_clear(e1);
+ element_clear(A);
+ element_clear(B);
+ element_clear(C);
+ element_clear(u);
+ element_clear(v);
+}
+
+static void g_pairing_clear(pairing_t pairing) {
+ field_clear(pairing->GT);
+ mnt_pairing_data_ptr p = pairing->data;
+
+ element_clear(p->xpowq);
+ element_clear(p->xpowq2);
+ element_clear(p->xpowq3);
+ element_clear(p->xpowq4);
+ mpz_clear(pairing->phikonr);
+
+ field_clear(p->Etwist);
+ field_clear(p->Eq);
+ element_clear(p->nqrinv);
+ element_clear(p->nqrinv2);
+ field_clear(p->Fqk);
+ field_clear(p->Fqd);
+ field_clear(p->Fqx);
+ field_clear(p->Fq);
+ field_clear(pairing->Zr);
+ mpz_clear(pairing->r);
+ pbc_free(p);
+}
+
+static void g_pairing_option_set(pairing_t pairing, char *key, char *value) {
+ UNUSED_VAR(pairing);
+ if (!strcmp(key, "method")) {
+ if (!strcmp(value, "miller")) {
+ cc_miller_no_denom_fn = cc_miller_no_denom_proj;
+ } else if (!strcmp(value, "miller-affine")) {
+ cc_miller_no_denom_fn = cc_miller_no_denom_affine;
+ } else if (!strcmp(value, "shipsey-stange")) {
+ pairing->map = g_pairing_ellnet;
+ }
+ }
+}
+
+static void g_finalpow(element_ptr e) {
+ element_t t0;
+ element_init_same_as(t0, e->data);
+ tatepower10(t0, e->data, e->field->pairing);
+ element_set(e->data, t0);
+ element_clear(t0);
+}
+
+// Computes a curve and sets fp to the field it is defined over using the
+// complex multiplication method, where cm holds appropriate data
+// (e.g. discriminant, field order).
+static void compute_cm_curve(g_param_ptr param, pbc_cm_ptr cm) {
+ element_t hp, root;
+ field_t fp, fpx;
+ field_t cc;
+
+ field_init_fp(fp, cm->q);
+ field_init_poly(fpx, fp);
+ element_init(hp, fpx);
+
+ mpz_t *coefflist;
+ int n = pbc_hilbert(&coefflist, cm->D);
+
+ // Temporarily set the coefficient of x^{n-1} to 1 so hp has degree n - 1,
+ // allowing us to use element_item().
+ poly_set_coeff1(hp, n - 1);
+ int i;
+ for (i = 0; i < n; i++) {
+ element_set_mpz(element_item(hp, i), coefflist[i]);
+ }
+ pbc_hilbert_free(coefflist, n);
+
+ //TODO: remove x = 0, 1728 roots
+ //TODO: what if there's no roots?
+ //printf("hp ");
+ //element_out_str(stdout, 0, hp);
+ //printf("\n");
+
+ element_init(root, fp);
+ poly_findroot(root, hp);
+ //printf("root = ");
+ //element_out_str(stdout, 0, root);
+ //printf("\n");
+ element_clear(hp);
+ field_clear(fpx);
+
+ //the root is the j-invariant of our desired curve
+ field_init_curve_j(cc, root, cm->n, NULL);
+ element_clear(root);
+
+ //we may need to twist it however
+ {
+ // Pick a random point P and twist the curve if it has the wrong order.
+ element_t P;
+ element_init(P, cc);
+ element_random(P);
+ element_mul_mpz(P, P, cm->n);
+ if (!element_is0(P)) field_reinit_curve_twist(cc);
+ element_clear(P);
+ }
+
+ mpz_set(param->q, cm->q);
+ mpz_set(param->n, cm->n);
+ mpz_set(param->h, cm->h);
+ mpz_set(param->r, cm->r);
+ element_to_mpz(param->a, curve_field_a_coeff(cc));
+ element_to_mpz(param->b, curve_field_b_coeff(cc));
+ {
+ mpz_t z;
+ mpz_init(z);
+ //compute order of curve in F_q^k
+ //n = q - t + 1 hence t = q - n + 1
+ mpz_sub(z, param->q, param->n);
+ mpz_add_ui(z, z, 1);
+ pbc_mpz_trace_n(z, param->q, z, 10);
+ mpz_pow_ui(param->nk, param->q, 10);
+ mpz_sub_ui(z, z, 1);
+ mpz_sub(param->nk, param->nk, z);
+ mpz_mul(z, param->r, param->r);
+ mpz_divexact(param->hk, param->nk, z);
+ mpz_clear(z);
+ }
+ field_clear(cc);
+ field_clear(fp);
+}
+
+static void g_init_pairing(pairing_t pairing, void *data) {
+ g_param_ptr param = data;
+ mnt_pairing_data_ptr p;
+ element_t a, b;
+ element_t irred;
+ int i;
+
+ mpz_init(pairing->r);
+ mpz_set(pairing->r, param->r);
+ field_init_fp(pairing->Zr, pairing->r);
+ pairing->map = cc_pairing;
+ pairing->is_almost_coddh = cc_is_almost_coddh;
+
+ p = pairing->data = pbc_malloc(sizeof(mnt_pairing_data_t));
+ field_init_fp(p->Fq, param->q);
+ element_init(a, p->Fq);
+ element_init(b, p->Fq);
+ element_set_mpz(a, param->a);
+ element_set_mpz(b, param->b);
+ field_init_curve_ab(p->Eq, a, b, pairing->r, param->h);
+
+ field_init_poly(p->Fqx, p->Fq);
+ element_init(irred, p->Fqx);
+
+ // First set the coefficient of x^5 to 1 so we can call element_item()
+ // for the other coefficients.
+ poly_set_coeff1(irred, 5);
+ for (i=0; i<5; i++) {
+ element_set_mpz(element_item(irred, i), param->coeff[i]);
+ }
+
+ field_init_polymod(p->Fqd, irred);
+ element_clear(irred);
+
+ p->Fqd->nqr = pbc_malloc(sizeof(element_t));
+ element_init(p->Fqd->nqr, p->Fqd);
+ element_set_mpz(((element_t *) p->Fqd->nqr->data)[0], param->nqr);
+
+ field_init_quadratic(p->Fqk, p->Fqd);
+
+ // Compute phi(k)/r = (q^4 - q^3 + ... + 1)/r.
+ {
+ element_ptr e = p->xpowq;
+ mpz_t z0;
+ mpz_ptr q = param->q;
+ mpz_ptr z = pairing->phikonr;
+ mpz_init(z);
+ mpz_init(z0);
+ mpz_set_ui(z, 1);
+ mpz_sub(z, z, q);
+ mpz_mul(z0, q, q);
+ mpz_add(z, z, z0);
+ mpz_mul(z0, z0, q);
+ mpz_sub(z, z, z0);
+ mpz_mul(z0, z0, q);
+ mpz_add(z, z, z0);
+ mpz_clear(z0);
+ mpz_divexact(z, z, pairing->r);
+
+ element_init(e, p->Fqd);
+ element_init(p->xpowq2, p->Fqd);
+ element_init(p->xpowq3, p->Fqd);
+ element_init(p->xpowq4, p->Fqd);
+ element_set1(((element_t *) e->data)[1]);
+ element_pow_mpz(e, e, q);
+
+ element_square(p->xpowq2, p->xpowq);
+ element_square(p->xpowq4, p->xpowq2);
+ element_mul(p->xpowq3, p->xpowq2, p->xpowq);
+ }
+
+ field_init_curve_ab_map(p->Etwist, p->Eq, element_field_to_polymod, p->Fqd, pairing->r, NULL);
+ field_reinit_curve_twist(p->Etwist);
+
+ element_init(p->nqrinv, p->Fqd);
+ element_invert(p->nqrinv, field_get_nqr(p->Fqd));
+ element_init(p->nqrinv2, p->Fqd);
+ element_square(p->nqrinv2, p->nqrinv);
+
+ mpz_t ndonr;
+ mpz_init(ndonr);
+ // ndonr temporarily holds the trace.
+ mpz_sub(ndonr, param->q, param->n);
+ mpz_add_ui(ndonr, ndonr, 1);
+ // Negate because we want the order of the twist.
+ mpz_neg(ndonr, ndonr);
+ pbc_mpz_curve_order_extn(ndonr, param->q, ndonr, 5);
+ mpz_divexact(ndonr, ndonr, param->r);
+ field_curve_set_quotient_cmp(p->Etwist, ndonr);
+ mpz_clear(ndonr);
+
+ pairing->G1 = p->Eq;
+ pairing->G2 = p->Etwist;
+ pairing_GT_init(pairing, p->Fqk);
+ pairing->finalpow = g_finalpow;
+
+ cc_miller_no_denom_fn = cc_miller_no_denom_affine;
+ pairing->option_set = g_pairing_option_set;
+ pairing->pp_init = g_pairing_pp_init;
+ pairing->pp_clear = g_pairing_pp_clear;
+ pairing->pp_apply = g_pairing_pp_apply;
+
+ pairing->clear_func = g_pairing_clear;
+
+ element_clear(a);
+ element_clear(b);
+}
+
+static void g_init(pbc_param_ptr p) {
+ static pbc_param_interface_t interface = {{
+ g_clear,
+ g_init_pairing,
+ g_out_str,
+ }};
+ p->api = interface;
+ g_param_ptr param = p->data = pbc_malloc(sizeof(*param));
+ mpz_init(param->q);
+ mpz_init(param->n);
+ mpz_init(param->h);
+ mpz_init(param->r);
+ mpz_init(param->a);
+ mpz_init(param->b);
+ mpz_init(param->nk);
+ mpz_init(param->hk);
+ param->coeff = NULL;
+ mpz_init(param->nqr);
+}
+
+// Public interface:
+
+int pbc_param_init_g(pbc_param_ptr par, struct symtab_s *tab) {
+ g_init(par);
+ g_param_ptr p = par->data;
+ char s[80];
+
+ int err = 0;
+ err += lookup_mpz(p->q, tab, "q");
+ err += lookup_mpz(p->n, tab, "n");
+ err += lookup_mpz(p->h, tab, "h");
+ err += lookup_mpz(p->r, tab, "r");
+ err += lookup_mpz(p->a, tab, "a");
+ err += lookup_mpz(p->b, tab, "b");
+ err += lookup_mpz(p->nk, tab, "nk");
+ err += lookup_mpz(p->hk, tab, "hk");
+ err += lookup_mpz(p->nqr, tab, "nqr");
+
+ p->coeff = pbc_realloc(p->coeff, sizeof(mpz_t) * 5);
+ int i;
+ for (i = 0; i < 5; i++) {
+ sprintf(s, "coeff%d", i);
+ mpz_init(p->coeff[i]);
+ err += lookup_mpz(p->coeff[i], tab, s);
+ }
+ return err;
+}
+
+void pbc_param_init_g_gen(pbc_param_t p, pbc_cm_ptr cm) {
+ g_init(p);
+ g_param_ptr param = p->data;
+ field_t Fq, Fqx, Fqd;
+ element_t irred, nqr;
+ int i;
+
+ compute_cm_curve(param, cm);
+
+ field_init_fp(Fq, param->q);
+ field_init_poly(Fqx, Fq);
+ element_init(irred, Fqx);
+ do {
+ poly_random_monic(irred, 5);
+ } while (!poly_is_irred(irred));
+ field_init_polymod(Fqd, irred);
+
+ // Find a quadratic nonresidue of Fqd lying in Fq.
+ element_init(nqr, Fqd);
+ do {
+ element_random(((element_t *) nqr->data)[0]);
+ } while (element_is_sqr(nqr));
+
+ param->coeff = pbc_realloc(param->coeff, sizeof(mpz_t) * 5);
+
+ for (i=0; i<5; i++) {
+ mpz_init(param->coeff[i]);
+ element_to_mpz(param->coeff[i], element_item(irred, i));
+ }
+ element_to_mpz(param->nqr, ((element_t *) nqr->data)[0]);
+
+ element_clear(nqr);
+ element_clear(irred);
+
+ field_clear(Fqx);
+ field_clear(Fqd);
+ field_clear(Fq);
+}
diff --git a/moon-abe/pbc-0.5.14/ecc/hilbert.c b/moon-abe/pbc-0.5.14/ecc/hilbert.c
new file mode 100644
index 00000000..753e70e0
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/ecc/hilbert.c
@@ -0,0 +1,539 @@
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h> //for pbc_malloc, pbc_free
+#include <gmp.h>
+#include <math.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_poly.h"
+#include "pbc_hilbert.h"
+#include "pbc_memory.h"
+
+#include "misc/darray.h"
+#include "mpc.h"
+
+static mpf_t pi, eulere, recipeulere, epsilon, negepsilon;
+
+static void mpf_exp(mpf_t res, mpf_t pwr) {
+ mpf_t a;
+ mpf_t f0;
+ int i;
+
+ mpf_init(a); mpf_set(a, pwr);
+
+ mpf_init(f0);
+
+ mpf_set(f0, a);
+ mpf_add_ui(res, a, 1);
+
+ for (i=2;;i++) {
+ mpf_mul(f0, f0, a);
+ mpf_div_ui(f0, f0, i);
+ if (mpf_sgn(f0) > 0) {
+ if (mpf_cmp(f0, epsilon) < 0) break;
+ } else {
+ if (mpf_cmp(f0, negepsilon) > 0) break;
+ }
+ mpf_add(res, res, f0);
+ }
+
+ mpf_clear(f0);
+ mpf_clear(a);
+}
+
+static void mpc_cis(mpc_t res, mpf_t theta) {
+ mpf_t a;
+
+ mpf_init(a); mpf_set(a, theta);
+ //res = exp(i a)
+ // = cos a + i sin a
+ //converges quickly near the origin
+ mpf_t f0;
+ mpf_ptr rx = mpc_re(res), ry = mpc_im(res);
+ int i;
+ int toggle = 1;
+
+ mpf_init(f0);
+
+ mpf_set(f0, a);
+ mpf_set_ui(rx, 1);
+ mpf_set(ry, f0);
+ i = 1;
+ for(;;) {
+ toggle = !toggle;
+ i++;
+ mpf_div_ui(f0, f0, i);
+ mpf_mul(f0, f0, a);
+ if (toggle) {
+ mpf_add(rx, rx, f0);
+ } else {
+ mpf_sub(rx, rx, f0);
+ }
+
+ i++;
+ mpf_div_ui(f0, f0, i);
+ mpf_mul(f0, f0, a);
+
+ if (toggle) {
+ mpf_add(ry, ry, f0);
+ } else {
+ mpf_sub(ry, ry, f0);
+ }
+
+ if (mpf_sgn(f0) > 0) {
+ if (mpf_cmp(f0, epsilon) < 0) break;
+ } else {
+ if (mpf_cmp(f0, negepsilon) > 0) break;
+ }
+ }
+
+ mpf_clear(f0);
+ mpf_clear(a);
+}
+
+// Computes q = exp(2 pi i tau).
+static void compute_q(mpc_t q, mpc_t tau) {
+ mpc_t z0;
+ mpf_t f0, f1;
+ mpf_ptr fp0;
+ unsigned long pwr;
+
+ mpc_init(z0);
+ mpf_init(f0);
+ mpf_init(f1);
+
+ //compute z0 = 2 pi i tau
+ mpc_set(z0, tau);
+ //first remove integral part of Re(tau)
+ //since exp(2 pi i) = 1
+ //it seems |Re(tau)| < 1 anyway?
+ fp0 = mpc_re(z0);
+ mpf_trunc(f1, fp0);
+ mpf_sub(fp0, fp0, f1);
+
+ mpc_mul_mpf(z0, z0, pi);
+ mpc_mul_ui(z0, z0, 2);
+ mpc_muli(z0, z0);
+
+ //compute q = exp(z0);
+ //first write z0 = A + a + b i
+ //where A is a (negative) integer
+ //and a, b are in [-1, 1]
+ //compute e^A separately
+ fp0 = mpc_re(z0);
+ pwr = mpf_get_ui(fp0);
+ mpf_pow_ui(f0, recipeulere, pwr);
+ mpf_add_ui(fp0, fp0, pwr);
+
+ mpf_exp(f1, mpc_re(z0));
+ mpf_mul(f0, f1, f0);
+ mpc_cis(q, mpc_im(z0));
+
+ /*
+ old_mpc_exp(q, z0);
+ */
+ mpc_mul_mpf(q, q, f0);
+
+ mpc_clear(z0);
+ mpf_clear(f0);
+ mpf_clear(f1);
+}
+
+// Computes z = Delta(q) (see Cohen).
+static void compute_Delta(mpc_t z, mpc_t q) {
+ int d;
+ int n;
+ int power;
+ mpc_t z0, z1, z2;
+
+ mpc_init(z0);
+ mpc_init(z1);
+ mpc_init(z2);
+
+ mpc_set_ui(z0, 1);
+ d = -1;
+ for(n=1; n<100; n++) {
+ power = n *(3 * n - 1) / 2;
+ mpc_pow_ui(z1, q, power);
+ mpc_pow_ui(z2, q, n);
+ mpc_mul(z2, z2, z1);
+ mpc_add(z1, z1, z2);
+ if (d) {
+ mpc_sub(z0, z0, z1);
+ d = 0;
+ } else {
+ mpc_add(z0, z0, z1);
+ d = 1;
+ }
+ }
+
+ mpc_pow_ui(z0, z0, 24);
+ mpc_mul(z, z0, q);
+
+ mpc_clear(z0);
+ mpc_clear(z1);
+ mpc_clear(z2);
+}
+
+// Computes z = h(tau)
+// (called h() by Blake et al, f() by Cohen.)
+static void compute_h(mpc_t z, mpc_t tau) {
+ mpc_t z0, z1, q;
+ mpc_init(q);
+ mpc_init(z0);
+ mpc_init(z1);
+ compute_q(q, tau);
+ mpc_mul(z0, q, q);
+ compute_Delta(z0, z0);
+ compute_Delta(z1, q);
+ mpc_div(z, z0, z1);
+ mpc_clear(q);
+ mpc_clear(z0);
+ mpc_clear(z1);
+}
+
+// Computes j = j(tau).
+static void compute_j(mpc_t j, mpc_t tau) {
+ mpc_t h;
+ mpc_t z0;
+ mpc_init(h);
+ mpc_init(z0);
+ compute_h(h, tau);
+ //mpc_mul_ui(z0, h, 256);
+ mpc_mul_2exp(z0, h, 8);
+ mpc_add_ui(z0, z0, 1);
+ mpc_pow_ui(z0, z0, 3);
+ mpc_div(j, z0, h);
+ mpc_clear(z0);
+ mpc_clear(h);
+}
+
+static void compute_pi(int prec) {
+ //Chudnovsky brothers' Ramanujan formula
+ //http://www.cs.uwaterloo.ca/~alopez-o/math-faq/mathtext/node12.html
+ mpz_t k1, k2, k4, k5, d;
+ unsigned int k3 = 640320;
+ unsigned int k6 = 53360;
+ mpz_t z0, z1, z2;
+ mpq_t p, q;
+ mpf_t f1;
+ int toggle = 1;
+ int n;
+ //converges fast: each term gives over 47 bits
+ int nlimit = prec / 47 + 1;
+
+ mpz_init(k1);
+ mpz_init(k2);
+ mpz_init(k4);
+ mpz_init(k5);
+ mpz_init(d);
+ mpz_init(z0);
+ mpz_init(z1);
+ mpz_init(z2);
+ mpq_init(q);
+ mpq_init(p);
+ mpf_init(f1);
+
+ mpz_set_str(k1, "545140134", 10);
+ mpz_set_str(k2, "13591409", 10);
+ mpz_set_str(k4, "100100025", 10);
+ mpz_set_str(k5, "327843840", 10);
+
+ mpz_mul(d, k4, k5);
+ mpz_mul_2exp(d, d, 3);
+ mpq_set_ui(p, 0, 1);
+
+ for (n=0; n<nlimit; n++) {
+ mpz_fac_ui(z0, 6*n);
+ mpz_mul_ui(z1, k1, n);
+ mpz_add(z1, z1, k2);
+ mpz_mul(z0, z0, z1);
+
+ mpz_fac_ui(z1, 3*n);
+ mpz_fac_ui(z2, n);
+ mpz_pow_ui(z2, z2, 3);
+ mpz_mul(z1, z1, z2);
+ mpz_pow_ui(z2, d, n);
+ mpz_mul(z1, z1, z2);
+
+ mpz_set(mpq_numref(q), z0);
+ mpz_set(mpq_denref(q), z1);
+ mpq_canonicalize(q);
+ if (toggle) {
+ mpq_add(p, p, q);
+ } else {
+ mpq_sub(p, p, q);
+ }
+ toggle = !toggle;
+ }
+ mpq_inv(q, p);
+ mpz_mul_ui(mpq_numref(q), mpq_numref(q), k6);
+ mpq_canonicalize(q);
+ mpf_set_q(pi, q);
+ mpf_sqrt_ui(f1, k3);
+ mpf_mul(pi, pi, f1);
+ //mpf_out_str(stdout, 0, 14 * nlimit, pi);
+ //printf("\n");
+
+ mpz_clear(k1);
+ mpz_clear(k2);
+ mpz_clear(k4);
+ mpz_clear(k5);
+ mpz_clear(d);
+ mpz_clear(z0);
+ mpz_clear(z1);
+ mpz_clear(z2);
+ mpq_clear(q);
+ mpq_clear(p);
+ mpf_clear(f1);
+}
+
+static void precision_init(int prec) {
+ int i;
+ mpf_t f0;
+
+ mpf_set_default_prec(prec);
+ mpf_init2(epsilon, 2);
+ mpf_init2(negepsilon, 2);
+ mpf_init(recipeulere);
+ mpf_init(pi);
+ mpf_init(eulere);
+
+ mpf_set_ui(epsilon, 1);
+ mpf_div_2exp(epsilon, epsilon, prec);
+ mpf_neg(negepsilon, epsilon);
+
+ mpf_init(f0);
+ mpf_set_ui(eulere, 1);
+ mpf_set_ui(f0, 1);
+ for (i=1;; i++) {
+ mpf_div_ui(f0, f0, i);
+ if (mpf_cmp(f0, epsilon) < 0) {
+ break;
+ }
+ mpf_add(eulere, eulere, f0);
+ }
+ mpf_clear(f0);
+
+ mpf_ui_div(recipeulere, 1, eulere);
+
+ compute_pi(prec);
+}
+
+static void precision_clear(void) {
+ mpf_clear(eulere);
+ mpf_clear(recipeulere);
+ mpf_clear(pi);
+ mpf_clear(epsilon);
+ mpf_clear(negepsilon);
+}
+
+// See Cohen; my D is -D in his notation.
+size_t pbc_hilbert(mpz_t **arr, int D) {
+ int a, b;
+ int t;
+ int B = floor(sqrt((double) D / 3.0));
+ mpc_t alpha;
+ mpc_t j;
+ mpf_t sqrtD;
+ mpf_t f0;
+ darray_t Pz;
+ mpc_t z0, z1, z2;
+ double d = 1.0;
+ int h = 1;
+ int jcount = 1;
+
+ // Compute required precision.
+ b = D % 2;
+ for (;;) {
+ t = (b*b + D) / 4;
+ a = b;
+ if (a <= 1) {
+ a = 1;
+ goto step535_4;
+ }
+step535_3:
+ if (!(t % a)) {
+ jcount++;
+ if ((a == b) || (a*a == t) || !b) {
+ d += 1.0 / ((double) a);
+ h++;
+ } else {
+ d += 2.0 / ((double) a);
+ h+=2;
+ }
+ }
+step535_4:
+ a++;
+ if (a * a <= t) {
+ goto step535_3;
+ } else {
+ b += 2;
+ if (b > B) break;
+ }
+ }
+
+ //printf("modulus: %f\n", exp(3.14159265358979 * sqrt(D)) * d * 0.5);
+ d *= sqrt(D) * 3.14159265358979 / log(2);
+ precision_init(d + 34);
+ pbc_info("class number %d, %d bit precision", h, (int) d + 34);
+
+ darray_init(Pz);
+ mpc_init(alpha);
+ mpc_init(j);
+ mpc_init(z0);
+ mpc_init(z1);
+ mpc_init(z2);
+ mpf_init(sqrtD);
+ mpf_init(f0);
+
+ mpf_sqrt_ui(sqrtD, D);
+ b = D % 2;
+ h = 0;
+ for (;;) {
+ t = (b*b + D) / 4;
+ if (b > 1) {
+ a = b;
+ } else {
+ a = 1;
+ }
+step3:
+ if (t % a) {
+step4:
+ a++;
+ if (a * a <= t) goto step3;
+ } else {
+ // a, b, t/a are coeffs of an appropriate primitive reduced positive
+ // definite form.
+ // Compute j((-b + sqrt{-D})/(2a)).
+ h++;
+ pbc_info("[%d/%d] a b c = %d %d %d", h, jcount, a, b, t/a);
+ mpf_set_ui(f0, 1);
+ mpf_div_ui(f0, f0, 2 * a);
+ mpf_mul(mpc_im(alpha), sqrtD, f0);
+ mpf_mul_ui(f0, f0, b);
+ mpf_neg(mpc_re(alpha), f0);
+
+ compute_j(j, alpha);
+if (0) {
+ int i;
+ for (i=Pz->count - 1; i>=0; i--) {
+ printf("P %d = ", i);
+ mpc_out_str(stdout, 10, 4, Pz->item[i]);
+ printf("\n");
+ }
+}
+ if (a == b || a * a == t || !b) {
+ // P *= X - j
+ int i, n;
+ mpc_ptr p0;
+ p0 = (mpc_ptr) pbc_malloc(sizeof(mpc_t));
+ mpc_init(p0);
+ mpc_neg(p0, j);
+ n = Pz->count;
+ if (n) {
+ mpc_set(z1, Pz->item[0]);
+ mpc_add(Pz->item[0], z1, p0);
+ for (i=1; i<n; i++) {
+ mpc_mul(z0, z1, p0);
+ mpc_set(z1, Pz->item[i]);
+ mpc_add(Pz->item[i], z1, z0);
+ }
+ mpc_mul(p0, p0, z1);
+ }
+ darray_append(Pz, p0);
+ } else {
+ // P *= X^2 - 2 Re(j) X + |j|^2
+ int i, n;
+ mpc_ptr p0, p1;
+ p0 = (mpc_ptr) pbc_malloc(sizeof(mpc_t));
+ p1 = (mpc_ptr) pbc_malloc(sizeof(mpc_t));
+ mpc_init(p0);
+ mpc_init(p1);
+ // p1 = - 2 Re(j)
+ mpf_mul_ui(f0, mpc_re(j), 2);
+ mpf_neg(f0, f0);
+ mpf_set(mpc_re(p1), f0);
+ // p0 = |j|^2
+ mpf_mul(f0, mpc_re(j), mpc_re(j));
+ mpf_mul(mpc_re(p0), mpc_im(j), mpc_im(j));
+ mpf_add(mpc_re(p0), mpc_re(p0), f0);
+ n = Pz->count;
+ if (!n) {
+ } else if (n == 1) {
+ mpc_set(z1, Pz->item[0]);
+ mpc_add(Pz->item[0], z1, p1);
+ mpc_mul(p1, z1, p1);
+ mpc_add(p1, p1, p0);
+ mpc_mul(p0, p0, z1);
+ } else {
+ mpc_set(z2, Pz->item[0]);
+ mpc_set(z1, Pz->item[1]);
+ mpc_add(Pz->item[0], z2, p1);
+ mpc_mul(z0, z2, p1);
+ mpc_add(Pz->item[1], z1, z0);
+ mpc_add(Pz->item[1], Pz->item[1], p0);
+ for (i=2; i<n; i++) {
+ mpc_mul(z0, z1, p1);
+ mpc_mul(alpha, z2, p0);
+ mpc_set(z2, z1);
+ mpc_set(z1, Pz->item[i]);
+ mpc_add(alpha, alpha, z0);
+ mpc_add(Pz->item[i], z1, alpha);
+ }
+ mpc_mul(z0, z2, p0);
+ mpc_mul(p1, p1, z1);
+ mpc_add(p1, p1, z0);
+ mpc_mul(p0, p0, z1);
+ }
+ darray_append(Pz, p1);
+ darray_append(Pz, p0);
+ }
+ goto step4;
+ }
+ b+=2;
+ if (b > B) break;
+ }
+
+ // Round polynomial and assign.
+ int k = 0;
+ {
+ *arr = pbc_malloc(sizeof(mpz_t) * (Pz->count + 1));
+ int i;
+ for (i=Pz->count - 1; i>=0; i--) {
+ if (mpf_sgn(mpc_re(Pz->item[i])) < 0) {
+ mpf_set_d(f0, -0.5);
+ } else {
+ mpf_set_d(f0, 0.5);
+ }
+ mpf_add(f0, f0, mpc_re(Pz->item[i]));
+ mpz_init((*arr)[k]);
+ mpz_set_f((*arr)[k], f0);
+ k++;
+ mpc_clear(Pz->item[i]);
+ pbc_free(Pz->item[i]);
+ }
+ mpz_init((*arr)[k]);
+ mpz_set_ui((*arr)[k], 1);
+ k++;
+ }
+ darray_clear(Pz);
+ mpc_clear(z0);
+ mpc_clear(z1);
+ mpc_clear(z2);
+ mpf_clear(f0);
+ mpf_clear(sqrtD);
+ mpc_clear(alpha);
+ mpc_clear(j);
+
+ precision_clear();
+ return k;
+}
+
+void pbc_hilbert_free(mpz_t *arr, size_t n) {
+ size_t i;
+
+ for (i = 0; i < n; i++) mpz_clear(arr[i]);
+ pbc_free(arr);
+}
diff --git a/moon-abe/pbc-0.5.14/ecc/mnt.c b/moon-abe/pbc-0.5.14/ecc/mnt.c
new file mode 100644
index 00000000..230442fc
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/ecc/mnt.c
@@ -0,0 +1,496 @@
+// Routines for finding:
+// * MNT curves with embedding degree 6
+// * Freeman curves (which have embedding degree 10)
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdint.h> // for intptr_t
+#include <gmp.h>
+#include "pbc_mnt.h"
+#include "pbc_memory.h"
+#include "pbc_utils.h"
+#include "misc/darray.h"
+
+struct pell_solution_s {
+ int count;
+ mpz_t minx; //minimal solution of x^2 - Dy^2 = 1
+ mpz_t miny;
+ mpz_t *x;
+ mpz_t *y;
+};
+typedef struct pell_solution_s pell_solution_t[1];
+typedef struct pell_solution_s *pell_solution_ptr;
+
+static void freempz(void *data) {
+ mpz_clear(data);
+ pbc_free(data);
+}
+
+// Solves x^2 - Dy^2 = N where D not a square.
+// For square D, we have (x+Dy)(x-Dy) = N so we look at the factors of N.
+static void general_pell(pell_solution_t ps, mpz_t D, int N) {
+ // TODO: Use brute force for small D.
+ int i, sgnN = N > 0 ? 1 : -1;
+ intptr_t f, n;
+
+ // Find square factors of N.
+ darray_t listf;
+ darray_init(listf);
+
+ f = 1;
+ for (;;) {
+ n = f * f;
+ if (n > abs(N)) break;
+ if (!(abs(N) % n)) {
+ darray_append(listf, int_to_voidp(f));
+ }
+ f++;
+ }
+
+ //a0, twice_a0 don't change once initialized
+ //a1 is a_i every iteration
+ //P0, P1 become P_{i-1}, P_i every iteration
+ //similarly for Q0, Q1
+ mpz_t a0, twice_a0, a1;
+ mpz_t P0, P1;
+ mpz_t Q0, Q1;
+ //variables to compute the convergents
+ mpz_t p0, p1, pnext;
+ mpz_t q0, q1, qnext;
+
+ int d;
+
+ darray_t listp, listq;
+ mpz_ptr zptr;
+
+ mpz_init(a0);
+ mpz_init(twice_a0);
+ mpz_init(a1);
+ mpz_init(P0); mpz_init(P1);
+ mpz_init(Q0); mpz_init(Q1);
+ mpz_init(p0); mpz_init(p1); mpz_init(pnext);
+ mpz_init(q0); mpz_init(q1); mpz_init(qnext);
+
+ darray_init(listp);
+ darray_init(listq);
+
+ mpz_sqrt(a0, D);
+ mpz_set_ui(P0, 0);
+ mpz_set_ui(Q0, 1);
+
+ mpz_set(P1, a0);
+ mpz_mul(Q1, a0, a0);
+ mpz_sub(Q1, D, Q1);
+ mpz_add(a1, a0, P1);
+ mpz_tdiv_q(a1, a1, Q1);
+
+ mpz_add(twice_a0, a0, a0);
+
+ mpz_set(p0, a0);
+ mpz_set_ui(q0, 1);
+ mpz_mul(p1, a0, a1);
+ mpz_add_ui(p1, p1, 1);
+ mpz_set(q1, a1);
+
+ d = -1;
+ for(;;) {
+ if (d == sgnN) {
+ for (i=0; i<listf->count; i++) {
+ f = (intptr_t) listf->item[i];
+ if (!mpz_cmp_ui(Q1, abs(N) / (f * f))) {
+//element_printf("found %Zd, %Zd, %d\n", p0, q0, f);
+ zptr = (mpz_ptr) pbc_malloc(sizeof(mpz_t));
+ mpz_init(zptr);
+ mpz_set(zptr, p0);
+ mpz_mul_ui(zptr, p0, f);
+ darray_append(listp, zptr);
+ zptr = (mpz_ptr) pbc_malloc(sizeof(mpz_t));
+ mpz_init(zptr);
+ mpz_set(zptr, q0);
+ mpz_mul_ui(zptr, q0, f);
+ darray_append(listq, zptr);
+ }
+ }
+ }
+
+ if (!mpz_cmp(twice_a0, a1) && d == 1) break;
+ //compute more of the continued fraction expansion
+ mpz_set(P0, P1);
+ mpz_mul(P1, a1, Q1);
+ mpz_sub(P1, P1, P0);
+ mpz_set(Q0, Q1);
+ mpz_mul(Q1, P1, P1);
+ mpz_sub(Q1, D, Q1);
+ mpz_divexact(Q1, Q1, Q0);
+ mpz_add(a1, a0, P1);
+ mpz_tdiv_q(a1, a1, Q1);
+
+ //compute next convergent
+ mpz_mul(pnext, a1, p1);
+ mpz_add(pnext, pnext, p0);
+ mpz_set(p0, p1);
+ mpz_set(p1, pnext);
+
+ mpz_mul(qnext, a1, q1);
+ mpz_add(qnext, qnext, q0);
+ mpz_set(q0, q1);
+ mpz_set(q1, qnext);
+ d = -d;
+ }
+ darray_clear(listf);
+
+ mpz_init(ps->minx);
+ mpz_init(ps->miny);
+ mpz_set(ps->minx, p0);
+ mpz_set(ps->miny, q0);
+ n = listp->count;
+ ps->count = n;
+ if (n) {
+ ps->x = (mpz_t *) pbc_malloc(sizeof(mpz_t) * n);
+ ps->y = (mpz_t *) pbc_malloc(sizeof(mpz_t) * n);
+ for (i = 0; i < n; i++) {
+ mpz_init(ps->x[i]);
+ mpz_init(ps->y[i]);
+ mpz_set(ps->x[i], (mpz_ptr) listp->item[i]);
+ mpz_set(ps->y[i], (mpz_ptr) listq->item[i]);
+ }
+ }
+
+ mpz_clear(a0);
+ mpz_clear(twice_a0);
+ mpz_clear(a1);
+ mpz_clear(P0); mpz_clear(P1);
+ mpz_clear(Q0); mpz_clear(Q1);
+ mpz_clear(p0); mpz_clear(p1); mpz_clear(pnext);
+ mpz_clear(q0); mpz_clear(q1); mpz_clear(qnext);
+
+ darray_forall(listp, freempz);
+ darray_forall(listq, freempz);
+ darray_clear(listp);
+ darray_clear(listq);
+}
+
+static void pell_solution_clear(pell_solution_t ps) {
+ int i, n = ps->count;
+
+ if (n) {
+ for (i=0; i<n; i++) {
+ mpz_clear(ps->x[i]);
+ mpz_clear(ps->y[i]);
+ }
+ pbc_free(ps->x);
+ pbc_free(ps->y);
+ }
+ mpz_clear(ps->minx);
+ mpz_clear(ps->miny);
+}
+
+void pbc_cm_init(pbc_cm_t cm) {
+ mpz_init(cm->q);
+ mpz_init(cm->r);
+ mpz_init(cm->h);
+ mpz_init(cm->n);
+}
+
+void pbc_cm_clear(pbc_cm_t cm) {
+ mpz_clear(cm->q);
+ mpz_clear(cm->r);
+ mpz_clear(cm->h);
+ mpz_clear(cm->n);
+}
+
+static int mnt_step2(int (*callback)(pbc_cm_t, void *), void *data,
+ unsigned int D, mpz_t U) {
+ int d;
+ mpz_t n, l, q;
+ mpz_t p;
+ mpz_t r, cofac;
+
+ mpz_init(l);
+ mpz_mod_ui(l, U, 6);
+ if (!mpz_cmp_ui(l, 1)) {
+ mpz_sub_ui(l, U, 1);
+ d = 1;
+ } else if (!mpz_cmp_ui(l, 5)) {
+ mpz_add_ui(l, U, 1);
+ d = -1;
+ } else {
+ mpz_clear(l);
+ return 0;
+ }
+
+ mpz_divexact_ui(l, l, 3);
+ mpz_init(q);
+
+ mpz_mul(q, l, l);
+ mpz_add_ui(q, q, 1);
+ if (!mpz_probab_prime_p(q, 10)) {
+ mpz_clear(q);
+ mpz_clear(l);
+ return 0;
+ }
+
+ mpz_init(n);
+ if (d < 0) {
+ mpz_sub(n, q, l);
+ } else {
+ mpz_add(n, q, l);
+ }
+
+ mpz_init(p);
+ mpz_init(r);
+ mpz_init(cofac);
+ {
+ mpz_set_ui(cofac, 1);
+ mpz_set(r, n);
+ mpz_set_ui(p, 2);
+ if (!mpz_probab_prime_p(r, 10)) for(;;) {
+ if (mpz_divisible_p(r, p)) do {
+ mpz_mul(cofac, cofac, p);
+ mpz_divexact(r, r, p);
+ } while (mpz_divisible_p(r, p));
+ if (mpz_probab_prime_p(r, 10)) break;
+ //TODO: use a table of primes instead?
+ mpz_nextprime(p, p);
+ if (mpz_sizeinbase(p, 2) > 16) {
+ //printf("has 16+ bit factor\n");
+ mpz_clear(r);
+ mpz_clear(p);
+ mpz_clear(cofac);
+ mpz_clear(q);
+ mpz_clear(l);
+ mpz_clear(n);
+ return 0;
+ }
+ }
+ }
+
+ pbc_cm_t cm;
+ pbc_cm_init(cm);
+ cm->k = 6;
+ cm->D = D;
+ mpz_set(cm->q, q);
+ mpz_set(cm->r, r);
+ mpz_set(cm->h, cofac);
+ mpz_set(cm->n, n);
+ int res = callback(cm, data);
+ pbc_cm_clear(cm);
+
+ mpz_clear(cofac);
+ mpz_clear(r);
+ mpz_clear(p);
+ mpz_clear(q);
+ mpz_clear(l);
+ mpz_clear(n);
+ return res;
+}
+
+int pbc_cm_search_d(int (*callback)(pbc_cm_t, void *), void *data,
+ unsigned int D, unsigned int bitlimit) {
+ mpz_t D3;
+ mpz_t t0, t1, t2;
+
+ mpz_init(D3);
+ mpz_set_ui(D3, D * 3);
+
+ if (mpz_perfect_square_p(D3)) {
+ // The only squares that differ by 8 are 1 and 9,
+ // which we get if U=V=1, D=3, but then l is not an integer.
+ mpz_clear(D3);
+ return 0;
+ }
+
+ mpz_init(t0);
+ mpz_init(t1);
+ mpz_init(t2);
+
+ pell_solution_t ps;
+ general_pell(ps, D3, -8);
+
+ int i, n;
+ int res = 0;
+ n = ps->count;
+ if (n) for (;;) {
+ for (i=0; i<n; i++) {
+ //element_printf("%Zd, %Zd\n", ps->x[i], ps->y[i]);
+ res = mnt_step2(callback, data, D, ps->x[i]);
+ if (res) goto toobig;
+ //compute next solution as follows
+ //if p, q is current solution
+ //compute new solution p', q' via
+ //(p + q sqrt{3D})(t + u sqrt{3D}) = p' + q' sqrt(3D)
+ //where t, u is min. solution to Pell equation
+ mpz_mul(t0, ps->minx, ps->x[i]);
+ mpz_mul(t1, ps->miny, ps->y[i]);
+ mpz_mul(t1, t1, D3);
+ mpz_add(t0, t0, t1);
+ if (2 * mpz_sizeinbase(t0, 2) > bitlimit + 10) goto toobig;
+ mpz_mul(t2, ps->minx, ps->y[i]);
+ mpz_mul(t1, ps->miny, ps->x[i]);
+ mpz_add(t2, t2, t1);
+ mpz_set(ps->x[i], t0);
+ mpz_set(ps->y[i], t2);
+ }
+ }
+toobig:
+
+ pell_solution_clear(ps);
+ mpz_clear(t0);
+ mpz_clear(t1);
+ mpz_clear(t2);
+ mpz_clear(D3);
+ return res;
+}
+
+static int freeman_step2(int (*callback)(pbc_cm_t, void *), void *data,
+ unsigned int D, mpz_t U) {
+ mpz_t n, x, q;
+ mpz_t p;
+ mpz_t r, cofac;
+ pbc_cm_t cm;
+
+ mpz_init(x);
+ mpz_mod_ui(x, U, 15);
+ if (!mpz_cmp_ui(x, 5)) {
+ mpz_sub_ui(x, U, 5);
+ } else if (!mpz_cmp_ui(x, 10)) {
+ mpz_add_ui(x, U, 5);
+ } else {
+ pbc_die("should never reach here");
+ mpz_clear(x);
+ return 0;
+ }
+
+ mpz_divexact_ui(x, x, 15);
+ mpz_init(q);
+ mpz_init(r);
+
+ //q = 25x^4 + 25x^3 + 25x^2 + 10x + 3
+ mpz_mul(r, x, x);
+ mpz_add(q, x, x);
+ mpz_mul_ui(r, r, 5);
+ mpz_add(q, q, r);
+ mpz_mul(r, r, x);
+ mpz_add(q, q, r);
+ mpz_mul(r, r, x);
+ mpz_add(q, q, r);
+ mpz_mul_ui(q, q, 5);
+ mpz_add_ui(q, q, 3);
+
+ if (!mpz_probab_prime_p(q, 10)) {
+ mpz_clear(q);
+ mpz_clear(r);
+ mpz_clear(x);
+ return 0;
+ }
+
+ //t = 10x^2 + 5x + 3
+ //n = q - t + 1
+ mpz_init(n);
+
+ mpz_mul_ui(n, x, 5);
+ mpz_mul(r, n, x);
+ mpz_add(r, r, r);
+ mpz_add(n, n, r);
+ mpz_sub(n, q, n);
+ mpz_sub_ui(n, n, 2);
+
+ mpz_init(p);
+ mpz_init(cofac);
+ {
+ mpz_set_ui(cofac, 1);
+ mpz_set(r, n);
+ mpz_set_ui(p, 2);
+ if (!mpz_probab_prime_p(r, 10)) for(;;) {
+ if (mpz_divisible_p(r, p)) do {
+ mpz_mul(cofac, cofac, p);
+ mpz_divexact(r, r, p);
+ } while (mpz_divisible_p(r, p));
+ if (mpz_probab_prime_p(r, 10)) break;
+ //TODO: use a table of primes instead?
+ mpz_nextprime(p, p);
+ if (mpz_sizeinbase(p, 2) > 16) {
+ //printf("has 16+ bit factor\n");
+ mpz_clear(r);
+ mpz_clear(p);
+ mpz_clear(cofac);
+ mpz_clear(q);
+ mpz_clear(x);
+ mpz_clear(n);
+ return 0;
+ }
+ }
+ }
+
+ pbc_cm_init(cm);
+ cm->k = 10;
+ cm->D = D;
+ mpz_set(cm->q, q);
+ mpz_set(cm->r, r);
+ mpz_set(cm->h, cofac);
+ mpz_set(cm->n, n);
+ int res = callback(cm, data);
+ pbc_cm_clear(cm);
+
+ mpz_clear(cofac);
+ mpz_clear(r);
+ mpz_clear(p);
+ mpz_clear(q);
+ mpz_clear(x);
+ mpz_clear(n);
+ return res;
+}
+
+int pbc_cm_search_g(int (*callback)(pbc_cm_t, void *), void *data,
+ unsigned int D, unsigned int bitlimit) {
+ int res = 0;
+ mpz_t D15;
+ mpz_t t0, t1, t2;
+
+ mpz_init(D15);
+ mpz_set_ui(D15, D);
+ mpz_mul_ui(D15, D15, 15);
+ if (mpz_perfect_square_p(D15)) {
+ mpz_clear(D15);
+ return 0;
+ }
+
+ mpz_init(t0);
+ mpz_init(t1);
+ mpz_init(t2);
+
+ pell_solution_t ps;
+ general_pell(ps, D15, -20);
+
+ int i, n;
+ n = ps->count;
+ if (n) for (;;) {
+ for (i=0; i<n; i++) {
+ res = freeman_step2(callback, data, D, ps->x[i]);
+ if (res) goto toobig;
+ // Compute next solution as follows:
+ // If p, q is current solution
+ // then compute new solution p', q' via
+ // (p + q sqrt{15D})(t + u sqrt{15D}) = p' + q' sqrt(15D)
+ // where t, u is min. solution to Pell equation
+ mpz_mul(t0, ps->minx, ps->x[i]);
+ mpz_mul(t1, ps->miny, ps->y[i]);
+ mpz_mul(t1, t1, D15);
+ mpz_add(t0, t0, t1);
+ if (2 * mpz_sizeinbase(t0, 2) > bitlimit + 10) goto toobig;
+ mpz_mul(t2, ps->minx, ps->y[i]);
+ mpz_mul(t1, ps->miny, ps->x[i]);
+ mpz_add(t2, t2, t1);
+ mpz_set(ps->x[i], t0);
+ mpz_set(ps->y[i], t2);
+ }
+ }
+toobig:
+
+ pell_solution_clear(ps);
+ mpz_clear(t0);
+ mpz_clear(t1);
+ mpz_clear(t2);
+ mpz_clear(D15);
+ return res;
+}
diff --git a/moon-abe/pbc-0.5.14/ecc/mpc.c b/moon-abe/pbc-0.5.14/ecc/mpc.c
new file mode 100644
index 00000000..e5341f99
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/ecc/mpc.c
@@ -0,0 +1,122 @@
+//GMP based complex floats
+#include <stdio.h>
+#include <gmp.h>
+#include "mpc.h"
+
+//(a+bi)(c+di) = ac - bd + ((a+b)(c+d) - ac - bd)i
+void mpc_mul(mpc_t res, mpc_t z0, mpc_t z1)
+{
+ mpf_t ac, bd, f0;
+ mpf_init(ac);
+ mpf_init(bd);
+ mpf_init(f0);
+ mpf_mul(ac, z0->a, z1->a);
+ mpf_mul(bd, z0->b, z1->b);
+ mpf_add(f0, z0->a, z0->b);
+ mpf_add(res->b, z1->a, z1->b);
+ mpf_mul(res->b, res->b, f0);
+ mpf_sub(res->b, res->b, ac);
+ mpf_sub(res->b, res->b, bd);
+ mpf_sub(res->a, ac, bd);
+ mpf_clear(f0);
+ mpf_clear(ac);
+ mpf_clear(bd);
+}
+
+void mpc_mul_2exp(mpc_t res, mpc_t z, unsigned long int e)
+{
+ mpf_mul_2exp(res->a, z->a, e);
+ mpf_mul_2exp(res->b, z->b, e);
+}
+
+//(a+bi)^2 = (a-b)(a+b) + 2abi
+void mpc_sqr(mpc_t res, mpc_t z)
+{
+ mpf_t f0, f1;
+ mpf_init(f0);
+ mpf_init(f1);
+ mpf_add(f0, z->a, z->b);
+ mpf_sub(f1, z->a, z->b);
+ mpf_mul(f0, f0, f1);
+ mpf_mul(f1, z->a, z->b);
+ mpf_set(res->a, f0);
+ mpf_add(res->b, f1, f1);
+ mpf_clear(f0);
+ mpf_clear(f1);
+}
+
+//1/(a+bi) = (1/(a^2 + b^2))(a-bi)
+//naive. TODO: use one that is less prone to (over/under)flows/precision loss
+void mpc_inv(mpc_t res, mpc_t z)
+{
+ mpf_t f0, f1;
+ mpf_init(f0);
+ mpf_init(f1);
+ mpf_mul(f0, z->a, z->a);
+ mpf_mul(f1, z->b, z->b);
+ mpf_add(f0, f0, f1);
+ mpf_ui_div(f0, 1, f0);
+ mpf_mul(res->a, z->a, f0);
+ mpf_neg(f0, f0);
+ mpf_mul(res->b, z->b, f0);
+ mpf_clear(f0);
+ mpf_clear(f1);
+}
+
+void mpc_div(mpc_t res, mpc_t z0, mpc_t z1)
+{
+ mpc_t c0;
+ mpc_init(c0);
+ mpc_inv(c0, z1);
+ mpc_mul(res, z0, c0);
+ mpc_clear(c0);
+}
+
+size_t mpc_out_str(FILE *stream, int base, size_t n_digits, mpc_t op)
+{
+ size_t result, status;
+ result = mpf_out_str(stream, base, n_digits, op->a);
+ if (!result) return 0;
+ if (mpf_sgn(op->b) >= 0) {
+ if (EOF == fputc('+', stream)) return 0;
+ result++;
+ }
+ status = mpf_out_str(stream, base, n_digits, op->b);
+ if (!status) return 0;
+ if (EOF == fputc('i', stream)) return 0;
+ return result + status + 1;
+}
+
+void mpc_pow_ui(mpc_t res, mpc_t z, unsigned int n)
+{
+ unsigned int m;
+ mpc_t z0;
+ mpc_init(z0);
+
+ //set m to biggest power of 2 less than n
+ for (m = 1; m <= n; m <<= 1);
+ m >>= 1;
+
+ mpf_set_ui(z0->a, 1);
+ mpf_set_ui(z0->b, 0);
+ while (m) {
+ mpc_mul(z0, z0, z0);
+ if (m & n) {
+ mpc_mul(z0, z0, z);
+ }
+ m >>= 1;
+ }
+ mpc_set(res, z0);
+ mpc_clear(z0);
+}
+
+void mpc_muli(mpc_t res, mpc_t z)
+{
+ //i(a+bi) = -b + ai
+ mpf_t f0;
+ mpf_init(f0);
+ mpf_neg(f0, z->b);
+ mpf_set(res->b, z->a);
+ mpf_set(res->a, f0);
+ mpf_clear(f0);
+}
diff --git a/moon-abe/pbc-0.5.14/ecc/mpc.h b/moon-abe/pbc-0.5.14/ecc/mpc.h
new file mode 100644
index 00000000..3588586b
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/ecc/mpc.h
@@ -0,0 +1,93 @@
+// Complex floats.
+// Called mpc_t, these complex numbers are built on GMP's mpf_t type.
+
+// Requires:
+// * stdio.h
+// * gmp.h
+
+#ifndef __PBC_MPC_H__
+#define __PBC_MPC_H__
+
+#pragma GCC visibility push(hidden)
+
+struct mpc_s {
+ mpf_t a;
+ mpf_t b;
+};
+typedef struct mpc_s mpc_t[1];
+typedef struct mpc_s *mpc_ptr;
+
+static inline void mpc_init(mpc_ptr c) {
+ mpf_init(c->a);
+ mpf_init(c->b);
+}
+
+static inline void mpc_clear(mpc_ptr c) {
+ mpf_clear(c->a);
+ mpf_clear(c->b);
+}
+
+static inline mpf_ptr mpc_re(mpc_ptr c) {
+ return c->a;
+}
+
+static inline mpf_ptr mpc_im(mpc_ptr c) {
+ return c->b;
+}
+
+static inline void mpc_add(mpc_ptr res, mpc_ptr z0, mpc_ptr z1) {
+ mpf_add(res->a, z0->a, z1->a);
+ mpf_add(res->b, z0->b, z1->b);
+}
+
+static inline void mpc_sub(mpc_ptr res, mpc_ptr z0, mpc_ptr z1) {
+ mpf_sub(res->a, z0->a, z1->a);
+ mpf_sub(res->b, z0->b, z1->b);
+}
+
+static inline void mpc_neg(mpc_ptr res, mpc_ptr z) {
+ mpf_neg(res->a, z->a);
+ mpf_neg(res->b, z->b);
+}
+
+static inline void mpc_conj(mpc_ptr res, mpc_ptr z) {
+ mpf_set(res->a, z->a);
+ mpf_neg(res->b, z->b);
+}
+
+static inline void mpc_set(mpc_t res, mpc_t z) {
+ mpf_set(res->a, z->a);
+ mpf_set(res->b, z->b);
+}
+
+static inline void mpc_set_ui(mpc_t res, unsigned long int n) {
+ mpf_set_ui(res->a, n);
+ mpf_set_ui(res->b, 0);
+}
+
+static inline void mpc_add_ui(mpc_t res, mpc_t z, unsigned long int n) {
+ mpf_add_ui(res->a, z->a, n);
+}
+
+static inline void mpc_mul_ui(mpc_t res, mpc_t z, unsigned long int n) {
+ mpf_mul_ui(res->a, z->a, n);
+ mpf_mul_ui(res->b, z->b, n);
+}
+
+static inline void mpc_mul_mpf(mpc_t res, mpc_t z, mpf_t f) {
+ mpf_mul(res->a, z->a, f);
+ mpf_mul(res->b, z->b, f);
+}
+
+void mpc_mul(mpc_t res, mpc_t z0, mpc_t z1);
+void mpc_mul_2exp(mpc_t res, mpc_t z, unsigned long int);
+void mpc_div(mpc_t res, mpc_t z0, mpc_t z1);
+void mpc_muli(mpc_t res, mpc_t z);
+void mpc_sqr(mpc_t res, mpc_t z);
+void mpc_inv(mpc_t res, mpc_t z);
+size_t mpc_out_str(FILE *stream, int base, size_t n_digits, mpc_t op);
+void mpc_pow_ui(mpc_t res, mpc_t z, unsigned int n);
+
+#pragma GCC visibility pop
+
+#endif //__PBC_MPC_H__
diff --git a/moon-abe/pbc-0.5.14/ecc/pairing.c b/moon-abe/pbc-0.5.14/ecc/pairing.c
new file mode 100644
index 00000000..48a9c8c6
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/ecc/pairing.c
@@ -0,0 +1,283 @@
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h>
+#include <string.h>
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_poly.h"
+#include "pbc_curve.h"
+#include "pbc_param.h"
+#include "pbc_pairing.h"
+#include "pbc_memory.h"
+
+static int generic_is_almost_coddh(element_ptr a, element_ptr b,
+ element_ptr c, element_ptr d, pairing_t pairing) {
+ int res = 0;
+ element_t t0, t1;
+
+ element_init(t0, pairing->GT);
+ element_init(t1, pairing->GT);
+ element_pairing(t0, a, d);
+ element_pairing(t1, b, c);
+ if (!element_cmp(t0, t1)) {
+ res = 1;
+ } else {
+ element_mul(t0, t0, t1);
+ if (element_is1(t0)) res = 1;
+ }
+ element_clear(t0);
+ element_clear(t1);
+ return res;
+}
+
+static void generic_prod_pairings(element_ptr out, element_t in1[],
+ element_t in2[], int n, pairing_t pairing) {
+ pairing->map(out, in1[0], in2[0], pairing);
+ element_t tmp;
+ element_init_same_as(tmp, out);
+ int i;
+ for(i = 1; i < n; i++) {
+ pairing->map(tmp, in1[i], in2[i], pairing);
+ element_mul(out, out, tmp);
+ }
+ element_clear(tmp);
+}
+
+static void phi_warning(element_ptr out, element_ptr in, pairing_ptr pairing) {
+ UNUSED_VAR(out);
+ UNUSED_VAR(in);
+ UNUSED_VAR(pairing);
+ printf("Phi() not implemented for this pairing type yet!\n");
+}
+
+static void default_option_set(struct pairing_s *pairing, char *key, char *value) {
+ UNUSED_VAR(pairing);
+ UNUSED_VAR(key);
+ UNUSED_VAR(value);
+}
+
+static void default_pp_init(pairing_pp_t p, element_ptr in1, pairing_t pairing) {
+ UNUSED_VAR(pairing);
+ p->data = (void *) in1;
+}
+
+static void default_pp_apply(element_ptr out, element_ptr in2, pairing_pp_t p) {
+ p->pairing->map(out, p->data, in2, p->pairing);
+}
+
+static void default_pp_clear(pairing_pp_t p) {
+ UNUSED_VAR(p);
+}
+
+void pairing_init_pbc_param(pairing_t pairing, pbc_param_ptr p) {
+ pairing->option_set = default_option_set;
+ pairing->pp_init = default_pp_init;
+ pairing->pp_clear = default_pp_clear;
+ pairing->pp_apply = default_pp_apply;
+ pairing->is_almost_coddh = generic_is_almost_coddh;
+ pairing->phi = phi_warning;
+ pairing->prod_pairings = generic_prod_pairings;
+ p->api->init_pairing(pairing, p->data);
+ pairing->G1->pairing = pairing;
+ pairing->G2->pairing = pairing;
+ pairing->GT->pairing = pairing;
+}
+
+int pairing_init_set_buf(pairing_t pairing, const char *input, size_t len) {
+ pbc_param_t par;
+ int res = pbc_param_init_set_buf(par, input, len);
+ if (res) {
+ pbc_error("error initializing pairing");
+ return 1;
+ }
+ pairing_init_pbc_param(pairing, par);
+ pbc_param_clear(par);
+ return 0;
+}
+
+int pairing_init_set_str(pairing_t pairing, const char *s) {
+ return pairing_init_set_buf(pairing, s, 0);
+}
+
+void pairing_clear(pairing_t pairing) {
+ pairing->clear_func(pairing);
+}
+
+// TODO: it's most likely better to add extra stuff to field_t
+// so no new data structures are needed to create mulitplicative subgroups.
+// Additionally the same code could be used with curve_t
+// Will consider it later, especially if timings turn out bad
+
+static void gt_out_info(FILE *out, field_ptr f) {
+ gmp_fprintf(out, "roots of unity, order %Zd, ", f->order);
+ field_out_info(out, f->data);
+}
+
+static void gt_from_hash(element_ptr e, void *data, int len) {
+ pairing_ptr pairing = e->field->pairing;
+ element_from_hash(e->data, data, len);
+ pairing->finalpow(e);
+}
+
+static void gt_random(element_ptr e) {
+ pairing_ptr pairing = e->field->pairing;
+ element_random(e->data);
+ pairing->finalpow(e);
+}
+
+// multiplicative subgroup of a field
+static void mulg_field_clear(field_t f) {
+ UNUSED_VAR(f);
+}
+
+static void mulg_init(element_ptr e) {
+ e->data = pbc_malloc(sizeof(element_t));
+ field_ptr f = e->field->data;
+ element_init(e->data, f);
+ element_set1(e->data);
+}
+
+static void mulg_clear(element_ptr e) {
+ element_clear(e->data);
+ pbc_free(e->data);
+}
+
+static void mulg_set(element_ptr x, element_t a) {
+ element_set(x->data, a->data);
+}
+
+static int mulg_cmp(element_ptr x, element_t a) {
+ return element_cmp(x->data, a->data);
+}
+
+static size_t mulg_out_str(FILE *stream, int base, element_ptr e) {
+ return element_out_str(stream, base, e->data);
+}
+
+static void mulg_set_multiz(element_ptr e, multiz m) {
+ return element_set_multiz(e->data, m);
+}
+
+static int mulg_set_str(element_ptr e, const char *s, int base) {
+ return element_set_str(e->data, s, base);
+}
+
+static int mulg_item_count(element_ptr e) {
+ return element_item_count(e->data);
+}
+
+static element_ptr mulg_item(element_ptr e, int i) {
+ return element_item(e->data, i);
+}
+
+static int mulg_to_bytes(unsigned char *data, element_ptr e) {
+ return element_to_bytes(data, e->data);
+}
+
+static int mulg_from_bytes(element_ptr e, unsigned char *data) {
+ return element_from_bytes(e->data, data);
+}
+
+static int mulg_length_in_bytes(element_ptr e) {
+ return element_length_in_bytes(e->data);
+}
+
+static int mulg_snprint(char *s, size_t n, element_ptr e) {
+ return element_snprint(s, n, e->data);
+}
+
+static void mulg_to_mpz(mpz_ptr z, element_ptr e) {
+ element_to_mpz(z, e->data);
+}
+
+static void mulg_set1(element_t e) {
+ element_set1(e->data);
+}
+
+static void mulg_mul(element_ptr x, element_t a, element_t b) {
+ element_mul(x->data, a->data, b->data);
+}
+
+static void mulg_div(element_ptr x, element_t a, element_t b) {
+ element_div(x->data, a->data, b->data);
+}
+
+static void mulg_invert(element_ptr x, element_t a) {
+ element_invert(x->data, a->data);
+}
+
+static int mulg_is1(element_ptr x) {
+ return element_is1(x->data);
+}
+
+static void mulg_pow_mpz(element_t x, element_t a, mpz_t n) {
+ element_pow_mpz(x->data, a->data, n);
+}
+
+static void mulg_pp_init(element_pp_t p, element_t in) {
+ p->data = pbc_malloc(sizeof(element_pp_t));
+ element_pp_init(p->data, in->data);
+}
+
+static void mulg_pp_clear(element_pp_t p) {
+ element_pp_clear(p->data);
+ pbc_free(p->data);
+}
+
+static void mulg_pp_pow(element_t out, mpz_ptr power, element_pp_t p) {
+ element_pp_pow(out->data, power, p->data);
+}
+
+void pairing_GT_init(pairing_ptr pairing, field_t f) {
+ field_ptr gt = pairing->GT;
+ field_init(gt);
+ gt->data = f;
+ f->pairing = pairing;
+ mpz_set(gt->order, pairing->r);
+ gt->field_clear = mulg_field_clear;
+ gt->out_info = gt_out_info;
+
+ gt->init = mulg_init;
+ gt->clear = mulg_clear;
+ gt->set = mulg_set;
+ gt->cmp = mulg_cmp;
+
+ gt->out_str = mulg_out_str;
+ gt->set_multiz = mulg_set_multiz;
+ gt->set_str = mulg_set_str;
+ gt->to_bytes = mulg_to_bytes;
+ gt->from_bytes = mulg_from_bytes;
+ gt->length_in_bytes = mulg_length_in_bytes;
+ gt->fixed_length_in_bytes = f->fixed_length_in_bytes;
+ gt->to_mpz = mulg_to_mpz;
+ gt->snprint = mulg_snprint;
+ gt->item = mulg_item;
+ gt->item_count = mulg_item_count;
+
+ // TODO: set gt->nqr to something?
+ // set is_sqr, sqrt to something?
+
+ // additive notation
+ gt->set0 = mulg_set1;
+ gt->add = mulg_mul;
+ gt->sub = mulg_div;
+ gt->mul_mpz = mulg_pow_mpz;
+ gt->neg = mulg_invert;
+ gt->is0 = mulg_is1;
+
+ // multiplicative notation
+ gt->set1 = mulg_set1;
+ gt->mul = mulg_mul;
+ gt->div = mulg_div;
+ gt->pow_mpz = mulg_pow_mpz;
+ gt->invert = mulg_invert;
+ gt->is1 = mulg_is1;
+ gt->pp_init = mulg_pp_init;
+ gt->pp_clear = mulg_pp_clear;
+ gt->pp_pow = mulg_pp_pow;
+
+ gt->random = gt_random;
+ gt->from_hash = gt_from_hash;
+}
diff --git a/moon-abe/pbc-0.5.14/ecc/param.c b/moon-abe/pbc-0.5.14/ecc/param.c
new file mode 100644
index 00000000..4fa25eef
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/ecc/param.c
@@ -0,0 +1,220 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdint.h> // for intptr_t
+#include <string.h>
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_memory.h"
+#include "pbc_param.h"
+#include "pbc_a_param.h"
+#include "pbc_mnt.h"
+#include "pbc_d_param.h"
+#include "pbc_e_param.h"
+#include "pbc_f_param.h"
+#include "pbc_a1_param.h"
+#include "pbc_g_param.h"
+#include "pbc_i_param.h"
+
+#include "misc/symtab.h"
+#include "ecc/param.h"
+
+// Parser that reads a bunch of strings and places them in a symbol table.
+// TODO: Replace with Flex/Bison?
+
+enum {
+ token_none = 0,
+ token_langle,
+ token_langleslash,
+ token_rangle,
+ token_word,
+ token_eof,
+};
+
+struct token_s {
+ int type;
+ char *s;
+};
+typedef struct token_s token_t[1];
+typedef struct token_s *token_ptr;
+
+// Reads next token from `input`.
+// Returns 1 on reaching `end` (if not NULL) or '\0' is read, 0 otherwise.
+static const char *token_get(token_t tok, const char *input, const char *end) {
+ char *buf;
+ int n = 32;
+ int i;
+ char c;
+ #define get() (((!end || input < end) && *input) ? (c = *input++, 0) : 1)
+ // Skip whitespace and comments.
+ for(;;) {
+ do {
+ if (get()) {
+ tok->type = token_eof;
+ return input;
+ }
+ } while (strchr(" \t\r\n", c));
+ if (c == '#') {
+ do {
+ if (get()) {
+ tok->type = token_eof;
+ return input;
+ }
+ } while (c != '\n');
+ } else break;
+ }
+
+ tok->type = token_word;
+ pbc_free(tok->s);
+ buf = (char *) pbc_malloc(n);
+ i = 0;
+ for (;;) {
+ buf[i] = c;
+ i++;
+ if (i == n) {
+ n += 32;
+ buf = (char *) pbc_realloc(buf, n);
+ }
+ if (get() || strchr(" \t\r\n</>", c)) break;
+ }
+ buf[i] = 0;
+ tok->s = buf;
+ return input;
+ #undef get
+}
+
+static void token_init(token_t tok) {
+ tok->type = token_none;
+ tok->s = NULL;
+}
+
+static void token_clear(token_t tok) {
+ pbc_free(tok->s);
+}
+
+static void read_symtab(symtab_t tab, const char *input, size_t limit) {
+ token_t tok;
+ const char *inputend = limit ? input + limit : NULL;
+ token_init(tok);
+ for (;;) {
+ input = token_get(tok, input, inputend);
+ if (tok->type != token_word) break;
+ char *key = pbc_strdup(tok->s);
+ input = token_get(tok, input, inputend);
+ if (tok->type != token_word) {
+ pbc_free(key);
+ break;
+ }
+ symtab_put(tab, pbc_strdup(tok->s), key);
+ pbc_free(key);
+ }
+ token_clear(tok);
+}
+
+// These functions have hidden visibility (see header).
+
+void param_out_type(FILE *stream, char *s) {
+ fprintf(stream, "type %s\n", s);
+}
+
+void param_out_mpz(FILE *stream, char *s, mpz_t z) {
+ fprintf(stream, "%s ", s);
+ mpz_out_str(stream, 0, z);
+ fprintf(stream, "\n");
+}
+
+void param_out_int(FILE *stream, char *s, int i) {
+ mpz_t z;
+ mpz_init(z);
+
+ mpz_set_si(z, i);
+ param_out_mpz(stream, s, z);
+ mpz_clear(z);
+}
+
+static const char *lookup(symtab_t tab, const char *key) {
+ if (!symtab_has(tab, key)) {
+ pbc_error("missing param: `%s'", key);
+ return NULL;
+ }
+ return symtab_at(tab, key);
+}
+
+int lookup_mpz(mpz_t z, symtab_t tab, const char *key) {
+ const char *data = lookup(tab, key);
+ if (!data) {
+ pbc_error("missing param: `%s'", key);
+ return 1;
+ }
+ mpz_set_str(z, data, 0);
+ return 0;
+}
+
+int lookup_int(int *n, symtab_t tab, const char *key) {
+ mpz_t z;
+ const char *data = lookup(tab, key);
+ if (!data) {
+ pbc_error("missing param: `%s'", key);
+ return 1;
+ }
+ mpz_init(z);
+
+ mpz_set_str(z, data, 0);
+ *n = mpz_get_si(z);
+ mpz_clear(z);
+
+ return 0;
+}
+
+static int param_set_tab(pbc_param_t par, symtab_t tab) {
+ const char *s = lookup(tab, "type");
+
+ static struct {
+ char *s;
+ int (*fun)(pbc_param_ptr, symtab_t tab);
+ } funtab[] = {
+ { "a", pbc_param_init_a },
+ { "d", pbc_param_init_d },
+ { "e", pbc_param_init_e },
+ { "f", pbc_param_init_f },
+ { "g", pbc_param_init_g },
+ { "a1", pbc_param_init_a1 },
+ { "i", pbc_param_init_i },
+ };
+
+ int res = 1;
+ if (s) {
+ unsigned int i;
+ for(i = 0; i < sizeof(funtab)/sizeof(*funtab); i++) {
+ if (!strcmp(s, funtab[i].s)) {
+ res = funtab[i].fun(par, tab);
+ if (res) pbc_error("bad pairing parameters");
+ return res;
+ }
+ }
+ }
+
+ pbc_error("unknown pairing type");
+ return res;
+}
+
+// Public functions:
+
+int pbc_param_init_set_str(pbc_param_t par, const char *input) {
+ symtab_t tab;
+ symtab_init(tab);
+ read_symtab(tab, input, 0);
+ int res = param_set_tab(par, tab);
+ symtab_forall_data(tab, pbc_free);
+ symtab_clear(tab);
+ return res;
+}
+
+int pbc_param_init_set_buf(pbc_param_t par, const char *input, size_t len) {
+ symtab_t tab;
+ symtab_init(tab);
+ read_symtab(tab, input, len);
+ int res = param_set_tab(par, tab);
+ symtab_forall_data(tab, pbc_free);
+ symtab_clear(tab);
+ return res;
+}
diff --git a/moon-abe/pbc-0.5.14/ecc/param.h b/moon-abe/pbc-0.5.14/ecc/param.h
new file mode 100644
index 00000000..36cbdd36
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/ecc/param.h
@@ -0,0 +1,23 @@
+// Input/output routines common to all pairing parameters.
+
+// Requires:
+// * param.h
+// * stdio.h
+// * gmp.h
+#ifndef __PARAM_UTILS_H__
+#define __PARAM_UTILS_H__
+
+#pragma GCC visibility push(hidden)
+
+void param_out_type(FILE *stream, char *s);
+void param_out_mpz(FILE *stream, char *s, mpz_t z);
+void param_out_int(FILE *stream, char *s, int i);
+// TODO: Replace with a stdarg function, e.g.
+// err = lookup("ZZi", "p", "n", "l", p->p, p->n, &p->l);
+struct symtab_s; // let "include/pbc.h" not include "misc/symtab.h"
+int lookup_int(int *n, struct symtab_s *tab, const char *key);
+int lookup_mpz(mpz_t z, struct symtab_s *tab, const char *key);
+
+#pragma GCC visibility pop
+
+#endif //__PARAM_UTILS_H__
diff --git a/moon-abe/pbc-0.5.14/ecc/singular.c b/moon-abe/pbc-0.5.14/ecc/singular.c
new file mode 100644
index 00000000..95f00410
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/ecc/singular.c
@@ -0,0 +1,447 @@
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h>
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_curve.h"
+#include "pbc_param.h"
+#include "pbc_pairing.h"
+#include "pbc_fp.h"
+#include "pbc_memory.h"
+
+//TODO: Store as integer mod ring instead and convert at last minute?
+struct point_s {
+ int inf_flag;
+ element_t x;
+ element_t y;
+};
+typedef struct point_s *point_ptr;
+typedef struct point_s point_t[1];
+
+static void sn_init(element_ptr e) {
+ field_ptr f = e->field->data;
+ e->data = pbc_malloc(sizeof(point_t));
+ point_ptr p = e->data;
+ element_init(p->x, f);
+ element_init(p->y, f);
+ p->inf_flag = 1;
+}
+
+static void sn_clear(element_ptr e) {
+ point_ptr p = e->data;
+ element_clear(p->x);
+ element_clear(p->y);
+ pbc_free(e->data);
+}
+
+static void sn_set0(element_ptr x) {
+ point_ptr p = x->data;
+ p->inf_flag = 1;
+}
+
+static int sn_is0(element_ptr x) {
+ point_ptr p = x->data;
+ return p->inf_flag;
+}
+
+//singular with node: y^2 = x^3 + x^2
+static void sn_random(element_t a) {
+ point_ptr p = a->data;
+ element_t t;
+
+ element_init(t, p->x->field);
+ p->inf_flag = 0;
+ do {
+ element_random(p->x);
+ if (element_is0(p->x)) continue;
+ element_square(t, p->x);
+ element_add(t, t, p->x);
+ element_mul(t, t, p->x);
+ } while (!element_is_sqr(t));
+ element_sqrt(p->y, t);
+
+ element_clear(t);
+}
+
+static inline void sn_double_no_check(point_ptr r, point_ptr p) {
+ element_t lambda, e0, e1;
+
+ element_init(lambda, p->x->field);
+ element_init(e0, p->x->field);
+ element_init(e1, p->x->field);
+ //same point: double them
+
+ //lambda = (3x^2 + 2x) / 2y
+ element_mul_si(lambda, p->x, 3);
+ element_set_si(e0, 2);
+ element_add(lambda, lambda, e0);
+ element_mul(lambda, lambda, p->x);
+ element_add(e0, p->y, p->y);
+ element_invert(e0, e0);
+ element_mul(lambda, lambda, e0);
+ //x1 = lambda^2 - 2x - 1
+ element_add(e1, p->x, p->x);
+ element_square(e0, lambda);
+ element_sub(e0, e0, e1);
+ element_set_si(e1, 1);
+ element_sub(e0, e0, e1);
+ //y1 = (x - x1)lambda - y
+ element_sub(e1, p->x, e0);
+ element_mul(e1, e1, lambda);
+ element_sub(e1, e1, p->y);
+
+ element_set(r->x, e0);
+ element_set(r->y, e1);
+ r->inf_flag = 0;
+
+ element_clear(lambda);
+ element_clear(e0);
+ element_clear(e1);
+ return;
+}
+
+static void sn_double(element_t c, element_t a) {
+ point_ptr r = c->data;
+ point_ptr p = a->data;
+ if (p->inf_flag) {
+ r->inf_flag = 1;
+ return;
+ }
+ if (element_is0(p->y)) {
+ r->inf_flag = 1;
+ return;
+ }
+ sn_double_no_check(r, p);
+}
+
+static void sn_set(element_ptr c, element_ptr a) {
+ point_ptr r = c->data, p = a->data;
+ if (p->inf_flag) {
+ r->inf_flag = 1;
+ return;
+ }
+ r->inf_flag = 0;
+ element_set(r->x, p->x);
+ element_set(r->y, p->y);
+}
+
+static void sn_add(element_t c, element_t a, element_t b) {
+ point_ptr r = c->data;
+ point_ptr p = a->data;
+ point_ptr q = b->data;
+ if (p->inf_flag) {
+ sn_set(c, b);
+ return;
+ }
+ if (q->inf_flag) {
+ sn_set(c, a);
+ return;
+ }
+ if (!element_cmp(p->x, q->x)) {
+ if (!element_cmp(p->y, q->y)) {
+ if (element_is0(p->y)) {
+ r->inf_flag = 1;
+ return;
+ } else {
+ sn_double_no_check(r, p);
+ return;
+ }
+ }
+ //points are inverses of each other
+ r->inf_flag = 1;
+ return;
+ } else {
+ element_t lambda, e0, e1;
+
+ element_init(lambda, p->x->field);
+ element_init(e0, p->x->field);
+ element_init(e1, p->x->field);
+
+ //lambda = (y2-y1)/(x2-x1)
+ element_sub(e0, q->x, p->x);
+ element_invert(e0, e0);
+ element_sub(lambda, q->y, p->y);
+ element_mul(lambda, lambda, e0);
+ //x3 = lambda^2 - x1 - x2 - 1
+ element_square(e0, lambda);
+ element_sub(e0, e0, p->x);
+ element_sub(e0, e0, q->x);
+ element_set1(e1);
+ element_sub(e0, e0, e1);
+ //y3 = (x1-x3)lambda - y1
+ element_sub(e1, p->x, e0);
+ element_mul(e1, e1, lambda);
+ element_sub(e1, e1, p->y);
+
+ element_set(r->x, e0);
+ element_set(r->y, e1);
+ r->inf_flag = 0;
+
+ element_clear(lambda);
+ element_clear(e0);
+ element_clear(e1);
+ }
+}
+
+static void sn_invert(element_ptr c, element_ptr a) {
+ point_ptr r = c->data, p = a->data;
+
+ if (p->inf_flag) {
+ r->inf_flag = 1;
+ return;
+ }
+ r->inf_flag = 0;
+ element_set(r->x, p->x);
+ element_neg(r->y, p->y);
+}
+
+static void sn_field_clear(field_ptr c) {
+ UNUSED_VAR(c);
+}
+
+/* TODO: Write a test program that uses these functions.
+
+// Nonsingular points on sn curves map to finite field elements via
+// (x, y) --> (y + x)/(y - x)
+// The reverse map is
+// a --> (4a/(a-1)^2, 4a(a+1)/(a-1)^3)
+
+void sn_point_to_field(element_t out, point_ptr P) {
+ element_t e0, e1;
+ if (P->inf_flag) {
+ element_set1(out);
+ return;
+ }
+ element_init(e0, out->field);
+ element_init(e1, out->field);
+ element_add(e0, P->y, P->x);
+ element_sub(e1, P->y, P->x);
+ element_invert(e1, e1);
+ element_mul(out, e0, e1);
+ element_clear(e0);
+ element_clear(e1);
+}
+
+static void sn_field_to_point(point_ptr P, element_t in) {
+ element_t e0, e1, e2;
+
+ if (element_is1(in)) {
+ P->inf_flag = 1;
+ return;
+ }
+ element_init(e0, in->field);
+ element_init(e1, in->field);
+ element_init(e2, in->field);
+
+ element_set1(e1);
+ element_sub(e0, in, e1);
+ element_invert(e0, e0);
+
+ element_mul_si(e2, in, 4);
+
+ element_add(P->y, in, e1);
+
+ element_mul(e1, e0, e0);
+ element_mul(P->x, e1, e2);
+ element_mul(P->y, P->y, e2);
+ element_mul(P->y, P->y, e0);
+ element_mul(P->y, P->y, e1);
+ P->inf_flag = 0;
+
+ element_clear(e0);
+ element_clear(e1);
+ element_clear(e2);
+}
+*/
+
+static size_t sn_out_str(FILE *stream, int base, element_ptr a) {
+ point_ptr p = a->data;
+ size_t result, status;
+ if (p->inf_flag) {
+ if (EOF == fputc('O', stream)) return 0;
+ return 1;
+ }
+ result = element_out_str(stream, base, p->x);
+ if (!result) return 0;
+ if (EOF == fputc(' ', stream)) return 0;
+ status = element_out_str(stream, base, p->y);
+ if (!status) return 0;
+ return result + status + 1;
+}
+
+void naive_generic_pow_mpz(element_ptr x, element_ptr a, mpz_ptr n);
+void field_init_curve_singular_with_node(field_t c, field_t field) {
+ mpz_set(c->order, field->order);
+ c->data = (void *) field;
+ c->init = sn_init;
+ c->clear = sn_clear;
+ c->random = sn_random;
+ //c->from_x = cc_from_x;
+ //c->from_hash = cc_from_hash;
+ c->set = sn_set;
+ c->invert = c->neg = sn_invert;
+ c->square = c->doub = sn_double;
+ c->mul = c->add = sn_add;
+ c->set1 = c->set0 = sn_set0;
+ c->is1 = c->is0 = sn_is0;
+ c->mul_mpz = element_pow_mpz;
+ c->out_str = sn_out_str;
+ c->field_clear = sn_field_clear;
+}
+
+//TODO: the following code is useless as the Tate pairing is degenerate on singular curves
+static void sn_miller(element_t res, mpz_t q, element_t P,
+ element_ptr Qx, element_ptr Qy) {
+ //collate divisions
+ int m;
+ element_t v, vd;
+ element_t Z;
+ element_t a, b, c;
+ element_t e0, e1;
+ element_ptr Zx;
+ element_ptr Zy;
+ const element_ptr Px = curve_x_coord(P);
+ const element_ptr Py = curve_y_coord(P);
+
+ #define do_vertical(e) \
+ element_sub(e0, Qx, Zx); \
+ element_mul(e, e, e0);
+
+ //a = -slope_tangent(Z.x, Z.y);
+ //b = 1;
+ //c = -(Z.y + a * Z.x);
+ //but we multiply by 2*Z.y to avoid division
+ //a = -Zx * (Zx + Zx + Zx + 2)
+ //b = 2 * Zy
+ //c = -(2 Zy^2 + a Zx);
+ #define do_tangent(e) \
+ element_double(e0, Zx); \
+ element_add(a, Zx, e0); \
+ element_set_si(e0, 2); \
+ element_add(a, a, e0); \
+ element_mul(a, a, Zx); \
+ element_neg(a, a); \
+ element_add(b, Zy, Zy); \
+ element_mul(e0, b, Zy); \
+ element_mul(c, a, Zx); \
+ element_add(c, c, e0); \
+ element_neg(c, c); \
+ element_mul(e0, a, Qx); \
+ element_mul(e1, b, Qy); \
+ element_add(e0, e0, e1); \
+ element_add(e0, e0, c); \
+ element_mul(e, e, e0);
+
+ //a = -(B.y - A.y) / (B.x - A.x);
+ //b = 1;
+ //c = -(A.y + a * A.x);
+ //but we'll multiply by B.x - A.x to avoid division
+ #define do_line(e) \
+ element_sub(b, Px, Zx); \
+ element_sub(a, Zy, Py); \
+ element_mul(e0, b, Zy); \
+ element_mul(c, a, Zx); \
+ element_add(c, c, e0); \
+ element_neg(c, c); \
+ element_mul(e0, a, Qx); \
+ element_mul(e1, b, Qy); \
+ element_add(e0, e0, e1); \
+ element_add(e0, e0, c); \
+ element_mul(e, e, e0);
+
+ element_init(a, Px->field);
+ element_init(b, Px->field);
+ element_init(c, Px->field);
+ element_init(e0, res->field);
+ element_init(e1, res->field);
+
+ element_init(v, res->field);
+ element_init(vd, res->field);
+ element_init(Z, P->field);
+
+ element_set(Z, P);
+ Zx = curve_x_coord(Z);
+ Zy = curve_y_coord(Z);
+
+ element_set1(v);
+ element_set1(vd);
+ m = mpz_sizeinbase(q, 2) - 2;
+
+ while(m >= 0) {
+ element_mul(v, v, v);
+ element_mul(vd, vd, vd);
+ do_tangent(v);
+ element_double(Z, Z);
+ do_vertical(vd);
+ if (mpz_tstbit(q, m)) {
+ do_line(v);
+ element_add(Z, Z, P);
+ do_vertical(vd);
+ }
+ m--;
+ }
+ #undef do_tangent
+ #undef do_vertical
+ #undef do_line
+
+ element_invert(vd, vd);
+ element_mul(res, v, vd);
+
+ element_clear(v);
+ element_clear(vd);
+ element_clear(Z);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(e0);
+ element_clear(e1);
+}
+
+struct sn_pairing_data_s {
+ field_t Fq, Eq;
+};
+typedef struct sn_pairing_data_s sn_pairing_data_t[1];
+typedef struct sn_pairing_data_s *sn_pairing_data_ptr;
+
+static void sn_pairing(element_ptr out, element_ptr in1, element_ptr in2,
+ pairing_t pairing) {
+ sn_pairing_data_ptr p = pairing->data;
+ element_ptr Q = in2;
+ element_t e0;
+ element_t R, QR;
+ element_init(R, p->Eq);
+ element_init(QR, p->Eq);
+ element_random(R);
+ element_init(e0, out->field);
+ element_add(QR, Q, R);
+ sn_miller(out, pairing->r, in1, curve_x_coord(QR), curve_y_coord(QR));
+ sn_miller(e0, pairing->r, in1, curve_x_coord(R), curve_y_coord(R));
+ element_invert(e0, e0);
+ element_mul(out, out, e0);
+ //element_pow_mpz(out, out, p->tateexp);
+ element_clear(R);
+ element_clear(QR);
+}
+
+void pairing_init_singular_with_node(pairing_t pairing, mpz_t q) {
+ sn_pairing_data_ptr p;
+
+ mpz_init(pairing->r);
+ mpz_sub_ui(pairing->r, q, 1);
+ field_init_fp(pairing->Zr, pairing->r);
+ pairing->map = sn_pairing;
+
+ p = pairing->data = pbc_malloc(sizeof(sn_pairing_data_t));
+ field_init_fp(p->Fq, q);
+ field_init_curve_singular_with_node(p->Eq, p->Fq);
+
+ //mpz_init(p->tateexp);
+ //mpz_sub_ui(p->tateexp, p->Fq->order, 1);
+ //mpz_divexact(p->tateexp, p->tateexp, pairing->r);
+
+ pairing->G2 = pairing->G1 = p->Eq;
+
+ pairing_GT_init(pairing, p->Fq);
+}
diff --git a/moon-abe/pbc-0.5.14/example/Makefile.am b/moon-abe/pbc-0.5.14/example/Makefile.am
new file mode 100644
index 00000000..a1b60dbc
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/example/Makefile.am
@@ -0,0 +1,16 @@
+CLEANFILES = *~
+maintainer-clean-local:
+ -rm -rf Makefile.in
+
+AM_CPPFLAGS = -I../include
+LDADD = ../libpbc.la -lgmp
+
+noinst_PROGRAMS = bls hess joux paterson yuanli zhangkim zss
+
+bls_SOURCES = bls.c
+hess_SOURCES = hess.c
+joux_SOURCES = joux.c
+paterson_SOURCES = paterson.c
+yuanli_SOURCES = yuanli.c
+zhangkim_SOURCES = zhangkim.c
+zss_SOURCES = zss.c
diff --git a/moon-abe/pbc-0.5.14/example/bls.c b/moon-abe/pbc-0.5.14/example/bls.c
new file mode 100644
index 00000000..8b62a097
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/example/bls.c
@@ -0,0 +1,133 @@
+// Boneh-Lynn-Shacham short signatures demo.
+//
+// See the PBC_sig library for a practical implementation.
+//
+// Ben Lynn
+#include <pbc.h>
+#include <pbc_test.h>
+
+int main(int argc, char **argv) {
+ pairing_t pairing;
+ element_t g, h;
+ element_t public_key, sig;
+ element_t secret_key;
+ element_t temp1, temp2;
+
+ pbc_demo_pairing_init(pairing, argc, argv);
+
+ element_init_G2(g, pairing);
+ element_init_G2(public_key, pairing);
+ element_init_G1(h, pairing);
+ element_init_G1(sig, pairing);
+ element_init_GT(temp1, pairing);
+ element_init_GT(temp2, pairing);
+ element_init_Zr(secret_key, pairing);
+
+ printf("Short signature test\n");
+
+ //generate system parameters
+ element_random(g);
+ element_printf("system parameter g = %B\n", g);
+
+ //generate private key
+ element_random(secret_key);
+ element_printf("private key = %B\n", secret_key);
+
+ //compute corresponding public key
+ element_pow_zn(public_key, g, secret_key);
+ element_printf("public key = %B\n", public_key);
+
+ //generate element from a hash
+ //for toy pairings, should check that pairing(g, h) != 1
+ element_from_hash(h, "hashofmessage", 13);
+ element_printf("message hash = %B\n", h);
+
+ //h^secret_key is the signature
+ //in real life: only output the first coordinate
+ element_pow_zn(sig, h, secret_key);
+ element_printf("signature = %B\n", sig);
+
+ {
+ int n = pairing_length_in_bytes_compressed_G1(pairing);
+ //int n = element_length_in_bytes_compressed(sig);
+ int i;
+ unsigned char *data = pbc_malloc(n);
+
+ element_to_bytes_compressed(data, sig);
+ printf("compressed = ");
+ for (i = 0; i < n; i++) {
+ printf("%02X", data[i]);
+ }
+ printf("\n");
+
+ element_from_bytes_compressed(sig, data);
+ element_printf("decompressed = %B\n", sig);
+
+ pbc_free(data);
+ }
+
+ //verification part 1
+ element_pairing(temp1, sig, g);
+ element_printf("f(sig, g) = %B\n", temp1);
+
+ //verification part 2
+ //should match above
+ element_pairing(temp2, h, public_key);
+ element_printf("f(message hash, public_key) = %B\n", temp2);
+
+ if (!element_cmp(temp1, temp2)) {
+ printf("signature verifies\n");
+ } else {
+ printf("*BUG* signature does not verify *BUG*\n");
+ }
+
+ {
+ int n = pairing_length_in_bytes_x_only_G1(pairing);
+ //int n = element_length_in_bytes_x_only(sig);
+ int i;
+ unsigned char *data = pbc_malloc(n);
+
+ element_to_bytes_x_only(data, sig);
+ printf("x-coord = ");
+ for (i = 0; i < n; i++) {
+ printf("%02X", data[i]);
+ }
+ printf("\n");
+
+ element_from_bytes_x_only(sig, data);
+ element_printf("de-x-ed = %B\n", sig);
+
+ element_pairing(temp1, sig, g);
+ if (!element_cmp(temp1, temp2)) {
+ printf("signature verifies on first guess\n");
+ } else {
+ element_invert(temp1, temp1);
+ if (!element_cmp(temp1, temp2)) {
+ printf("signature verifies on second guess\n");
+ } else {
+ printf("*BUG* signature does not verify *BUG*\n");
+ }
+ }
+
+ pbc_free(data);
+ }
+
+ //a random signature shouldn't verify
+ element_random(sig);
+ element_pairing(temp1, sig, g);
+ if (element_cmp(temp1, temp2)) {
+ printf("random signature doesn't verify\n");
+ } else {
+ printf("*BUG* random signature verifies *BUG*\n");
+ }
+
+ element_clear(sig);
+ element_clear(public_key);
+ element_clear(secret_key);
+ element_clear(g);
+ element_clear(h);
+ element_clear(temp1);
+ element_clear(temp2);
+ pairing_clear(pairing);
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/example/hess.c b/moon-abe/pbc-0.5.14/example/hess.c
new file mode 100644
index 00000000..8d5a437e
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/example/hess.c
@@ -0,0 +1,109 @@
+/*
+ Hess ID-based signature.
+ Based on papers "F. Hess. Efficient Identity Based Signature Schemes Based on Pairings. SAC 2002, LNCS 2595, Springer-Verlag, 2000"
+ Contributed by Dmitry Kosolapov.
+*/
+
+#include <pbc.h>
+#include <pbc_test.h>
+
+int main(int argc, char **argv) {
+ pairing_t pairing;
+ double time1, time2;
+ pbc_demo_pairing_init(pairing, argc, argv);
+
+ element_t Qid, P, P1, Ppub, s, k, Did, r, v, u, t1, t3, t4, t5, t6, t7, t8;
+ mpz_t t2;
+
+ if (!pairing_is_symmetric(pairing)) pbc_die("pairing must be symmetric");
+
+ mpz_init(t2);
+ element_init_G1(P, pairing);
+ element_init_G1(P1, pairing);
+ element_init_G1(Qid, pairing);
+ element_init_G1(Did, pairing);
+ element_init_G1(Ppub, pairing);
+ element_init_G1(t4, pairing);
+ element_init_G1(t5, pairing);
+ element_init_G1(u, pairing);
+
+ element_init_Zr(s, pairing);
+ element_init_Zr(k, pairing);
+ element_init_Zr(v, pairing);
+ element_init_Zr(t3, pairing);
+ element_init_Zr(t8, pairing);
+
+ element_init_GT(r, pairing);
+ element_init_GT(t1, pairing);
+ element_init_GT(t6, pairing);
+ element_init_GT(t7, pairing);
+
+ time1 = pbc_get_time();
+ printf("Hess ID-based signature protocol\n");
+ printf("KEYGEN\n");
+ element_random(P);
+ element_random(s);
+ element_random(Qid);
+ element_mul_zn(Ppub, P, s);
+ element_mul_zn(Did, Qid, s);
+ element_printf("Qid = %B\n", Qid);
+ element_printf("P = %B\n", P);
+ element_printf("Ppub = %B\n", Ppub);
+
+ printf("SIGN\n");
+ element_random(P1);
+ element_random(k);
+ element_pairing(t1, P1, P);
+ element_pow_zn(r, t1, k);
+ element_to_mpz(t2, r);
+
+ //h3=h(m)*mpz(r);
+ element_from_hash(t3, "Message", 7);
+ element_mul_mpz(v, t3, t2);
+ element_mul_zn(t4, Did, v);
+ element_mul_zn(t5, P1, k);
+ element_add(u, t4, t5);
+ printf("Signature of message \"Message\" is:\n");
+ element_printf("u = %B\n", u);
+ element_printf("v = %B\n", v);
+
+ printf("VERIFY\n");
+ element_pairing(t6, u, P);
+ element_neg(Ppub, Ppub);
+ element_pairing(t7, Qid, Ppub);
+ element_pow_zn(t7, t7, v);
+ element_mul(r, t6, t7);
+ element_to_mpz(t2, r);
+ element_from_hash(t3, "Message", 7);
+ element_mul_mpz(t8, t3, t2);
+ element_printf("h3(m,r) = %B\n", t8);
+ element_printf("v = %B\n", v);
+ if (!element_cmp(t8, v)) {
+ printf("Signature is valid!\n");
+ } else {
+ printf("Signature is invalid!\n");
+ }
+ time2 = pbc_get_time();
+ printf("All time = %fs\n", time2 - time1);
+
+ element_clear(P);
+ element_clear(P1);
+ element_clear(Qid);
+ element_clear(Did);
+ element_clear(Ppub);
+ element_clear(t4);
+ element_clear(t5);
+ element_clear(u);
+ element_clear(s);
+ element_clear(k);
+ element_clear(v);
+ element_clear(t3);
+ element_clear(t8);
+ element_clear(r);
+ element_clear(t1);
+ element_clear(t6);
+ element_clear(t7);
+ pairing_clear(pairing);
+
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/example/joux.c b/moon-abe/pbc-0.5.14/example/joux.c
new file mode 100644
index 00000000..4c7a46b9
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/example/joux.c
@@ -0,0 +1,80 @@
+/*
+ Joux one round protocol for tripartite Diffie-Hellman
+ Based on papers "A. Joux. A One Round Protocol for Tripartie Diffie-Hellman. Proceedings of ANTS 4. LNCS 1838, pp. 385-394, 2000."
+ Contributed by Dmitry Kosolapov.
+*/
+
+#include <pbc.h>
+#include <pbc_test.h>
+
+int main(int argc, char **argv) {
+ pairing_t pairing;
+ double time1, time2;
+ element_t P, a, b, c, Ka, Kb, Kc, t1, t2, t3, t4, t5, t6;
+ pbc_demo_pairing_init(pairing, argc, argv);
+ if (!pairing_is_symmetric(pairing)) pbc_die("pairing must be symmetric");
+
+ element_init_G1(P, pairing);
+ element_init_G1(t1, pairing);
+ element_init_G1(t2, pairing);
+ element_init_G1(t3, pairing);
+
+ element_init_Zr(a, pairing);
+ element_init_Zr(b, pairing);
+ element_init_Zr(c, pairing);
+
+ element_init_GT(t4, pairing);
+ element_init_GT(t5, pairing);
+ element_init_GT(t6, pairing);
+ element_init_GT(Ka, pairing);
+ element_init_GT(Kb, pairing);
+ element_init_GT(Kc, pairing);
+
+ time1 = pbc_get_time();
+ printf("Joux key agreement between A, B and C.\n");
+ element_random(P);
+ element_random(a);
+ element_random(b);
+ element_random(c);
+ element_mul_zn(t1, P, a);
+ printf("A sends B and C: aP\n");
+ element_printf("aP = %B\n", t1);
+ element_mul_zn(t2, P, b);
+ printf("B sends A and C: bP\n");
+ element_printf("bP = %B\n", t2);
+ element_mul_zn(t3, P, c);
+ printf("C sends A and B: cP\n");
+ element_printf("cP = %B\n", t3);
+
+ element_pairing(t4, t2, t3);
+ element_pow_zn(Ka, t4, a);
+ element_printf("Ka = %B\n", Ka);
+ element_pairing(t5, t1, t3);
+ element_pow_zn(Kb, t5, b);
+ element_printf("Kb = %B\n", Kb);
+ element_pairing(t6, t1, t2);
+ element_pow_zn(Kc, t6, c);
+ element_printf("Kc = %B\n", Kc);
+
+ printf("Shared key K = Ka = Kb = Kc\n");
+ time2 = pbc_get_time();
+ printf("All time = %fs\n", time2 - time1);
+
+
+ element_clear(P);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(Ka);
+ element_clear(Kb);
+ element_clear(Kc);
+ element_clear(t1);
+ element_clear(t2);
+ element_clear(t3);
+ element_clear(t4);
+ element_clear(t5);
+ element_clear(t6);
+ pairing_clear(pairing);
+
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/example/paterson.c b/moon-abe/pbc-0.5.14/example/paterson.c
new file mode 100644
index 00000000..4e21fc9f
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/example/paterson.c
@@ -0,0 +1,114 @@
+/*
+ Paterson ID-based signature.
+ Based on papers "K. G. Paterson. ID-Based Signatures from Pairings on Elliptic Curvers. Electron. Lett., Vol. 38". Available at http://eprint.iacr.org/2002/004."
+ Contributed by Dmitry Kosolapov.
+*/
+
+#include <pbc.h>
+#include <pbc_test.h>
+
+int main(int argc, char **argv) {
+ pairing_t pairing;
+ double time1, time2;
+ element_t Ppub, s, P, R, k, S, Did, Qid, t1, t2, t4, t5, t6, t7, t8,
+ t9, t10, t11;
+ mpz_t t3;
+ mpz_init(t3);
+ pbc_demo_pairing_init(pairing, argc, argv);
+ if (!pairing_is_symmetric(pairing)) pbc_die("pairing must be symmetric");
+
+ element_init_G1(P, pairing);
+ element_init_G1(Ppub, pairing);
+ element_init_G1(Qid, pairing);
+ element_init_G1(Did, pairing);
+ element_init_G1(R, pairing);
+ element_init_G1(S, pairing);
+ element_init_G1(t2, pairing);
+ element_init_G1(t4, pairing);
+ element_init_G1(t5, pairing);
+ element_init_G1(t7, pairing);
+
+ element_init_Zr(s, pairing);
+ element_init_Zr(k, pairing);
+ element_init_Zr(t1, pairing);
+
+ element_init_GT(t6, pairing);
+ element_init_GT(t8, pairing);
+ element_init_GT(t9, pairing);
+ element_init_GT(t10, pairing);
+ element_init_GT(t11, pairing);
+
+ time1 = pbc_get_time();
+ printf("Paterson ID-based signature.\n");
+ printf("KEYGEN\n");
+ element_random(P);
+ element_random(s);
+ element_mul_zn(Ppub, P, s);
+ element_printf("P = %B\n", P);
+ element_printf("Ppub = %B\n", Ppub);
+ element_from_hash(Qid, "ID", 2);
+ element_printf("Qid = %B\n", Qid);
+ element_mul_zn(Did, Qid, s);
+
+ printf("SIGN\n");
+ element_random(k);
+ element_mul_zn(R, P, k);
+ element_from_hash(t1, "Message", 7);
+ element_mul_zn(t2, P, t1);
+ //H3(R)=mpz(R);
+// int n = element_length_in_bytes(R);
+// unsigned char *data=malloc(n);
+// element_to_bytes(data, R);
+// printf("data = %s\n", data);
+ element_to_mpz(t3, R);
+ element_mul_mpz(t4, Did, t3);
+ element_add(t5, t4, t2);
+ element_invert(k, k);
+ element_mul_zn(S, t5, k);
+ printf("Signature of message \"Message\" is:\n");
+ element_printf("R = %B\n", R);
+ element_printf("S = %B\n", S);
+
+ printf("VERIFY\n");
+ element_from_hash(t1, "Message", 7);
+ element_mul_zn(t7, P, t1);
+ element_pairing(t6, P, t7);
+ element_pairing(t8, Ppub, Qid);
+ element_to_mpz(t3, R);
+ element_pow_mpz(t9, t8, t3);
+ element_printf("t8 = %B\n", t8);
+ element_printf("t9 = %B\n", t9);
+ element_mul(t10, t6, t9);
+ element_printf("t10 = %B\n", t10);
+ element_pairing(t11, R, S);
+ element_printf("[e(P, P)^H2(M)][e(Ppub, Qid)^H3(R)] = %B\n", t10);
+ element_printf("e(R, S) = %B\n", t11);
+ if (!element_cmp(t10, t11)) {
+ printf("Signature is valid!\n");
+ } else {
+ printf("Signature is invalid!\n");
+ }
+ time2 = pbc_get_time();
+ printf("All time = %fs\n", time2 - time1);
+
+ element_clear(P);
+ element_clear(Ppub);
+ element_clear(Qid);
+ element_clear(Did);
+ element_clear(R);
+ element_clear(t2);
+ element_clear(t4);
+ element_clear(t5);
+ element_clear(s);
+ element_clear(k);
+ element_clear(t1);
+ element_clear(t6);
+ element_clear(t7);
+ element_clear(t8);
+ element_clear(t9);
+ element_clear(t10);
+ element_clear(t11);
+ pairing_clear(pairing);
+
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/example/yuanli.c b/moon-abe/pbc-0.5.14/example/yuanli.c
new file mode 100644
index 00000000..a3606377
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/example/yuanli.c
@@ -0,0 +1,165 @@
+/* Contributed by Dmitry Kosolapov
+ *
+ * I haven't tested this much, and I'm personally not familiar with
+ * this particular cryptosystem. -Ben Lynn
+ */
+/* Here we represent the original Yuan-Li ID-Based Authenticated Key Agreement Protocol, 2005.
+ * This protocol has 2 stages: Setup and Extract. We represent them inside one code block with demo and time outputs.
+ */
+
+/*Yuan-Li protocol description according to:
+Quan Yuan and Songping Li, A New Efficient ID-Based Authenticated Key Agreement Protocol, Cryptology ePrint Archive, Report 2005/309
+
+SETUP:
+KGS chooses G1, G2, e: G1*G1 -> G2, P, H: {0, 1}* -> G1, s, H - some function for key calculation.
+KGS calculates Ppub = s*P, publishes {G1, G2, e, P, Ppub, H1, H} and saves s as master key.
+
+EXTRACT:
+
+For the user with ID public key can be calculated with Qid = H1(ID). KGS generates bound public key Sid = s*Qid.
+1. A chooses random a from Z_p*, calculates Ta = a*P.
+ A -> B: Ta
+2. B chooses random b from Z_p*, calculates Tb = b*P.
+ B -> A: Tb
+3. A calculates h = a*Tb = a*b*P and shared secret key Kab = e(a*Ppub + Sa, Tb + Qb)
+4. B calculates h = b*Ta = a*b*P and shared secret key Kba = e(Ta + Qa, b*Ppub + Sb)
+Session key is K = H(A, B, h, Kab).
+H was not defined in the original article.
+I've defined it as H(A, B, h, Kab)=e(h,H1(A)+H1(B))+Kab.
+*/
+
+#include <pbc.h>
+#include <pbc_test.h>
+
+int main(int argc, char **argv) {
+ pairing_t pairing;
+ double t0, t1;
+ element_t s, a, b, P, Ppub, Qa, Qb, Sa, Sb, Ta, Tb, Kab, Kba, K, temp1,
+ temp2, temp3, temp4, temp5, h;
+
+ pbc_demo_pairing_init(pairing, argc, argv);
+ if (!pairing_is_symmetric(pairing)) pbc_die("pairing must be symmetric");
+
+ element_init_Zr(s, pairing);
+ element_init_Zr(a, pairing);
+ element_init_Zr(b, pairing);
+
+ element_init_G1(P, pairing);
+ element_init_G1(Ppub, pairing);
+ element_init_G1(Qa, pairing);
+ element_init_G1(Qb, pairing);
+ element_init_G1(Sa, pairing);
+ element_init_G1(Sb, pairing);
+ element_init_G1(Ta, pairing);
+ element_init_G1(Tb, pairing);
+ element_init_G1(temp1, pairing);
+ element_init_G1(temp2, pairing);
+ element_init_G1(temp3, pairing);
+ element_init_G1(h, pairing);
+
+ element_init_GT(Kab, pairing);
+ element_init_GT(Kba, pairing);
+ element_init_GT(K, pairing);
+ element_init_GT(temp4, pairing);
+ element_init_GT(temp5, pairing);
+
+ printf("Yuan-Li key agreement protocol\n");
+
+ t0 = pbc_get_time();
+
+//Setup, system parameters generation
+ printf("SETUP STAGE\n");
+ element_random(P);
+ element_printf("P = %B\n", P);
+ element_random(s);
+ element_mul_zn(Ppub, P, s);
+ element_printf("Ppub = %B\n", Ppub);
+
+//Extract, key calculation
+ printf("EXTRACT STAGE\n");
+ element_from_hash(Qa, "A", 1);
+ element_from_hash(Qb, "B", 1);
+ element_mul_zn(Sa, Qa, s);
+ element_mul_zn(Sb, Qb, s);
+ element_printf("Sa = %B\n", Sa);
+ element_printf("Sb = %B\n", Sb);
+
+ printf("-----1-----\n");
+
+ element_random(a);
+ element_mul_zn(Ta, P, a);
+ element_printf("A sends B Ta = %B\n", Ta);
+
+ printf("-----2-----\n");
+
+ element_random(b);
+ element_mul_zn(Tb, P, b);
+ element_printf("B sends A Tb = %B\n", Tb);
+
+ printf("-----3-----\n");
+
+ printf("A calculates h and Kab\n");
+ element_mul_zn(h, Tb, a);
+ element_printf("h = %B\n", h);
+ element_mul_zn(temp1, Ppub, a);
+ element_add(temp1, temp1, Sa);
+ element_add(temp2, Tb, Qb);
+ element_pairing(Kab, temp1, temp2);
+ element_printf("Kab = %B\n", Kab);
+
+ printf("-----4-----\n");
+
+ printf("B calculates h and Kba\n");
+ element_mul_zn(h, Ta, b);
+ element_printf("h = %B\n", h);
+ element_add(temp1, Ta, Qa);
+ element_mul_zn(temp2, Ppub, b);
+ element_add(temp2, temp2, Sb);
+ element_pairing(Kba, temp1, temp2);
+ element_printf("Kba = %B\n", Kba);
+
+ printf("-----FINAL-----\n");
+
+ element_add(temp3, Qa, Qb);
+ element_pairing(temp4, h, temp3);
+
+ element_add(K, temp4, Kab);
+ element_printf("A has the key K = %B\n", K);
+ element_set(temp5, K);
+
+ element_add(K, temp4, Kba);
+ element_printf("B has the key K = %B\n", K);
+
+ if (!element_cmp(temp5, K))
+ printf("The keys are the same. Start session...\n");
+ else
+ printf("The keys aren't the same. Try again, please.\n");
+
+ element_clear(K);
+ element_clear(Kab);
+ element_clear(Kba);
+ element_clear(h);
+ element_clear(temp1);
+ element_clear(temp2);
+ element_clear(temp3);
+ element_clear(temp4);
+ element_clear(temp5);
+ element_clear(s);
+ element_clear(a);
+ element_clear(b);
+ element_clear(P);
+ element_clear(Ppub);
+ element_clear(Qa);
+ element_clear(Qb);
+ element_clear(Sa);
+ element_clear(Sb);
+ element_clear(Ta);
+ element_clear(Tb);
+
+ t1 = pbc_get_time();
+
+ printf("All time = %fs\n", t1 - t0);
+ printf("Have a good day!\n");
+
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/example/zhangkim.c b/moon-abe/pbc-0.5.14/example/zhangkim.c
new file mode 100644
index 00000000..caaa0b9f
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/example/zhangkim.c
@@ -0,0 +1,139 @@
+/*
+ Zhang and Kim ID-based Blind Signature scheme.
+ Based on papers "F. Zang, K. Kim. ID-based Blind Signature and Ring Signature from Pairings. Advances in Cryptology - Asiacrypt 2002, LNCS Vol. 2510, Springer-Verlag, 2002".
+ Contributed by Dmitry Kosolapov.
+*/
+
+#include <pbc.h>
+#include <pbc_test.h>
+
+int main(int argc, char **argv) {
+ pairing_t pairing;
+ double time1, time2;
+ element_t P, Ppub, s, R, Qid, Sid, a, b, r, c, S, negc, t1, t2, t3, t5,
+ t6, t7, t8, t9, t10, t11, t12, t14;
+ mpz_t t4, t13;
+ mpz_init(t4);
+ mpz_init(t13);
+ pbc_demo_pairing_init(pairing, argc, argv);
+ if (!pairing_is_symmetric(pairing)) pbc_die("pairing must be symmetric");
+ element_init_G1(P, pairing);
+ element_init_G1(Ppub, pairing);
+ element_init_G1(Qid, pairing);
+ element_init_G1(Sid, pairing);
+ element_init_G1(R, pairing);
+ element_init_G1(S, pairing);
+ element_init_G1(t1, pairing);
+ element_init_G1(t2, pairing);
+ element_init_G1(t7, pairing);
+ element_init_G1(t8, pairing);
+ element_init_G1(t9, pairing);
+
+ element_init_Zr(r, pairing);
+ element_init_Zr(s, pairing);
+ element_init_Zr(c, pairing);
+ element_init_Zr(a, pairing);
+ element_init_Zr(b, pairing);
+ element_init_Zr(negc, pairing);
+ element_init_Zr(t5, pairing);
+ element_init_Zr(t6, pairing);
+ element_init_Zr(t14, pairing);
+
+ element_init_GT(t3, pairing);
+ element_init_GT(t10, pairing);
+ element_init_GT(t11, pairing);
+ element_init_GT(t12, pairing);
+
+ time1 = pbc_get_time();
+ printf("Zhang and Kim ID-based Blind Signature scheme\n");
+ printf("SETUP\n");
+ element_random(P);
+ element_random(s);
+ element_mul_zn(Ppub, P, s);
+ element_printf("P = %B\n", P);
+ element_printf("Ppub = %B\n", Ppub);
+
+ printf("EXTRACT\n");
+ element_from_hash(Qid, "ID", 2);
+ element_mul_zn(Sid, Qid, s);
+ element_printf("Public key Qid = %B\n", Qid);
+ element_printf("Private key Sid = %B\n", Sid);
+
+ printf("BLIND SIGNATURE ISSUING PROTOCOL\n");
+ element_random(r);
+ element_mul_zn(R, P, r);
+ printf("Signer sends R = rP to user\n");
+ element_printf("R = %B\n", R);
+ printf("Blinding\n");
+ element_random(a);
+ element_random(b);
+ element_mul_zn(t1, P, a);
+ element_add(t1, R, t1);
+ element_mul_zn(t2, Qid, b);
+ element_add(t2, t2, t1);
+ element_pairing(t3, t2, Ppub);
+ element_to_mpz(t4, t3);
+ element_from_hash(t5, "Message", 7);
+ element_mul_mpz(t6, t5, t4);
+ element_add(c, t6, b);
+ printf("User sends c to signer\n");
+ element_printf("c = %B\n", c);
+ printf("Signing\n");
+ element_mul_zn(t7, Ppub, r);
+ element_mul_zn(t8, Sid, c);
+ element_add(S, t8, t7);
+ printf("Signer sends S\n");
+ element_printf("S = %B\n", S);
+ printf("Unblinding\n");
+ element_mul_zn(t9, Ppub, a);
+ element_add(S, S, t9);
+ element_sub(c, c, b);
+ printf("Blind Signature of message \"Message\" is:\n");
+ element_printf("S1 = %B\n", S);
+ element_printf("c1 = %B\n", c);
+
+ printf("VERIFICATION\n");
+ element_pairing(t10, Qid, Ppub);
+ element_neg(negc, c);
+ element_pow_zn(t10, t10, negc);
+ element_pairing(t11, S, P);
+ element_mul(t12, t11, t10);
+ element_to_mpz(t13, t12);
+ element_from_hash(t5, "Message", 7);
+ element_mul_mpz(t14, t5, t13);
+ element_printf("c1 = %B\n", c);
+ element_printf("H(m, [e(S1, P)][e(Qid, Ppub)^(-c1)]) = %B\n", t14);
+
+ if (!element_cmp(t14, c)) printf("Signature is valid\n");
+ else printf("Signature is invalid\n");
+ time2 = pbc_get_time();
+ printf("All time = %fs\n", time2 - time1);
+
+ element_clear(P);
+ element_clear(Ppub);
+ element_clear(Qid);
+ element_clear(Sid);
+ element_clear(R);
+ element_clear(S);
+ element_clear(r);
+ element_clear(s);
+ element_clear(c);
+ element_clear(a);
+ element_clear(b);
+ element_clear(negc);
+ element_clear(t1);
+ element_clear(t2);
+ element_clear(t3);
+ element_clear(t5);
+ element_clear(t6);
+ element_clear(t14);
+ element_clear(t7);
+ element_clear(t8);
+ element_clear(t9);
+ element_clear(t10);
+ element_clear(t11);
+ element_clear(t12);
+ pairing_clear(pairing);
+
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/example/zss.c b/moon-abe/pbc-0.5.14/example/zss.c
new file mode 100644
index 00000000..5020a3a6
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/example/zss.c
@@ -0,0 +1,70 @@
+/*
+ ZSS Short Signature Scheme from Bilinear Pairing.
+ Based on papers "F. Zhang, R. Safavi-Naini and W. Susilo. An Efficient Signature Scheme from Bilinear Pairings and it's Applications. PKC 2004".
+ Contributed by Dmitry Kosolapov.
+*/
+
+#include <pbc.h>
+#include <pbc_test.h>
+
+int main(int argc, char **argv) {
+ pairing_t pairing;
+ pbc_demo_pairing_init(pairing, argc, argv);
+ if (!pairing_is_symmetric(pairing)) pbc_die("pairing must be symmetric");
+ double time1, time2;
+ element_t P, Ppub, x, S, H, t1, t2, t3, t4;
+ element_init_Zr(x, pairing);
+ element_init_Zr(H, pairing);
+ element_init_Zr(t1, pairing);
+
+ element_init_G1(S, pairing);
+ element_init_G1(P, pairing);
+ element_init_G1(Ppub, pairing);
+ element_init_G1(t2, pairing);
+
+ element_init_GT(t3, pairing);
+ element_init_GT(t4, pairing);
+
+ printf("ZSS short signature schema\n");
+ printf("KEYGEN\n");
+ time1 = pbc_get_time();
+ element_random(x);
+ element_random(P);
+ element_mul_zn(Ppub, P, x);
+ element_printf("P = %B\n", P);
+ element_printf("x = %B\n", x);
+ element_printf("Ppub = %B\n", Ppub);
+
+ printf("SIGN\n");
+ element_from_hash(H, "Message", 7);
+ element_add(t1, H, x);
+ element_invert(t1, t1);
+ element_mul_zn(S, P, t1);
+ printf("Signature of message \"Message\" is:\n");
+ element_printf("S = %B\n", S);
+
+ printf("VERIFY\n");
+ element_from_hash(H, "Message", 7);
+ element_mul_zn(t2, P, H);
+ element_add(t2, t2, Ppub);
+ element_pairing(t3, t2, S);
+ element_pairing(t4, P, P);
+ element_printf("e(H(m)P + Ppub, S) = %B\n", t3);
+ element_printf("e(P, P) = %B\n", t4);
+ if (!element_cmp(t3, t4)) printf("Signature is valid\n");
+ else printf("Signature is invalid\n");
+ time2 = pbc_get_time();
+ printf("All time = %fs\n", time2 - time1);
+ element_clear(P);
+ element_clear(Ppub);
+ element_clear(x);
+ element_clear(S);
+ element_clear(H);
+ element_clear(t1);
+ element_clear(t2);
+ element_clear(t3);
+ element_clear(t4);
+ pairing_clear(pairing);
+
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/gen/Makefile.am b/moon-abe/pbc-0.5.14/gen/Makefile.am
new file mode 100644
index 00000000..773d31d9
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/gen/Makefile.am
@@ -0,0 +1,18 @@
+CLEANFILES = *~
+maintainer-clean-local:
+ -rm -rf Makefile.in
+
+AM_CPPFLAGS = -I../include
+LDADD = ../libpbc.la -lgmp
+
+noinst_PROGRAMS = gena1param genaparam gendparam geneparam genfparam gengparam hilbertpoly listmnt listfreeman
+
+gena1param_SOURCES = gena1param.c
+genaparam_SOURCES = genaparam.c
+gendparam_SOURCES = gendparam.c
+geneparam_SOURCES = geneparam.c
+genfparam_SOURCES = genfparam.c
+gengparam_SOURCES = gengparam.c
+hilbertpoly_SOURCES = hilbertpoly.c
+listmnt_SOURCES = listmnt.c
+listfreeman_SOURCES = listfreeman.c
diff --git a/moon-abe/pbc-0.5.14/gen/gena1param.c b/moon-abe/pbc-0.5.14/gen/gena1param.c
new file mode 100644
index 00000000..3472beac
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/gen/gena1param.c
@@ -0,0 +1,27 @@
+#include "pbc.h"
+
+int main(void)
+{
+ mpz_t p, q, N;
+
+ mpz_init(p);
+ mpz_init(q);
+ mpz_init(N);
+
+ // In a real application, p and q must be stored somewhere safe.
+ pbc_mpz_randomb(p, 512);
+ pbc_mpz_randomb(q, 512);
+
+ mpz_nextprime(p, p);
+ mpz_nextprime(q, q);
+ mpz_mul(N, p, q);
+
+ pbc_param_t param;
+ pbc_param_init_a1_gen(param, N);
+ pbc_param_out_str(stdout, param);
+ pbc_param_clear(param);
+ mpz_clear(p);
+ mpz_clear(q);
+ mpz_clear(N);
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/gen/genalldparams b/moon-abe/pbc-0.5.14/gen/genalldparams
new file mode 100644
index 00000000..22cfa993
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/gen/genalldparams
@@ -0,0 +1,15 @@
+#!/bin/bash
+# Generates all type D curve parameters within certain limits
+#
+# Use with the output of listmnt
+
+function myfunc {
+ until [ -z "$1" ]
+ do
+ filename=d$1-$2-$3.param
+ gen/gendparam $1 > $filename
+ shift 3
+ done
+}
+
+myfunc `awk -F, '{ if (($2 >= 80) && ($2 <= 300) && ($3 >= 80)) { print $1 $2 $3; } }'`
diff --git a/moon-abe/pbc-0.5.14/gen/genaparam.c b/moon-abe/pbc-0.5.14/gen/genaparam.c
new file mode 100644
index 00000000..c589e5a3
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/gen/genaparam.c
@@ -0,0 +1,21 @@
+// Generate type A pairings.
+// Usage:
+// genaparam [RBITS [QBITS]]
+//
+// RBITS
+// The number of bits in r, the order of the subgroup G1. Default is 160.
+// QBITS
+// The number of bits in q, the order of the full group. Default is 512.
+
+#include "pbc.h"
+
+int main(int argc, char **argv) {
+ int rbits = argc > 1 ? atoi(argv[1]) : 160;
+ int qbits = argc > 2 ? atoi(argv[2]) : 512;
+
+ pbc_param_t par;
+ pbc_param_init_a_gen(par, rbits, qbits);
+ pbc_param_out_str(stdout, par);
+ pbc_param_clear(par);
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/gen/gendparam.c b/moon-abe/pbc-0.5.14/gen/gendparam.c
new file mode 100644
index 00000000..8506e52a
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/gen/gendparam.c
@@ -0,0 +1,35 @@
+// Generate MNT curve(s) for a given D.
+
+#include <stdint.h> // for intptr_t
+#include "pbc.h"
+#include "pbc_utils.h" // for UNUSED_VAR
+
+int generate(pbc_cm_t cm, void *data) {
+ UNUSED_VAR(data);
+ pbc_param_t param;
+ pbc_info("gendparam: computing Hilbert polynomial and finding roots...");
+ pbc_param_init_d_gen(param, cm);
+ pbc_info("gendparam: bits in q = %zu\n", mpz_sizeinbase(cm->q, 2));
+ pbc_param_out_str(stdout, param);
+ pbc_param_clear(param);
+ return 1;
+}
+
+int main(int argc, char **argv) {
+ int D = 9563;
+
+ if (argc > 1) {
+ int m;
+ D = atoi(argv[1]);
+ m = D % 4;
+ if (D <= 0 || m == 1 || m == 2) {
+ pbc_die("D must be 0 or 3 mod 4 and positive");
+ }
+ }
+ pbc_info("Using D = %d\n", D);
+
+ if (!pbc_cm_search_d(generate, NULL, D, 500)) {
+ pbc_die("no suitable curves for this D");
+ }
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/gen/geneparam.c b/moon-abe/pbc-0.5.14/gen/geneparam.c
new file mode 100644
index 00000000..a8109127
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/gen/geneparam.c
@@ -0,0 +1,21 @@
+// Generate type E pairings.
+// Usage:
+// geneparam [RBITS [QBITS]]
+//
+// RBITS
+// The number of bits in r, the order of the subgroup G1. Default is 160.
+// QBITS
+// The number of bits in q, the order of the full group. Default is 1024.
+
+#include "pbc.h"
+
+int main(int argc, char **argv) {
+ int rbits = argc > 1 ? atoi(argv[1]) : 160;
+ int qbits = argc > 2 ? atoi(argv[2]) : 1024;
+
+ pbc_param_t par;
+ pbc_param_init_e_gen(par, rbits, qbits);
+ pbc_param_out_str(stdout, par);
+ pbc_param_clear(par);
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/gen/genfparam.c b/moon-abe/pbc-0.5.14/gen/genfparam.c
new file mode 100644
index 00000000..d7118dad
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/gen/genfparam.c
@@ -0,0 +1,24 @@
+// Generate type F pairings.
+// Usage:
+// genaparam [BITS]
+//
+// BITS
+// The number of bits in r, the order of the subgroup G1. Default is 160.
+
+#include "pbc.h"
+
+int main(int argc, char **argv) {
+ int bits = 160;
+ if (argc > 1) {
+ bits = atoi(argv[1]);
+ if (bits < 1) {
+ pbc_die("Usage: %s [BITS]", argv[0]);
+ }
+ }
+ pbc_param_t fp;
+ pbc_param_init_f_gen(fp, bits);
+ pbc_param_out_str(stdout, fp);
+ pbc_param_clear(fp);
+
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/gen/gengparam.c b/moon-abe/pbc-0.5.14/gen/gengparam.c
new file mode 100644
index 00000000..064f2b76
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/gen/gengparam.c
@@ -0,0 +1,33 @@
+// Generate Freeman curves with a given discriminant.
+#include "pbc.h"
+
+int generate(pbc_cm_t cm, void *data) {
+ UNUSED_VAR(data);
+ pbc_param_t param;
+
+ pbc_info("gengparam: computing Hilbert polynomial and finding roots...");
+ pbc_param_init_g_gen(param, cm);
+ pbc_info("gengparam: bits in q = %zu", mpz_sizeinbase(cm->q, 2));
+ pbc_param_out_str(stdout, param);
+ pbc_param_clear(param);
+ return 1;
+}
+
+int main(int argc, char **argv) {
+ int D = 35707;
+
+ if (argc > 1) {
+ int m;
+ D = atoi(argv[1]);
+ m = D % 120;
+ if (D <= 0 || (m != 43 && m != 67)) {
+ pbc_die("D must be 43 or 67 mod 120 and positive");
+ }
+ }
+ pbc_info("Using D = %d", D);
+
+ if (!pbc_cm_search_g(generate, NULL, D, 500)) {
+ pbc_die("No suitable curves for this D");
+ }
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/gen/hilbertpoly.c b/moon-abe/pbc-0.5.14/gen/hilbertpoly.c
new file mode 100644
index 00000000..2e73af4e
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/gen/hilbertpoly.c
@@ -0,0 +1,57 @@
+// Prints Hilbert polynomials H_D(X)
+//
+// Usage: hilbertpoly [LOWER [UPPER]]
+//
+// LOWER:
+// Lower limit of D. Defaults to 3.
+// UPPER:
+// Upper limit of D. Defaults to LOWER.
+//
+// e.g. $ hilbertpoly 3 1000000
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h> //for atoi, exit
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_hilbert.h"
+
+static void xpow(int degree) {
+ if (degree == 1) {
+ printf("X");
+ } else if (degree) {
+ printf("X^%d", degree);
+ }
+}
+
+int main(int argc, char **argv) {
+ int D = argc > 1 ? atoi(argv[1]) : 3;
+ if (D <= 0) pbc_die("D must be positive.");
+
+ int Dlimit = argc > 2 ? atoi(argv[2]) : D;
+
+ for(; D <= Dlimit; D++) {
+ mpz_t *coefflist;
+ int m = D % 4;
+ if (m == 1 || m == 2) continue;
+ printf("D = %d\n", D);
+
+ int n = pbc_hilbert(&coefflist, D);
+
+ printf(" ");
+ xpow(n - 1);
+ printf("\n");
+ int i;
+ for (i = n - 2; i >= 0; i--) {
+ if (mpz_sgn(coefflist[i]) >= 0) {
+ printf("+");
+ }
+ mpz_out_str(stdout, 0, coefflist[i]);
+ xpow(i);
+ printf("\n");
+ }
+ pbc_hilbert_free(coefflist, n);
+ }
+
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/gen/listfreeman.c b/moon-abe/pbc-0.5.14/gen/listfreeman.c
new file mode 100644
index 00000000..f3f18cc4
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/gen/listfreeman.c
@@ -0,0 +1,38 @@
+// List discriminant and bits in r and q for type G pairings that may be
+// suitable for cryptography.
+
+#include "pbc.h"
+
+int show(pbc_cm_t cm, void *data) {
+ unsigned int D = * (unsigned *) data;
+ int qbits, rbits;
+ qbits = mpz_sizeinbase(cm->q, 2);
+ rbits = mpz_sizeinbase(cm->r, 2);
+ printf("%d, %d, %d\n", D, qbits, rbits);
+ fflush(stdout);
+ return 0;
+}
+
+void try(int tryD) {
+ pbc_cm_search_g(show, &tryD, tryD, 500);
+}
+
+int main(int argc, char **argv) {
+ unsigned int D = 0;
+
+ if (argc > 1) {
+ D = atoi(argv[1]);
+ if (D % 120) {
+ pbc_die("D must be multiple of 120");
+ }
+ }
+
+ printf("D < %u, bits in q, bits in r\n", 1000000000);
+ while (D < 1000000000) {
+ try(D + 43);
+ try(D + 67);
+ D+=120;
+ }
+
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/gen/listmnt.c b/moon-abe/pbc-0.5.14/gen/listmnt.c
new file mode 100644
index 00000000..a9160eab
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/gen/listmnt.c
@@ -0,0 +1,41 @@
+// For different discriminants D, list group size and representation size
+// of resulting MNT curves.
+
+#include "pbc.h"
+
+int consider(pbc_cm_t cm, void *data) {
+ unsigned int D = * (unsigned *) data;
+ int qbits, rbits;
+ qbits = mpz_sizeinbase(cm->q, 2);
+ rbits = mpz_sizeinbase(cm->r, 2);
+ printf("%d, %d, %d\n", D, qbits, rbits);
+ fflush(stdout);
+ return 0;
+}
+
+void try(unsigned int D) {
+ pbc_cm_search_d(consider, &D, D, 500);
+}
+
+int main(int argc, char **argv)
+{
+ unsigned int D = 7;
+
+ if (argc > 1) {
+ D = atoi(argv[1]);
+ if (D < 7 || (D % 4) != 3) {
+ pbc_die("D must be 3 mod 4 and at least 7");
+ }
+ }
+
+ const unsigned int maxD = 1000000000;
+ printf("D < %u, bits in q, bits in r\n", maxD);
+ while (D < maxD) {
+ try(D);
+ D++;
+ try(D);
+ D+=3;
+ }
+
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/guru/19.c b/moon-abe/pbc-0.5.14/guru/19.c
new file mode 100644
index 00000000..5e225565
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/guru/19.c
@@ -0,0 +1,373 @@
+/*
+ * Toy example of a field where the Tate pairing can be used
+ * but the Weil pairing cannot.
+ *
+ * Consider the curve E: y^2 = x^3 + x + 6 over F_19:
+ * E(F_19) is a cyclic group of order 18.
+ * Thus E[3] is not contained in F_19
+ * (it turns out E[3] is contained in F_19^3).
+ *
+ * Hence the Weil pairing cannot be defined over F_19
+ * However, F_19 contains the cube roots of unity
+ * so we can compute the Tate pairing
+ */
+
+/*
+ * P = (12,13) generates a group of order 3:
+ * <(12,13)> = {(12,13), (12,6), O}
+ * e(P,P) = 7, so we have the isomorphism
+ * <(12,13)> = <7> (in F_19^*)
+ *
+ * Similarly P = (4, 6) generates a group of order 9, and we find
+ * <(4,6)> = <4>
+ *
+ * P = (0, 5) generates all of E(F_19)
+ * Miller's algorithm will not allow us to calculate e(P, P) without
+ * first extending F_19.
+ * Instead of extending, we could manipulate rational functions since
+ * 19 is small enough that an explicit expression of f_P can be found.
+ */
+
+#include "pbc.h"
+#include "pbc_fp.h"
+#include "pbc_fieldquadratic.h"
+
+static void miller(element_t res, element_t P, element_ptr QR, element_ptr R, int n) {
+ // Collate divisions.
+ int m;
+ element_t v, vd;
+ element_t Z;
+ element_t a, b, c;
+ const element_ptr cca = curve_a_coeff(P);
+ const element_ptr Px = curve_x_coord(P);
+ const element_ptr Py = curve_y_coord(P);
+ element_t e0, e1;
+ mpz_t q;
+ element_ptr Zx, Zy;
+ const element_ptr numx = curve_x_coord(QR);
+ const element_ptr numy = curve_y_coord(QR);
+ const element_ptr denomx = curve_x_coord(R);
+ const element_ptr denomy = curve_y_coord(R);
+
+ void do_vertical(element_t e, element_t edenom)
+ {
+ element_sub(e0, numx, Zx);
+ element_mul(e, e, e0);
+
+ element_sub(e0, denomx, Zx);
+ element_mul(edenom, edenom, e0);
+ }
+
+ void do_tangent(element_t e, element_t edenom)
+ {
+ //a = -slope_tangent(A.x, A.y);
+ //b = 1;
+ //c = -(A.y + a * A.x);
+ //but we multiply by 2*A.y to avoid division
+
+ //a = -Ax * (Ax + Ax + Ax + twicea_2) - a_4;
+ //Common curves: a2 = 0 (and cc->a is a_4), so
+ //a = -(3 Ax^2 + cc->a)
+ //b = 2 * Ay
+ //c = -(2 Ay^2 + a Ax);
+
+ if (element_is0(Zy)) {
+ do_vertical(e, edenom);
+ return;
+ }
+ element_square(a, Zx);
+ element_mul_si(a, a, 3);
+ element_add(a, a, cca);
+ element_neg(a, a);
+
+ element_add(b, Zy, Zy);
+
+ element_mul(e0, b, Zy);
+ element_mul(c, a, Zx);
+ element_add(c, c, e0);
+ element_neg(c, c);
+
+ element_mul(e0, a, numx);
+ element_mul(e1, b, numy);
+ element_add(e0, e0, e1);
+ element_add(e0, e0, c);
+ element_mul(e, e, e0);
+
+ element_mul(e0, a, denomx);
+ element_mul(e1, b, denomy);
+ element_add(e0, e0, e1);
+ element_add(e0, e0, c);
+ element_mul(edenom, edenom, e0);
+ }
+
+ void do_line(element_ptr e, element_ptr edenom)
+ {
+ if (!element_cmp(Zx, Px)) {
+ if (!element_cmp(Zy, Py)) {
+ do_tangent(e, edenom);
+ } else {
+ do_vertical(e, edenom);
+ }
+ return;
+ }
+
+ element_sub(b, Px, Zx);
+ element_sub(a, Zy, Py);
+ element_mul(c, Zx, Py);
+ element_mul(e0, Zy, Px);
+ element_sub(c, c, e0);
+
+ element_mul(e0, a, numx);
+ element_mul(e1, b, numy);
+ element_add(e0, e0, e1);
+ element_add(e0, e0, c);
+ element_mul(e, e, e0);
+
+ element_mul(e0, a, denomx);
+ element_mul(e1, b, denomy);
+ element_add(e0, e0, e1);
+ element_add(e0, e0, c);
+ element_mul(edenom, edenom, e0);
+ }
+
+ element_init(a, res->field);
+ element_init(b, res->field);
+ element_init(c, res->field);
+ element_init(e0, res->field);
+ element_init(e1, res->field);
+
+ element_init(v, res->field);
+ element_init(vd, res->field);
+ element_init(Z, P->field);
+
+ element_set(Z, P);
+ Zx = curve_x_coord(Z);
+ Zy = curve_y_coord(Z);
+
+ element_set1(v);
+ element_set1(vd);
+
+ mpz_init(q);
+ mpz_set_ui(q, n);
+ m = mpz_sizeinbase(q, 2) - 2;
+
+ while(m >= 0) {
+ element_square(v, v);
+ element_square(vd, vd);
+ do_tangent(v, vd);
+ element_double(Z, Z);
+ do_vertical(vd, v);
+
+ if (mpz_tstbit(q, m)) {
+ do_line(v, vd);
+ element_add(Z, Z, P);
+ if (m) {
+ do_vertical(vd, v);
+ }
+ }
+ m--;
+ }
+
+ mpz_clear(q);
+
+ element_invert(vd, vd);
+ element_mul(res, v, vd);
+
+ element_clear(v);
+ element_clear(vd);
+ element_clear(Z);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(e0);
+ element_clear(e1);
+}
+
+static void tate_3(element_ptr out, element_ptr P, element_ptr Q, element_ptr R) {
+ mpz_t six;
+
+ mpz_init(six);
+ mpz_set_ui(six, 6);
+ element_t QR;
+ element_t e0;
+
+ element_init(QR, P->field);
+ element_init(e0, out->field);
+
+ element_add(QR, Q, R);
+
+ //for subgroup size 3, -2P = P, hence
+ //the tangent line at P has divisor 3(P) - 3(O)
+
+ miller(out, P, QR, R, 3);
+
+ element_pow_mpz(out, out, six);
+ element_clear(QR);
+ element_clear(e0);
+ mpz_clear(six);
+}
+
+static void tate_9(element_ptr out, element_ptr P, element_ptr Q, element_ptr R) {
+ element_t QR;
+ element_init(QR, P->field);
+
+ element_add(QR, Q, R);
+
+ miller(out, P, QR, R, 9);
+
+ element_square(out, out);
+
+ element_clear(QR);
+}
+
+static void tate_18(element_ptr out, element_ptr P, element_ptr Q, element_ptr R, element_ptr S) {
+ mpz_t pow;
+ element_t PR;
+ element_t QS;
+ element_init(PR, P->field);
+ element_init(QS, P->field);
+ element_t outd;
+
+ element_init(outd, out->field);
+
+ mpz_init(pow);
+ mpz_set_ui(pow, (19*19-1)/18);
+
+ element_add(PR, P, R);
+ element_add(QS, Q, S);
+
+ if (element_is0(QS)) {
+ element_t S2;
+ element_init(S2, P->field);
+ element_double(S2, S);
+ miller(out, PR, S, S2, 18);
+ miller(outd, R, S, S2, 18);
+ element_clear(S2);
+ } else {
+ miller(out, PR, QS, S, 18);
+ miller(outd, R, QS, S, 18);
+ }
+
+ element_clear(PR);
+ element_clear(QS);
+
+ element_invert(outd, outd);
+ element_mul(out, out, outd);
+ element_pow_mpz(out, out, pow);
+
+ element_clear(outd);
+ mpz_clear(pow);
+}
+
+int main(void) {
+ field_t c;
+ field_t Z19;
+ element_t P, Q, R;
+ mpz_t q, z;
+ element_t a, b;
+ int i;
+
+ field_t Z19_2;
+ field_t c2;
+ element_t P2, Q2, R2;
+ element_t a2;
+
+ mpz_init(q);
+ mpz_init(z);
+
+ mpz_set_ui(q, 19);
+
+ field_init_fp(Z19, q);
+ element_init(a, Z19);
+ element_init(b, Z19);
+
+ element_set_si(a, 1);
+ element_set_si(b, 6);
+
+ mpz_set_ui(q, 18);
+ field_init_curve_ab(c, a, b, q, NULL);
+ element_init(P, c);
+ element_init(Q, c);
+ element_init(R, c);
+
+ printf("Y^2 = X^3 + X + 6 over F_19\n");
+ //(0,+/-5) is a generator
+ element_set0(a);
+ curve_from_x(R, a);
+
+ for (i=1; i<19; i++) {
+ mpz_set_si(z, i);
+ element_mul_mpz(Q, R, z);
+ element_printf("%dR = %B\n", i, Q);
+ }
+
+ mpz_set_ui(z, 6);
+ element_mul_mpz(P, R, z);
+ //P has order 3
+ element_printf("P = %B\n", P);
+
+ for (i=1; i<=3; i++) {
+ mpz_set_si(z, i);
+ element_mul_mpz(Q, R, z);
+ tate_3(a, P, Q, R);
+ element_printf("e_3(P,%dR) = %B\n", i, a);
+ }
+
+ element_double(P, R);
+ //P has order 9
+ element_printf("P = %B\n", P);
+ for (i=1; i<=9; i++) {
+ mpz_set_si(z, i);
+ //we're supposed to use multiples of R
+ //but 2R works just as well and it allows us
+ //to use R as the offset every time
+ element_mul_mpz(Q, P, z);
+ tate_9(a, P, Q, R);
+ element_printf("e_9(P,%dP) = %B\n", i, a);
+ }
+
+ //to do the pairing on all of E(F_19) we need to move to F_19^2
+ //or compute the rational function explicitly
+ printf("moving to F_19^2\n");
+ field_init_fi(Z19_2, Z19);
+
+ //don't need to tell it the real order
+ field_init_curve_ab_map(c2, c, element_field_to_fi, Z19_2, q, NULL);
+ element_init(P2, c2);
+ element_init(Q2, c2);
+ element_init(R2, c2);
+
+ element_init(a2, Z19_2);
+ element_set0(a2);
+ curve_from_x(P2, a2);
+
+ element_random(R2);
+
+ element_printf("P = %B\n", P2);
+
+ for (i=1; i<=18; i++) {
+ mpz_set_si(z, i);
+ element_mul_mpz(Q2, P2, z);
+ tate_18(a2, P2, Q2, R2, P2);
+ element_printf("e_18(P,%dP) = %B\n", i, a2);
+ }
+
+ element_clear(P2);
+ element_clear(Q2);
+ element_clear(R2);
+ element_clear(a2);
+ field_clear(c2);
+ field_clear(Z19_2);
+
+ field_clear(c);
+ element_clear(a);
+ element_clear(b);
+ element_clear(P);
+ element_clear(Q);
+ element_clear(R);
+ field_clear(Z19);
+
+ mpz_clear(q);
+ mpz_clear(z);
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/guru/59.c b/moon-abe/pbc-0.5.14/guru/59.c
new file mode 100644
index 00000000..d543a757
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/guru/59.c
@@ -0,0 +1,783 @@
+// Step-by-step Weil and Tate pairings.
+// For my thesis.
+#include <string.h>
+#include "pbc.h"
+#include "pbc_fp.h"
+#include "pbc_fieldquadratic.h"
+
+static field_t Fq, Fq2, E, E2;
+static mpz_t order;
+
+static void do_vert(element_ptr z, element_ptr V, element_ptr Q)
+{
+ element_ptr Vx = curve_x_coord(V);
+ element_ptr Qx = curve_x_coord(Q);
+ element_ptr Qy = curve_y_coord(Q);
+
+ element_t a, b, c;
+ element_init_same_as(a, Vx);
+ element_init_same_as(b, Vx);
+ element_init_same_as(c, Vx);
+
+ //a = 1
+ //b = 0;
+ //c = -Vx
+ element_set1(a);
+ element_set0(b);
+ element_neg(c, Vx);
+
+ element_printf("vert at %B: %B %B %B\n", Vx, a, b, c);
+ element_mul(a, a, Qx);
+ element_mul(b, b, Qy);
+ element_add(c, c, a);
+ element_add(z, c, b);
+ element_printf("vert eval = %B\n", z);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+}
+
+static void do_tangent(element_ptr z, element_ptr V, element_ptr Q)
+{
+ element_ptr Vx = curve_x_coord(V);
+ element_ptr Vy = curve_y_coord(V);
+ element_ptr Qx = curve_x_coord(Q);
+ element_ptr Qy = curve_y_coord(Q);
+
+ element_t a, b, c;
+ element_init_same_as(a, Vx);
+ element_init_same_as(b, Vx);
+ element_init_same_as(c, Vx);
+
+ //a = -slope_tangent(V.x, V.y);
+ //b = 1;
+ //c = -(V.y + aV.x);
+ /*
+ //we could multiply by -2*V.y to avoid division so:
+ //a = -(3 Vx^2 + cc->a)
+ //b = 2 * Vy
+ //c = -(2 Vy^2 + a Vx);
+ //
+ //actually no, since fasterweil won't work if we do this
+ */
+ element_square(a, Vx);
+ //element_mul_si(a, a, 3);
+ element_add(b, a, a);
+ element_add(a, b, a);
+ element_set1(b);
+ element_add(a, a, b);
+ element_neg(a, a);
+ element_double(b, Vy);
+ element_div(a, a, b);
+ element_set1(b);
+ element_mul(c, a, Vx);
+ element_add(c, c, Vy);
+ element_neg(c, c);
+
+ element_printf("tan at %B: %B %B %B\n", V, a, b, c);
+
+ element_mul(a, a, Qx);
+ element_mul(b, b, Qy);
+ element_add(c, c, a);
+ element_add(z, c, b);
+ element_printf("tan eval = %B\n", z);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+}
+
+static void do_line(element_ptr z, element_ptr V, element_ptr P, element_ptr Q)
+{
+ element_ptr Vx = curve_x_coord(V);
+ element_ptr Vy = curve_y_coord(V);
+ element_ptr Px = curve_x_coord(P);
+ element_ptr Py = curve_y_coord(P);
+ element_ptr Qx = curve_x_coord(Q);
+ element_ptr Qy = curve_y_coord(Q);
+
+ element_t a, b, c, e0;
+ element_init_same_as(a, Vx);
+ element_init_same_as(b, Vx);
+ element_init_same_as(c, Vx);
+ element_init_same_as(e0, Vx);
+
+ //a = -(B.y - A.y) / (B.x - A.x);
+ //b = 1;
+ //c = -(A.y + a * A.x);
+
+ element_sub(a, Py, Vy);
+ element_sub(b, Vx, Px);
+ element_div(a, a, b);
+ element_set1(b);
+ element_mul(c, a, Vx);
+ element_add(c, c, Vy);
+ element_neg(c, c);
+
+ /*
+ //but we could multiply by B.x - A.x to avoid division, so
+ //a = -(By - Ay)
+ //b = Bx - Ax
+ //c = -(Ay b + a Ax);
+ element_sub(a, Vy, Py);
+ element_sub(b, Px, Vx);
+ element_mul(c, Vx, Py);
+ element_mul(e0, Vy, Px);
+ element_sub(c, c, e0);
+ //
+ //actually no, since fasterweil won't work if we do this
+ */
+
+ element_printf("line at %B: %B %B %B\n", V, a, b, c);
+ element_mul(a, a, Qx);
+ element_mul(b, b, Qy);
+ element_add(c, c, a);
+ element_add(z, c, b);
+ element_printf(" = %B\n", z);
+
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(e0);
+}
+
+void millertate(element_t z, element_t P, element_t Q)
+{
+ element_t Z;
+ element_t z0;
+
+ element_init_same_as(Z, P);
+ element_init_same_as(z0, z);
+
+ element_set(Z, P);
+
+ do_tangent(z, Z, Q);
+
+ element_double(Z, Z);
+
+ do_vert(z0, Z, Q);
+ element_div(z, z, z0);
+
+ element_printf("presquare: z = %B\n", z);
+
+ element_square(z, z);
+
+ element_printf("square: z = %B\n", z);
+
+ do_tangent(z0, Z, Q);
+ element_mul(z, z, z0);
+
+ element_clear(z0);
+ element_clear(Z);
+}
+
+void tate(element_t z, element_t P, element_t Q)
+{
+ mpz_t q1r;
+
+ mpz_init(q1r);
+ mpz_set_ui(q1r, 696);
+
+ /*
+ millertate(z, P, Q);
+ element_printf("prepow: z = %B\n", z);
+ element_pow_mpz(z, z, q1r);
+ */
+ {
+ element_t R, QR;
+ element_t z0;
+
+ element_init_same_as(R, P);
+ element_init_same_as(QR, P);
+ element_init_same_as(z0, z);
+
+ element_random(R);
+ element_add(QR, Q, R);
+
+ millertate(z, P, QR);
+ millertate(z0, P, R);
+ element_div(z, z, z0);
+ element_pow_mpz(z, z, q1r);
+ element_clear(R);
+ element_clear(QR);
+ }
+
+ mpz_clear(q1r);
+}
+
+void shipseystange(element_t z, element_t P, element_t Q)
+{
+ mpz_t q1r;
+
+ mpz_init(q1r);
+ mpz_set_ui(q1r, 696);
+
+ element_ptr x = curve_x_coord(P);
+ element_ptr y = curve_y_coord(P);
+
+ element_ptr x2 = curve_x_coord(Q);
+ element_ptr y2 = curve_y_coord(Q);
+
+ element_t v0m1, v0m2, v0m3;
+ element_t v00, v01, v02, v03, v04;
+ element_t v1m1, v10, v11;
+ element_t t0, t1, t2;
+ element_t W20inv;
+ element_t Wm11inv;
+ element_t W2m1inv;
+ element_t sm2, sm1, s0, s1, s2, s3;
+ element_t pm2, pm1, p0, p1, p2, p3;
+
+ element_init_same_as(sm2, z);
+ element_init_same_as(sm1, z);
+ element_init_same_as(s0, z);
+ element_init_same_as(s1, z);
+ element_init_same_as(s2, z);
+ element_init_same_as(s3, z);
+
+ element_init_same_as(pm2, z);
+ element_init_same_as(pm1, z);
+ element_init_same_as(p0, z);
+ element_init_same_as(p1, z);
+ element_init_same_as(p2, z);
+ element_init_same_as(p3, z);
+
+ element_init_same_as(v0m3, z);
+ element_init_same_as(v0m2, z);
+ element_init_same_as(v0m1, z);
+ element_init_same_as(v00, z);
+ element_init_same_as(v01, z);
+ element_init_same_as(v02, z);
+ element_init_same_as(v03, z);
+ element_init_same_as(v04, z);
+
+ element_init_same_as(v1m1, z);
+ element_init_same_as(v10, z);
+ element_init_same_as(v11, z);
+
+ element_init_same_as(W20inv, z);
+ element_init_same_as(Wm11inv, z);
+ element_init_same_as(W2m1inv, z);
+
+ element_init_same_as(t0, z);
+ element_init_same_as(t1, z);
+ element_init_same_as(t2, z);
+
+ element_set0(v0m1);
+ element_set1(v00);
+ element_neg(v0m2, v00);
+ element_double(v01, y);
+
+ element_neg(v0m3, v01);
+
+ element_invert(W20inv, v01);
+
+ element_sub(Wm11inv, x, x2);
+ element_square(t1, Wm11inv);
+ element_invert(Wm11inv, Wm11inv);
+ element_double(t0, x);
+ element_add(t0, t0, x2);
+ element_mul(t1, t0, t1);
+ element_add(t0, y, y2);
+ element_square(t0, t0);
+ element_sub(t0, t0, t1);
+ element_invert(W2m1inv, t0);
+
+ /* Let P=(x,y) since A=1, B=0 we have:
+ * W(3,0) = 3x^4 + 6x^2 - 1
+ * W(4,0) = 4y(x^6 + 5x^4 - 5x^2 - 1)
+ */
+
+ //t0 = x^2
+ element_square(t0, x);
+
+ //t1 = x^4
+ element_square(t1, t0);
+
+ //t2 = x^4 + 2 x^2
+ element_double(t2, t0);
+ element_add(t2, t2, t1);
+
+ //v02 = W(3,0)
+ element_double(v02, t2);
+ element_add(v02, v02, t2);
+ element_add(v02, v02, v0m2);
+
+ //t2 = x^4 - x^2
+ element_sub(t2, t1, t0);
+
+ //v03 = 5(x^4 - x^2)
+ element_double(v03, t2);
+ element_double(v03, v03);
+ element_add(v03, v03, t2);
+
+ //t2 = x^6
+ element_mul(t2, t0, t1);
+
+ //v03 = W(4,0)
+ element_add(v03, v03, t2);
+ element_add(v03, v03, v0m2);
+ element_double(v03, v03);
+ element_double(v03, v03);
+ element_mul(v03, v03, y);
+
+ //v04 = W(5,0) = W(2,0)^3 W(4,0) - W(3,0)^3
+ element_square(t0, v01);
+ element_mul(t0, t0, v01);
+ element_mul(v04, t0, v03);
+ element_square(t0, v02);
+ element_mul(t0, t0, v02);
+ element_sub(v04, v04, t0);
+
+ element_set1(v1m1);
+ element_set1(v10);
+
+ element_printf("x y: %B %B\n", x, y);
+ element_printf("x2 y2: %B %B\n", x2, y2);
+ element_sub(t0, x2, x);
+ element_sub(t1, y2, y);
+ element_div(t0, t1, t0);
+ element_square(t0, t0);
+ element_double(v11, x);
+ element_add(v11, v11, x2);
+ element_sub(v11, v11, t0);
+
+ element_printf("VEC1: %B %B %B\n", v1m1, v10, v11);
+ element_printf("VEC0: %B %B %B %B %B %B %B %B\n",
+ v0m3, v0m2, v0m1, v00, v01, v02, v03, v04);
+
+ //Double
+ element_square(sm2, v0m2);
+ element_square(sm1, v0m1);
+ element_square(s0, v00);
+ element_square(s1, v01);
+ element_square(s2, v02);
+ element_square(s3, v03);
+
+ element_mul(pm2, v0m3, v0m1);
+ element_mul(pm1, v0m2, v00);
+ element_mul(p0, v0m1, v01);
+ element_mul(p1, v00, v02);
+ element_mul(p2, v01, v03);
+ element_mul(p3, v02, v04);
+
+ element_mul(t0, pm1, sm2);
+ element_mul(t1, pm2, sm1);
+ element_sub(v0m3, t0, t1);
+
+ element_mul(t1, pm2, s0);
+ element_mul(t0, p0, sm2);
+ element_sub(v0m2, t0, t1);
+ element_mul(v0m2, v0m2, W20inv);
+
+ element_mul(t0, p0, sm1);
+ element_mul(t1, pm1, s0);
+ element_sub(v0m1, t0, t1);
+
+ element_mul(t1, pm1, s1);
+ element_mul(t0, p1, sm1);
+ element_sub(v00, t0, t1);
+ element_mul(v00, v00, W20inv);
+
+ element_mul(t0, p1, s0);
+ element_mul(t1, p0, s1);
+ element_sub(v01, t0, t1);
+
+ element_mul(t1, p0, s2);
+ element_mul(t0, p2, s0);
+ element_sub(v02, t0, t1);
+ element_mul(v02, v02, W20inv);
+
+ element_mul(t0, p2, s1);
+ element_mul(t1, p1, s2);
+ element_sub(v03, t0, t1);
+
+ element_mul(t1, p1, s3);
+ element_mul(t0, p3, s1);
+ element_sub(v04, t0, t1);
+ element_mul(v04, v04, W20inv);
+
+ element_square(t0, v10);
+ element_mul(t1, v1m1, v11);
+
+ element_mul(t2, pm1, t0);
+ element_mul(v1m1, t1, sm1);
+ element_sub(v1m1, v1m1, t2);
+
+ element_mul(t2, p0, t0);
+ element_mul(v10, t1, s0);
+ element_sub(v10, v10, t2);
+
+ element_mul(t2, p1, t0);
+ element_mul(v11, t1, s1);
+ element_sub(v11, v11, t2);
+ element_mul(v11, v11, Wm11inv);
+
+ element_printf("VEC1: %B %B %B\n", v1m1, v10, v11);
+ element_printf("VEC0: %B %B %B %B %B %B %B %B\n",
+ v0m3, v0m2, v0m1, v00, v01, v02, v03, v04);
+
+ //DoubleAdd
+ element_square(sm2, v0m2);
+ element_square(sm1, v0m1);
+ element_square(s0, v00);
+ element_square(s1, v01);
+ element_square(s2, v02);
+ element_square(s3, v03);
+
+ element_mul(pm2, v0m3, v0m1);
+ element_mul(pm1, v0m2, v00);
+ element_mul(p0, v0m1, v01);
+ element_mul(p1, v00, v02);
+ element_mul(p2, v01, v03);
+ element_mul(p3, v02, v04);
+
+ element_mul(t1, pm2, s0);
+ element_mul(t0, p0, sm2);
+ element_sub(v0m3, t0, t1);
+ element_mul(v0m3, v0m3, W20inv);
+
+ element_mul(t0, p0, sm1);
+ element_mul(t1, pm1, s0);
+ element_sub(v0m2, t0, t1);
+
+ element_mul(t1, pm1, s1);
+ element_mul(t0, p1, sm1);
+ element_sub(v0m1, t0, t1);
+ element_mul(v0m1, v0m1, W20inv);
+
+ element_mul(t0, p1, s0);
+ element_mul(t1, p0, s1);
+ element_sub(v00, t0, t1);
+
+ element_mul(t1, p0, s2);
+ element_mul(t0, p2, s0);
+ element_sub(v01, t0, t1);
+ element_mul(v01, v01, W20inv);
+
+ element_mul(t0, p2, s1);
+ element_mul(t1, p1, s2);
+ element_sub(v02, t0, t1);
+
+ element_mul(t1, p1, s3);
+ element_mul(t0, p3, s1);
+ element_sub(v03, t0, t1);
+ element_mul(v03, v03, W20inv);
+
+ element_mul(t0, p3, s2);
+ element_mul(t1, p2, s3);
+ element_sub(v04, t0, t1);
+
+ element_square(t0, v10);
+ element_mul(t1, v1m1, v11);
+
+ element_mul(t2, p0, t0);
+ element_mul(v1m1, t1, s0);
+ element_sub(v1m1, v1m1, t2);
+
+ element_mul(t2, p1, t0);
+ element_mul(v10, t1, s1);
+ element_sub(v10, v10, t2);
+ element_mul(v10, v10, Wm11inv);
+
+ element_mul(t2, t1, s2);
+ element_mul(v11, p2, t0);
+ element_sub(v11, v11, t2);
+ element_mul(v11, v11, W2m1inv);
+
+ element_printf("VEC1: %B %B %B\n", v1m1, v10, v11);
+ element_printf("VEC0: %B %B %B %B %B %B %B %B\n",
+ v0m3, v0m2, v0m1, v00, v01, v02, v03, v04);
+ element_div(z, v11, v01);
+ element_printf("prepow: %B\n", z);
+
+ element_pow_mpz(z, z, q1r);
+
+ mpz_clear(q1r);
+}
+
+void miller(element_t z, element_t PR, element_t R, element_t P, element_t Q)
+{
+ int m = mpz_sizeinbase(order, 2) - 2;
+
+ element_t Z;
+ element_t z1;
+ element_t x1;
+ element_init_same_as(Z, PR);
+
+ element_set(Z, P);
+ element_set1(z);
+ element_init_same_as(z1, z);
+ element_init_same_as(x1, z);
+
+ do_vert(x1, PR, Q);
+ element_printf("vert(P+R) %B\n", x1);
+ do_line(z1, P, R, Q);
+ element_printf("line(P,R) %B\n", z1);
+ element_div(x1, x1, z1);
+ element_printf("x1 %B\n", x1);
+ element_set(z, x1);
+
+ for (;;) {
+ printf("iteration %d: %d\n", m, mpz_tstbit(order,m));
+ element_square(z, z);
+ element_printf("squared: %B\n", z);
+ do_tangent(z1, Z, Q);
+ element_mul(z, z, z1);
+
+ element_double(Z, Z);
+ do_vert(z1, Z, Q);
+ element_div(z, z, z1);
+ element_printf("pre-if: %B\n", z);
+
+ if (mpz_tstbit(order, m)) {
+ element_mul(z, z, x1);
+ do_vert(z1, P, Q);
+ element_mul(z, z, z1);
+ element_printf("done %B\n", z);
+ /*
+ do_line(z1, Z, P, Q);
+ element_mul(z, z, z1);
+ element_add(Z, Z, P);
+ do_vert(z1, Z, Q);
+ element_div(z, z, z1);
+ */
+ }
+ if (!m) break;
+ m--;
+ }
+
+ element_clear(x1);
+ element_clear(z1);
+}
+/*
+*/
+
+void weil(element_t w, element_t g, element_t h)
+{
+ element_t gr;
+ element_t hs;
+ element_t r;
+ element_t s;
+ element_t z, z0, z1;
+
+ element_init(z, Fq2);
+ element_init(z0, Fq2);
+ element_init(z1, Fq2);
+
+ element_init_same_as(gr, g);
+ element_init_same_as(hs, h);
+ element_init_same_as(r, g);
+ element_init_same_as(s, h);
+
+ element_random(r);
+ element_random(s);
+ //point_random always takes the same square root
+ //why not take the other one for once?
+ element_neg(r, r);
+ element_set_str(r, "[[40,0],[54,0]]", 0);
+ element_set_str(s, "[[48,55],[28,51]]", 0);
+
+ element_printf("chose R = %B\n", r);
+ element_printf("chose S = %B\n", s);
+ element_add(gr, g, r);
+ element_add(hs, h, s);
+
+ element_printf("P+R = %B\n", gr);
+ element_printf("Q+S = %B\n", hs);
+ miller(z, gr, r, g, hs);
+ miller(z0, gr, r, g, s);
+ element_div(z1, z, z0);
+ element_printf("num: %B\n", z1);
+
+ miller(z, hs, s, h, gr);
+ miller(z0, hs, s, h, r);
+ element_div(w, z, z0);
+ element_printf("denom: %B\n", w);
+
+ element_div(w, z1, w);
+
+ element_clear(gr);
+ element_clear(r);
+ element_clear(hs);
+ element_clear(s);
+ element_clear(z);
+ element_clear(z0);
+ element_clear(z1);
+}
+
+void fasterweil(element_t w, element_t g, element_t h)
+{
+ element_t hs;
+ element_t s;
+ element_t z, z0, z1;
+
+ element_init(z, Fq2);
+ element_init(z0, Fq2);
+ element_init(z1, Fq2);
+
+ element_init_same_as(hs, h);
+ element_init_same_as(s, h);
+
+ element_random(s);
+ //point_random always takes the same square root
+ //why not take the other one for once?
+ element_set_str(s, "[[48,55],[28,51]]", 0);
+
+ element_printf("chose S = %B\n", s);
+ element_add(hs, h, s);
+
+ element_printf("Q+S = %B\n", hs);
+
+ millertate(z, g, hs);
+ millertate(z0, g, s);
+ element_div(z1, z, z0);
+ element_printf("num: %B\n", z1);
+
+ miller(w, hs, s, h, g);
+ element_printf("denom: %B\n", w);
+
+ element_div(w, z1, w);
+
+ element_clear(z);
+ element_clear(z0);
+ element_clear(z1);
+ element_clear(hs);
+ element_clear(s);
+}
+
+void fasterweil2(element_t w, element_t g, element_t h)
+{
+ element_t gr;
+ element_t r;
+ element_t z, z0, z1;
+
+ element_init(z, Fq2);
+ element_init(z0, Fq2);
+ element_init(z1, Fq2);
+
+ element_init_same_as(gr, g);
+ element_init_same_as(r, g);
+
+ element_random(r);
+ //point_random always takes the same square root
+ //why not take the other one for once?
+ element_set_str(r, "[[48,55],[28,51]]", 0);
+
+ element_printf("chose R = %B\n", r);
+ element_add(gr, g, r);
+
+ element_printf("P+R = %B\n", gr);
+
+ miller(w, gr, r, g, h);
+ element_printf("num: %B\n", w);
+
+ millertate(z, h, gr);
+ millertate(z0, h, r);
+ element_div(z1, z, z0);
+ element_printf("denom: %B\n", z1);
+
+ element_div(w, w, z1);
+
+ element_clear(z);
+ element_clear(z0);
+ element_clear(z1);
+ element_clear(gr);
+ element_clear(r);
+}
+
+int main(void)
+{
+ int i;
+ element_t g, h;
+ element_t w0, w1;
+ element_t a, b;
+ mpz_t prime, cofac;
+
+ mpz_init(prime);
+ mpz_init(order);
+ mpz_init(cofac);
+ mpz_set_ui(prime, 59);
+
+ field_init_fp(Fq, prime);
+
+ element_init(a, Fq);
+ element_init(b, Fq);
+
+ field_init_fi(Fq2, Fq);
+
+ element_set1(a);
+ element_set0(b);
+ mpz_set_ui(order, 5);
+ mpz_set_ui(cofac, 12);
+
+ field_init_curve_ab(E, a, b, order, cofac);
+
+ element_clear(a);
+ element_clear(b);
+ element_init(a, Fq2);
+ element_init(b, Fq2);
+ element_set1(a);
+ element_set0(b);
+
+ mpz_mul(cofac, cofac, cofac);
+ field_init_curve_ab(E2, a, b, order, NULL);
+
+ element_init(g, E2);
+ element_init(h, E2);
+
+ element_init(w0, Fq2);
+ element_init(w1, Fq2);
+
+ /*
+ do {
+ element_random(g);
+ } while (element_is1(g));
+ for (i=1; i<5; i++) {
+ element_mul(h, h, g);
+ element_printf("%d: %B\n", i, h);
+ element_printf("tangent = ");
+ do_tangent(h);
+ }
+ */
+ element_set_str(g, "[[25,0],[30,0]", 0);
+ element_set_str(h, "[[34,0],[0,30]", 0);
+ weil(w0, g, h);
+ element_printf("weil: %B\n", w0);
+
+ element_set1(w1);
+ for (i=1; i<6; i++) {
+ element_mul(w1, w1, w0);
+ element_printf("%d: %B\n", i, w1);
+ }
+
+ fasterweil(w0, g, h);
+ element_printf("fasterweil: %B\n", w0);
+
+ element_set1(w1);
+ for (i=1; i<6; i++) {
+ element_mul(w1, w1, w0);
+ element_printf("%d: %B\n", i, w1);
+ }
+
+ fasterweil2(w0, g, h);
+ element_printf("fasterweil2: %B\n", w0);
+
+ tate(w0, g, h);
+ element_printf("tate: %B\n", w0);
+
+ element_set1(w1);
+ for (i=1; i<6; i++) {
+ element_mul(w1, w1, w0);
+ element_printf("%d: %B\n", i, w1);
+ }
+
+ shipseystange(w0, g, h);
+ element_printf("ss-tate: %B\n", w0);
+
+ element_set1(w1);
+ for (i=1; i<6; i++) {
+ element_mul(w1, w1, w0);
+ element_printf("%d: %B\n", i, w1);
+ }
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/guru/checkfp.c b/moon-abe/pbc-0.5.14/guru/checkfp.c
new file mode 100644
index 00000000..98b9a701
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/guru/checkfp.c
@@ -0,0 +1,334 @@
+// Compares two implementations of Fp.
+
+#include <string.h>
+#include "pbc.h"
+#include "pbc_fp.h"
+#include "pbc_fieldquadratic.h"
+
+static mpz_t prime;
+
+enum { VERBOSE = 0 };
+
+static void check_p(int value, char *s) {
+ if (!value) {
+ printf("BUG: %s predicate wrong\n", s);
+ exit(1);
+ }
+
+ if (VERBOSE) {
+ printf("checking %s\n", s);
+ }
+}
+
+static void check_match_int(int i1, int i2, char *s) {
+ void bug(void)
+ {
+ printf("BUG: %s mismatch\n", s);
+ element_printf("i1: %d\n", i1);
+ element_printf("i2: %d\n", i2);
+ exit(1);
+ }
+
+ if (VERBOSE) {
+ printf("checking %s\n", s);
+ element_printf("i1: %d\n", i1);
+ element_printf("i2: %d\n", i2);
+ }
+
+ if (i1 != i2) bug();
+}
+
+static void check_match(element_t e1, element_t e2, char *s) {
+ unsigned char *buf1, *buf2;
+ int len;
+ void bug(void)
+ {
+ printf("BUG: %s mismatch\n", s);
+ element_printf("e1: %B\n", e1);
+ element_printf("e2: %B\n", e2);
+ exit(1);
+ }
+
+ if (VERBOSE) {
+ printf("checking %s\n", s);
+ element_printf("e1: %B\n", e1);
+ element_printf("e2: %B\n", e2);
+ }
+ len = element_length_in_bytes(e1);
+ if (len != element_length_in_bytes(e2)) {
+ bug();
+ }
+
+ buf1 = pbc_malloc(len);
+ buf2 = pbc_malloc(len);
+ element_to_bytes(buf1, e1);
+ element_to_bytes(buf2, e2);
+
+ if (memcmp(buf1, buf2, len)) {
+ bug();
+ }
+
+ pbc_free(buf1);
+ pbc_free(buf2);
+}
+
+static void run_check(field_ptr f1, field_ptr f2) {
+ mpz_t t1, t2;
+ element_t x1, y1, z1;
+ element_t x2, y2, z2;
+ char s2[80];
+
+ void convertset(element_t out, element_t in)
+ {
+ unsigned char *buf;
+ int len;
+
+ len = element_length_in_bytes(in);
+ buf = pbc_malloc(len);
+ element_to_bytes(buf, in);
+ element_from_bytes(out, buf);
+ pbc_free(buf);
+ check_match(in, out, "conversion");
+ }
+
+ void randxy(void)
+ {
+
+ element_random(x1);
+ element_random(y1);
+ convertset(x2, x1);
+ convertset(y2, y1);
+ }
+
+ void check_onearg(void (*fn)(element_ptr), char *s)
+ {
+ fn(x1);
+ fn(x2);
+ check_match(x1, x2, s);
+ }
+
+ void check_twoarg(void (*fn)(element_ptr, element_ptr), char *s)
+ {
+ randxy();
+ fn(z1, x1);
+ fn(z2, x2);
+ check_match(z1, z2, s);
+
+ strncpy(s2, s, 32);
+ strcat(s2, " (in place)");
+ fn(y1, y1);
+ fn(y2, y2);
+ check_match(y1, y2, s2);
+ }
+
+ void check_threearg(void (*fn)(element_ptr, element_ptr, element_ptr), char *s)
+ {
+ randxy();
+ fn(z1, x1, y1);
+ fn(z2, x2, y2);
+ check_match(z1, z2, s);
+
+ strncpy(s2, s, 32);
+ strcat(s2, " (first arg in place)");
+ element_set(z1, x1);
+ element_set(z2, x2);
+ fn(z1, z1, y1);
+ fn(z2, z2, y2);
+ check_match(z1, z2, s2);
+
+ strncpy(s2, s, 32);
+ strcat(s2, " (second arg in place)");
+ element_set(z1, y1);
+ element_set(z2, y2);
+ fn(z1, x1, z1);
+ fn(z2, x2, z2);
+ check_match(z1, z2, s2);
+
+ strncpy(s2, s, 32);
+ strcat(s2, " (both args in place)");
+ element_set(z1, y1);
+ element_set(z2, y2);
+ fn(x1, x1, x1);
+ fn(x2, x2, x2);
+ check_match(x1, x2, s2);
+ }
+
+ mpz_init(t1);
+ mpz_init(t2);
+ element_init(x1, f1);
+ element_init(y1, f1);
+ element_init(z1, f1);
+ element_init(x2, f2);
+ element_init(y2, f2);
+ element_init(z2, f2);
+
+ check_p(!element_cmp(x1, y1), "cmp0-1");
+ check_p(!element_cmp(x2, y2), "cmp0-2");
+ check_match(z1, z2, "init");
+ check_onearg(element_set0, "set0");
+ check_onearg(element_set1, "set1");
+ check_twoarg(element_set, "set");
+ check_match_int(element_sgn(z1), element_sgn(z2), "sgn");
+
+ check_threearg(element_add, "add");
+ check_twoarg(element_neg, "neg");
+ check_threearg(element_sub, "sub");
+ check_twoarg(element_double, "double");
+ check_twoarg(element_halve, "halve");
+
+ check_twoarg(element_invert, "invert");
+ check_twoarg(element_square, "square");
+ check_threearg(element_mul, "mul");
+
+ randxy();
+ element_neg(y1, x1);
+ element_neg(y2, x2);
+ element_add(z1, x1, y1);
+ element_add(z2, x2, y2);
+ check_match(z1, z2, "add (to zero)");
+ check_p(!element_sgn(z1), "sgn");
+ check_p(!element_sgn(z1), "sgn");
+ check_p(element_is0(z2), "is0");
+ check_p(element_is0(z2), "is0");
+
+ randxy();
+ element_invert(y1, x1);
+ element_invert(y2, x2);
+ element_mul(z1, x1, y1);
+ element_mul(z2, x2, y2);
+ check_match(z1, z2, "mul (to one)");
+ check_p(element_is1(z1), "is1");
+ check_p(element_is1(z2), "is1");
+
+ randxy();
+ check_p(!(!!element_cmp(x1, y1) ^ !!element_cmp(x2, y2)), "cmp");
+ element_set(x1, y1);
+ element_set(x2, y2);
+ check_p(!element_cmp(x1, y1), "cmp");
+ check_p(!element_cmp(x2, y2), "cmp");
+ check_p(!element_cmp(x1, x1), "cmp (in place)");
+ check_p(!element_cmp(x2, x2), "cmp (in place)");
+
+ for (;;) {
+ int flag;
+ randxy();
+ flag = element_is_sqr(x1);
+ check_match_int(flag, element_is_sqr(x2), "is_sqr");
+ if (flag) break;
+ }
+ convertset(x2, x1);
+ element_sqrt(z1, x1);
+ element_sqrt(z2, x2);
+ //can't compare these because sqrt is nondeterministic
+ //and there's no way easy way to preserve random state yet
+ element_square(z1, z1);
+ element_square(z2, z2);
+ check_match(z1, z2, "sqrt");
+
+ pbc_mpz_random(t1, f1->order);
+ pbc_mpz_random(t2, f2->order);
+ element_to_mpz(t1, y1);
+ element_to_mpz(t2, y2);
+ element_set_mpz(y1, t1);
+ element_set_mpz(y2, t2);
+ check_match(y1, y2, "set_mpz");
+ element_mul_mpz(z1, x1, t1);
+ element_mul_mpz(z2, x2, t2);
+ check_match(z1, z2, "mul_mpz");
+ element_pow_mpz(z1, x1, t1);
+ element_pow_mpz(z2, x2, t2);
+ check_match(z1, z2, "pow_mpz");
+ element_mul_si(z1, x1, mpz_get_ui(t1));
+ element_mul_si(z2, x2, mpz_get_ui(t2));
+ check_match(z1, z2, "mul_si");
+ element_set_si(z1, mpz_get_ui(t1));
+ element_set_si(z2, mpz_get_ui(t2));
+ check_match(z1, z2, "set_si");
+
+ element_clear(x1);
+ element_clear(y1);
+ element_clear(z1);
+ element_clear(x2);
+ element_clear(y2);
+ element_clear(z2);
+
+ mpz_clear(t1);
+ mpz_clear(t2);
+}
+
+int main(void) {
+ field_t f1, f2;
+ field_t f1i, f2i;
+ field_t f1x, f2x;
+ field_t f1p, f2p;
+ int i, n;
+ element_ptr n1;
+ element_t n2;
+ element_t irred1, irred2;
+ mpz_t z;
+
+ n = 10;
+
+ mpz_init(z);
+ mpz_init(prime);
+ mpz_set_ui(prime, 1234);
+ mpz_setbit(prime, 160);
+ mpz_nextprime(prime, prime);
+
+ element_printf("prime = %Zd\n", prime);
+
+ field_init_naive_fp(f1, prime);
+ field_init_fp(f2, prime);
+
+ printf("Field 1:\n");
+ field_out_info(stdout, f1);
+ printf("Field 2:\n");
+ field_out_info(stdout, f2);
+
+ printf("checking base fields\n");
+ for (i=0; i<n; i++) run_check(f1, f2);
+
+ element_init(n2, f2);
+
+ n1 = field_get_nqr(f1);
+ element_to_mpz(z, n1);
+ element_set_mpz(n2, z);
+ field_set_nqr(f2, n2);
+
+ field_init_fi(f1i, f1);
+ field_init_fi(f2i, f2);
+
+ printf("checking quadratic field extensions\n");
+ for (i=0; i<n; i++) run_check(f1i, f2i);
+
+ field_clear(f1i);
+ field_clear(f2i);
+ field_init_quadratic(f1i, f1);
+ field_init_quadratic(f2i, f2);
+ for (i=0; i<n; i++) run_check(f1i, f2i);
+
+ printf("checking degree 3 extension\n");
+ field_init_poly(f1x, f1);
+ field_init_poly(f2x, f2);
+ element_init(irred1, f1x);
+ element_init(irred2, f2x);
+ do {
+ poly_random_monic(irred1, 3);
+ } while (!poly_is_irred(irred1));
+
+ field_init_polymod(f1p, irred1);
+ {
+ unsigned char *buf;
+ int len;
+ len = element_length_in_bytes(irred1);
+ buf = pbc_malloc(len);
+ element_to_bytes(buf, irred1);
+ element_from_bytes(irred2, buf);
+ pbc_free(buf);
+ }
+ field_init_polymod(f2p, irred2);
+
+ for (i=0; i<n; i++) run_check(f1p, f2p);
+
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/guru/eta_T_3_test.c b/moon-abe/pbc-0.5.14/guru/eta_T_3_test.c
new file mode 100644
index 00000000..69cce7de
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/guru/eta_T_3_test.c
@@ -0,0 +1,130 @@
+/* Test eta_T pairing over ternary extension fields.
+ Outputing nothing if everything is good. */
+
+#include <stddef.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <gmp.h>
+#include "pbc.h"
+#include "pbc_ternary_extension_field.h"
+#include "pbc_test.h"
+
+static pairing_t pairing;
+static element_t a1, a2, b1, b2, c1, c2;
+static mpz_t order;
+
+static void setup(void) {
+ mpz_init(order);
+ mpz_set_str(order, "2726865189058261010774960798134976187171462721", 10);
+ const char *param = "type i\n" "m 97\n" "t 12\n" "n2 7\n"
+ "n 2726865189058261010774960798134976187171462721\n";
+ EXPECT(pairing_init_set_str(pairing, param) == 0);
+ element_init_G1(a1, pairing);
+ element_init_G1(a2, pairing);
+ element_init_G2(b1, pairing);
+ element_init_G2(b2, pairing);
+ element_init_GT(c1, pairing);
+ element_init_GT(c2, pairing);
+}
+
+static void test_set_mpz(void) {
+ mpz_t a;
+ mpz_init(a);
+ int i;
+ for(i = 0; i < 2; i ++) {
+ mpz_set_si(a, i);
+ element_set_mpz(a1, a);
+ EXPECT(element_is0(a1) && element_is1(a1));
+ element_set_mpz(b1, a);
+ EXPECT(element_is0(b1) && element_is1(b1));
+ element_set_mpz(c1, a);
+ EXPECT(element_is0(c1) && element_is1(c1));
+ }
+ mpz_clear(a);
+}
+
+static void test_order(void) {
+ EXPECT(mpz_cmp(pairing->G1->order, order) == 0);
+ EXPECT(mpz_cmp(pairing->G2->order, order) == 0);
+ EXPECT(mpz_cmp(pairing->GT->order, order) == 0);
+ int i;
+ for (i=0; i<10; i++) {
+ element_random(a1);
+ EXPECT(element_is0(a1) == 0);
+ element_pow_mpz(a1, a1, order);
+ EXPECT(element_is0(a1));
+ element_random(c1);
+ EXPECT(element_is0(c1) == 0);
+ element_pow_mpz(c1, c1, order);
+ EXPECT(element_is0(c1));
+ }
+}
+
+static void test_bilinear_with_zero(void) {
+ element_set0(a1);
+ element_random(b1);
+ element_pairing(c1, a1, b1);
+ EXPECT(element_is0(c1) && element_is1(c1));
+ element_random(a1);
+ element_set0(b1);
+ element_pairing(c1, a1, b1);
+ EXPECT(element_is0(c1) && element_is1(c1));
+ element_set0(a1);
+ element_set0(b1);
+ element_pairing(c1, a1, b1);
+ EXPECT(element_is0(c1) && element_is1(c1));
+}
+
+static void test_bilinear(void) {
+ element_random(a1);
+ element_mul_si(a2, a1, 33);
+ element_random(b1);
+ element_mul_si(b2, b1, 33);
+ element_pairing(c1, a1, b2);
+ element_pairing(c2, a2, b1);
+ EXPECT(element_cmp(c1, c2) == 0);
+ element_mul_mpz(c1, c1, order);
+ EXPECT(element_is0(c1));
+}
+
+static void test_gen_param(void) {
+ typedef struct {
+ unsigned int len;
+ int m;
+ int t;
+ element_ptr p;
+ mpz_t n;
+ mpz_t n2;
+ } params;
+
+ pbc_param_t par;
+ pbc_param_init_i_gen(par, 150);
+ params *p = par->data;
+ EXPECT(p->m == 97);
+ EXPECT(p->t == 12);
+ EXPECT(!mpz_cmp(p->n, order));
+ EXPECT(!mpz_cmp_ui(p->n2, 7));
+ pbc_param_clear(par);
+}
+
+static void tear_down(void) {
+ element_clear(a1);
+ element_clear(a2);
+ element_clear(b1);
+ element_clear(b2);
+ element_clear(c1);
+ element_clear(c2);
+ pairing_clear(pairing);
+ mpz_clear(order);
+}
+
+int main(void) {
+ setup();
+ test_set_mpz();
+ test_order();
+ test_bilinear_with_zero();
+ test_bilinear();
+ test_gen_param();
+ tear_down();
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/guru/exp_test.c b/moon-abe/pbc-0.5.14/guru/exp_test.c
new file mode 100644
index 00000000..02ccfaba
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/guru/exp_test.c
@@ -0,0 +1,88 @@
+// Mutliexponentiation benchmark and test.
+
+#include <string.h>
+#include "pbc.h"
+#include "pbc_test.h"
+
+int main(int argc, char **argv) {
+ pairing_t pairing;
+ element_t g1, u1, up1, g2, u2, up2, r;
+ mpz_t r_mpz;
+ element_pp_t g1_pp, g2_pp;
+ double t0, t1;
+ int i, n;
+
+ printf("reading pairing from stdin...\n");
+ pbc_demo_pairing_init(pairing, argc, argv);
+
+ element_init(r, pairing->Zr);
+ element_init(g1, pairing->G1);
+ element_init(u1, pairing->G1);
+ element_init(up1, pairing->G1);
+ element_init(g2, pairing->G2);
+ element_init(u2, pairing->G2);
+ element_init(up2, pairing->G2);
+
+ element_random(r);
+ element_random(g1);
+ element_random(g2);
+
+ mpz_init(r_mpz);
+ element_to_mpz(r_mpz, r);
+
+ element_pp_init(g1_pp, g1);
+ element_pp_init(g2_pp, g2);
+
+ n = 100;
+ t0 = pbc_get_time();
+ for (i=0; i<n; i++) {
+ element_pow_mpz(u1, g1, r_mpz);
+ }
+ t1 = pbc_get_time();
+ printf("G1 exp:\t\t%fs\n", t1 - t0);
+
+ n = 100;
+ t0 = pbc_get_time();
+ for (i=0; i<n; i++) {
+ element_pow_mpz(u2, g2, r_mpz);
+ }
+ t1 = pbc_get_time();
+ printf("G2 exp:\t\t%fs\n", t1 - t0);
+
+ n = 100;
+ t0 = pbc_get_time();
+ for (i=0; i<n; i++) {
+ element_pp_pow(up1, r_mpz, g1_pp);
+ }
+ t1 = pbc_get_time();
+ printf("G1 pp exp:\t%fs\n", t1 - t0);
+
+ n = 100;
+ t0 = pbc_get_time();
+ for (i=0; i<n; i++) {
+ element_pp_pow(up2, r_mpz, g2_pp);
+ }
+ t1 = pbc_get_time();
+ printf("G2 pp exp:\t%fs\n", t1 - t0);
+
+ if (element_cmp(u1, up1)) {
+ printf("Oops 1!\n");
+ }
+ if (element_cmp(u2, up2)) {
+ printf("Oops 2!\n");
+ }
+
+ mpz_clear(r_mpz);
+ element_clear(g1);
+ element_clear(u1);
+ element_clear(up1);
+ element_clear(g2);
+ element_clear(u2);
+ element_clear(up2);
+ element_clear(r);
+ element_pp_clear(g1_pp);
+ element_pp_clear(g2_pp);
+ pairing_clear(pairing);
+
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/guru/fp_test.c b/moon-abe/pbc-0.5.14/guru/fp_test.c
new file mode 100644
index 00000000..613b4af7
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/guru/fp_test.c
@@ -0,0 +1,95 @@
+// Test F_p.
+
+#include "pbc.h"
+#include "pbc_fp.h"
+#include "pbc_test.h"
+
+int main(void) {
+ field_t fp;
+ mpz_t prime;
+ mpz_t m, n;
+
+ mpz_init(prime);
+ mpz_init(n);
+ mpz_init(m);
+ mpz_set_ui(prime, 100000);
+ mpz_setbit(prime, 33);
+ mpz_nextprime(prime, prime);
+
+ field_init_fp(fp, prime);
+
+ element_t x, y, z;
+ element_init(x, fp);
+ element_init(y, fp);
+ element_init(z, fp);
+
+ long a = 123, b = 456;
+
+ // Conversion to and from signed long.
+ EXPECT(0 == element_to_si(z));
+ element_set1(z);
+ EXPECT(1 == element_to_si(z));
+ element_set0(z);
+ EXPECT(0 == element_to_si(z));
+ element_set_si(x, a);
+ EXPECT(a == element_to_si(x));
+ element_set_si(y, b);
+ EXPECT(b == element_to_si(y));
+ // Assignment, comparison.
+ EXPECT(!element_cmp(x, x));
+ EXPECT(element_cmp(x, y));
+ EXPECT(element_cmp(z, x));
+ element_set(z, x);
+ EXPECT(!element_cmp(z, x));
+ // Arithmetic operations.
+ element_add(z, x, y);
+ EXPECT(a + b == element_to_si(z));
+ element_mul(z, x, y);
+ EXPECT(a * b == element_to_si(z));
+ element_sub(z, y, x);
+ EXPECT(b - a == element_to_si(z));
+ element_set_mpz(z, prime);
+ EXPECT(!element_to_si(z));
+ element_sub(z, z, x);
+ element_to_mpz(n, z);
+ mpz_add_ui(n, n, a);
+ EXPECT(!mpz_cmp(n, prime));
+ element_invert(z, x);
+ element_to_mpz(m, z);
+ mpz_set_ui(n, a);
+ mpz_invert(n, n, prime);
+ EXPECT(!mpz_cmp(m, n));
+ element_invert(z, z);
+ EXPECT(!element_cmp(x, z));
+ element_div(z, y, x);
+ element_to_mpz(m, z);
+ mpz_mul_ui(n, n, b);
+ mpz_mod(n, n, prime);
+ EXPECT(!mpz_cmp(m, n));
+ // Exponentiation.
+ element_pow_zn(z, x, y);
+ element_to_mpz(m, z);
+ mpz_set_si(n, a);
+ mpz_powm_ui(n, n, b, prime);
+ EXPECT(!mpz_cmp(m, n));
+ // Preprocessed exponentiation.
+ element_pp_t p;
+ element_pp_init(p, x);
+ element_pp_pow_zn(z, y, p);
+ element_pp_clear(p);
+ element_to_mpz(m, z);
+ EXPECT(!mpz_cmp(m, n));
+
+ element_from_hash(z, NULL, 0);
+ element_from_hash(x, NULL, 0);
+ EXPECT(!element_cmp(z, x));
+
+ element_clear(x);
+ element_clear(y);
+ element_clear(z);
+ field_clear(fp);
+ mpz_clear(prime);
+ mpz_clear(m);
+ mpz_clear(n);
+ return pbc_err_count;
+}
diff --git a/moon-abe/pbc-0.5.14/guru/indexcalculus.c b/moon-abe/pbc-0.5.14/guru/indexcalculus.c
new file mode 100644
index 00000000..4ef5e4ea
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/guru/indexcalculus.c
@@ -0,0 +1,869 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdint.h> // for intptr_t
+#include <string.h>
+#include <math.h>
+#include <gmp.h>
+#include "pbc.h"
+#include "pbc_utils.h"
+
+struct cell_s {
+ int ind;
+ mpz_t data;
+};
+typedef struct cell_s *cell_ptr;
+
+static cell_ptr newcell(void)
+{
+ cell_ptr res;
+ res = pbc_malloc(sizeof(struct cell_s));
+ //res->data = pbc_malloc(sizeof(mpz_t));
+ //mpz_init(res->data);
+ mpz_init(res->data);
+ return res;
+}
+
+static void delcell(void *p)
+{
+ cell_ptr cp = p;
+ mpz_clear(cp->data);
+ pbc_free(p);
+}
+
+static int is_gen(mpz_t x, mpz_t q, darray_ptr fac, darray_ptr mul) {
+ int result = 1;
+ mpz_t z;
+ mpz_t q1;
+ int i;
+ UNUSED_VAR(mul);
+
+ mpz_init(z);
+ mpz_init(q1);
+
+ mpz_sub_ui(q1, q, 1);
+ for (i=0; i<fac->count; i++) {
+ mpz_divexact(z, q1, fac->item[i]);
+ mpz_powm(z, x, z, q);
+ if (!mpz_cmp_ui(z, 1)) {
+ result = 0;
+ break;
+ }
+ }
+
+ mpz_clear(q1);
+ mpz_clear(z);
+ return result;
+}
+
+// Garner's Algorithm.
+// See Algorithm 14.71, Handbook of Cryptography.
+static void CRT(mpz_t x, mpz_ptr *v, mpz_ptr *m, int t) {
+ mpz_t u;
+ mpz_t C[t];
+ int i, j;
+
+ mpz_init(u);
+ for (i=1; i<t; i++) {
+ mpz_init(C[i]);
+ mpz_set_ui(C[i], 1);
+ for (j=0; j<i; j++) {
+ mpz_invert(u, m[j], m[i]);
+ mpz_mul(C[i], C[i], u);
+ mpz_mod(C[i], C[i], m[i]);
+ }
+ }
+ mpz_set(u, v[0]);
+ mpz_set(x, u);
+ for (i=1; i<t; i++) {
+ mpz_sub(u, v[i], x);
+ mpz_mul(u, u, C[i]);
+ mpz_mod(u, u, m[i]);
+ for (j=0; j<i; j++) {
+ mpz_mul(u, u, m[j]);
+ }
+ mpz_add(x, x, u);
+ }
+
+ for (i=1; i<t; i++) mpz_clear(C[i]);
+ mpz_clear(u);
+}
+
+//TODO: http://www.cecm.sfu.ca/CAG/abstracts/aaron27Jan06.pdf
+//TODO: don't need to store last element of list in row[i]
+//TODO: linked lists might be better than dynamic arrays (avoids memmove())
+//TODO: allow holes in the table
+//(if drought lasts too long)
+void index_calculus_step1(mpz_t *ind, int r, mpz_t g, mpz_t q,
+ darray_ptr fac, darray_ptr mul) {
+ int count = 0;
+ int i, j;
+ mpz_t z, z0, z1;
+ int relcount;
+ unsigned int *prime = pbc_malloc(sizeof(unsigned int) * r);
+ int bundlecount = (r - 10 + 19) / 20;
+ mpz_t *bundle = pbc_malloc(sizeof(mpz_t) * bundlecount);
+ int faci;
+ mpz_t k, km;
+
+ cell_ptr *rel = pbc_malloc(sizeof(cell_ptr) * r);
+ cell_ptr *relm = pbc_malloc(sizeof(cell_ptr) * r);
+ //''matrix'' is actually a list of matrices
+ //(we solve over different moduli and combine using CRT)
+ //darray_t **matrix = pbc_malloc(sizeof(darray_t *) * fac->count);
+ darray_t *matrix[fac->count];
+ int minfound[fac->count];
+
+ for (i=0; i<r; i++) {
+ rel[i] = newcell();
+ relm[i] = newcell();
+ }
+ for (i=0; i<fac->count; i++) {
+ //similarly ''row'' refers to a list of rows
+ darray_t *row = pbc_malloc(sizeof(darray_t) * r);
+ for (j=0; j<r; j++) {
+ darray_init(row[j]);
+ }
+ matrix[i] = row;
+ minfound[i] = 0;
+ }
+
+ mpz_init(k);
+ mpz_init(km);
+ mpz_init(z);
+ mpz_init(z1);
+ mpz_init(z0);
+
+ printf("building prime table...\n");
+ prime[0] = 2;
+ mpz_set_ui(z, 2);
+ for (i=1; i<r; i++) {
+ mpz_nextprime(z, z);
+ prime[i] = mpz_get_ui(z);
+ }
+
+ for (i=0; i<bundlecount; i++) {
+ mpz_init(bundle[i]);
+ mpz_set_ui(bundle[i], 1);
+ for (j=0; j<20; j++) {
+ int jj = 10 + 20 * i + j;
+ if (jj >= r) break;
+ mpz_mul_ui(bundle[i], bundle[i], prime[jj]);
+ }
+ element_printf("bundle %d: %Zd\n", i, bundle[i]);
+ }
+ printf("searching for r-smooth numbers\n");
+
+ mpz_set_ui(z, 1);
+ mpz_init(k);
+ int try = 0;
+ do {
+ mpz_mul(z, z, g);
+ mpz_mod(z, z, q);
+ mpz_add_ui(k, k, 1);
+
+ /*
+ pbc_mpz_random(k, q);
+ mpz_powm(z, g, k, q);
+ */
+
+ try++;
+
+ mpz_set(z1, z);
+ relcount = 0;
+ for (i=0; i<10; i++) {
+ if (i >= r) break;
+ j = 0;
+ while (mpz_divisible_ui_p(z1, prime[i])) {
+ mpz_divexact_ui(z1, z1, prime[i]);
+ j++;
+ }
+ if (j) {
+ rel[relcount]->ind = i;
+ mpz_set_ui(rel[relcount]->data, j);
+ relcount++;
+ if (!mpz_cmp_ui(z1, 1)) goto found;
+ }
+ }
+ for (i=0; i<bundlecount; i++) {
+ mpz_gcd(z0, bundle[i], z1);
+ if (mpz_cmp_ui(z0, 1)) {
+ int ii;
+ for (ii = 0; ii < 20; ii++) {
+ int jj = 10 + i * 20 + ii;
+ if (jj >= r) break;
+ j = 0;
+ while (mpz_divisible_ui_p(z1, prime[jj])) {
+ mpz_divexact_ui(z1, z1, prime[jj]);
+ j++;
+ }
+ if (j) {
+ rel[relcount]->ind = jj;
+ mpz_set_ui(rel[relcount]->data, j);
+ relcount++;
+ if (!mpz_cmp_ui(z1, 1)) goto found;
+ }
+ }
+ }
+ }
+ continue;
+found:
+
+/*
+ printf("found r-smooth number after %d tries\n", try);
+
+ gmp_printf("g^%Zd = %Zd:", k, z);
+ for (i=0; i<relcount; i++) {
+ gmp_printf(" %u:%Zd", rel[i]->ind, rel[i]->data);
+ }
+ printf("\n");
+*/
+ try = 0;
+
+ for (faci=0; faci<fac->count; faci++) {
+ darray_t *row = matrix[faci];
+ mpz_ptr order = fac->item[faci];
+ int relmcount = 0;
+ mpz_mod(km, k, order);
+
+ //gmp_printf("mod %Zd\n", order);
+ for (i=0; i<relcount; i++) {
+ mpz_mod(z0, rel[i]->data, order);
+ if (mpz_sgn(z0)) {
+ mpz_set(relm[relmcount]->data, z0);
+ relm[relmcount]->ind = rel[i]->ind;
+ relmcount++;
+ }
+ }
+
+ while (relmcount) {
+ //start from the sparse end
+ int rind = relm[relmcount - 1]->ind;
+ darray_ptr rp = row[rind];
+
+ if (rind < minfound[faci]) break;
+
+ mpz_set(z0, relm[relmcount - 1]->data);
+ if (!rp->count) {
+ mpz_invert(z0, z0, order);
+ cell_ptr cnew = newcell();
+ cnew->ind = -1;
+ mpz_mul(z1, km, z0);
+ mpz_mod(cnew->data, z1, order);
+ darray_append(rp, cnew);
+ for (j=0; j<relmcount; j++) {
+ cnew = newcell();
+ cnew->ind = relm[j]->ind;
+ mpz_mul(z1, relm[j]->data, z0);
+ mpz_mod(cnew->data, z1, order);
+ darray_append(rp, cnew);
+ }
+ count++;
+printf("%d / %d\n", count, r * fac->count);
+/*
+for (i=1; i<rp->count; i++) {
+ cnew = rp->item[i];
+ gmp_printf(" %u:%Zd", cnew->ind, cnew->data);
+}
+cnew = rp->item[0];
+gmp_printf(" %Zd\n", cnew->data);
+*/
+
+ if (rind == minfound[faci]) {
+ do {
+ if (!minfound[faci]) {
+ printf("found log p_%d\n", minfound[faci]);
+ cnew = rp->item[0];
+ gmp_printf("km = %Zd mod %Zd\n", cnew->data, order);
+ }
+ minfound[faci]++;
+ if (minfound[faci] >= r) break;
+ rp = row[minfound[faci]];
+ } while (rp->count);
+ }
+ break;
+
+ }
+
+/*
+{
+//gmp_printf("mod = %Zd\n", order);
+printf("before:");
+for (i=0; i<relmcount; i++) {
+ gmp_printf(" %u:%Zd", relm[i]->ind, relm[i]->data);
+}
+gmp_printf(" %Zd\n", km);
+cell_ptr cp;
+printf("sub %d:", rind);
+for (i=1; i<rp->count; i++) {
+ cp = rp->item[i];
+ gmp_printf(" %u:%Zd", cp->ind, cp->data);
+}
+cp = rp->item[0];
+gmp_printf(" %Zd\n", cp->data);
+}
+*/
+ cell_ptr cpi, cpj;
+ relmcount--;
+ i=0; j=1;
+ while (i<relmcount && j<rp->count - 1) {
+ cpi = relm[i];
+ cpj = rp->item[j];
+ if (cpi->ind == cpj->ind) {
+ mpz_mul(z1, z0, cpj->data);
+ mpz_mod(z1, z1, order);
+ int res = mpz_cmp(z1, cpi->data);
+ if (!res) {
+ memmove(&relm[i], &relm[i + 1], (relmcount - i - 1) * sizeof(cell_ptr));
+ relm[relmcount - 1] = cpi;
+ relmcount--;
+ j++;
+ } else if (res > 0) {
+ mpz_sub(z1, order, z1);
+ mpz_add(cpi->data, cpi->data, z1);
+ i++;
+ j++;
+ } else {
+ mpz_sub(cpi->data, cpi->data, z1);
+ i++;
+ j++;
+ }
+ } else if (cpi->ind > cpj->ind) {
+ cpi = relm[relmcount];
+ memmove(&relm[i + 1], &relm[i], (relmcount - i) * sizeof(cell_ptr));
+ relm[i] = cpi;
+ relmcount++;
+
+ cpi->ind = cpj->ind;
+ mpz_mul(z1, z0, cpj->data);
+ mpz_mod(z1, z1, order);
+ mpz_sub(cpi->data, order, z1);
+ //cpi->data = order - ((u0 * cpj->data) % order);
+ i++;
+ j++;
+ } else {
+ i++;
+ }
+ }
+
+ if (i == relmcount) {
+ while (j < rp->count - 1) {
+ cpi = relm[relmcount];
+ cpj = rp->item[j];
+ cpi->ind = cpj->ind;
+ mpz_mul(z1, z0, cpj->data);
+ mpz_mod(z1, z1, order);
+ mpz_sub(cpi->data, order, z1);
+ //cpi->data = order - ((u0 * cpj->data) % order);
+ relmcount++;
+ j++;
+ }
+ }
+
+ cpj = rp->item[0];
+ mpz_mul(z1, z0, cpj->data);
+ mpz_mod(z1, z1, order);
+ //u1 = (u0 * cpj->data) % order;
+ if (mpz_cmp(km, z1) >= 0) {
+ mpz_sub(km, km, z1);
+ } else {
+ mpz_sub(z1, order, z1);
+ mpz_add(km, km, z1);
+ }
+
+/*
+printf("after:");
+for (i=0; i<relmcount; i++) {
+ gmp_printf(" %u:%Zd", relm[i]->ind, relm[i]->data);
+}
+gmp_printf(" %Zd\n", km);
+*/
+ }
+ }
+
+ } while (count < r * fac->count);
+
+ for (faci=0; faci<fac->count; faci++) {
+ darray_t *row = matrix[faci];
+ mpz_ptr order = fac->item[faci];
+ for (i=1; i<r; i++) {
+ darray_ptr rp = row[i];
+ cell_ptr c0 = rp->item[0];
+ for (j=1; j<rp->count-1; j++) {
+ cell_ptr cp = rp->item[j];
+ darray_ptr r2 = row[cp->ind];
+ cell_ptr c2 = r2->item[0];
+ mpz_mul(z0, cp->data, c2->data);
+ mpz_sub(c0->data, c0->data, z0);
+ mpz_mod(c0->data, c0->data, order);
+ }
+ }
+ }
+
+ mpz_ptr *tmp = pbc_malloc(sizeof(mpz_ptr) * fac->count);
+ for (i=0; i<fac->count; i++) {
+ tmp[i] = pbc_malloc(sizeof(mpz_t));
+ mpz_init(tmp[i]);
+ mpz_pow_ui(fac->item[i], fac->item[i], (unsigned int) mul->item[i]);
+ }
+
+ for (i=0; i<r; i++) {
+ for (faci=0; faci<fac->count; faci++) {
+ darray_t *row = matrix[faci];
+ cell_ptr cp = row[i]->item[0];
+ mpz_set(tmp[faci], cp->data);
+ }
+ CRT(ind[i], tmp, (mpz_ptr *) fac->item, fac->count);
+ }
+
+ for (i=0; i<fac->count; i++) {
+ mpz_clear(tmp[i]);
+ }
+ pbc_free(tmp);
+
+ for (faci=0; i<fac->count; faci++) {
+ //similarly ''row'' refers to a list of rows
+ darray_t *row = matrix[faci];
+ for (j=0; j<r; j++) {
+ darray_forall(row[j], delcell);
+ darray_clear(row[j]);
+ }
+ pbc_free(matrix[faci]);
+ }
+
+ for (i=0; i<r; i++) {
+ delcell(rel[i]);
+ delcell(relm[i]);
+ }
+
+ pbc_free(prime);
+ pbc_free(rel);
+ pbc_free(relm);
+ mpz_clear(k);
+ mpz_clear(km);
+ mpz_clear(z);
+ mpz_clear(z0);
+ mpz_clear(z1);
+}
+
+// Brute-force: does not use the fact that matrices are sparse.
+void slow_index_calculus_step1(mpz_t *ind, int r, mpz_t g, mpz_t q,
+ darray_ptr fac, darray_ptr mul) {
+ int count = 0;
+ int i, j;
+ mpz_t z, z0, z1;
+ //mpz_t rel[r + 1];
+ //mpz_t relm[r + 1];
+ mpz_t *rel = pbc_malloc(sizeof(mpz_t) * (r + 1));
+ mpz_t *relm = pbc_malloc(sizeof(mpz_t) * (r + 1));
+ unsigned int *prime = pbc_malloc(sizeof(unsigned int) * r);
+ darray_t matrix;
+ int faci;
+ mpz_t k;
+ int minfound[fac->count];
+
+ for (i=0; i<r+1; i++) mpz_init(rel[i]);
+ for (i=0; i<r+1; i++) mpz_init(relm[i]);
+
+ mpz_init(k);
+ mpz_init(z);
+ mpz_init(z1);
+ mpz_init(z0);
+
+ darray_init(matrix);
+
+ for (i=0; i<fac->count; i++) {
+ darray_append(matrix, pbc_malloc(r * sizeof(mpz_t *)));
+ minfound[i] = 0;
+ }
+
+ for (j=0; j<fac->count; j++) {
+ mpz_t **row = matrix->item[j];
+ for (i=0; i<r; i++) row[i] = NULL;
+ }
+
+ printf("building prime table...\n");
+ prime[0] = 2;
+ mpz_set_ui(z, 2);
+ for (i=1; i<r; i++) {
+ mpz_nextprime(z, z);
+ prime[i] = mpz_get_ui(z);
+ }
+ printf("searching for r-smooth numbers\n");
+
+ mpz_set_ui(z, 1);
+ mpz_init(k);
+ int try = 0;
+ do {
+ mpz_mul(z, z, g);
+ mpz_mod(z, z, q);
+
+ mpz_add_ui(k, k, 1);
+ /*
+ pbc_mpz_random(k, q);
+ mpz_powm(z, g, k, q);
+ */
+
+ try++;
+
+ mpz_set(z1, z);
+ for (i=0; i<r; i++) {
+ mpz_set_ui(rel[i], 0);
+ while (mpz_divisible_ui_p(z1, prime[i])) {
+ mpz_add_ui(rel[i], rel[i], 1);
+ mpz_divexact_ui(z1, z1, prime[i]);
+ }
+ }
+ if (mpz_cmp_ui(z1, 1)) {
+ continue;
+ }
+ mpz_set(rel[r], k);
+
+/*
+ printf("found r-smooth number after %d tries\n", try);
+ gmp_printf("g^%Zd = %Zd:", rel[r], z);
+ for (i=0; i<r; i++) {
+ if (mpz_sgn(rel[i])) {
+ gmp_printf(" %u:%Zd", i, rel[i]);
+ }
+ }
+ printf("\n");
+*/
+
+ try = 0;
+
+ for (faci=0; faci<fac->count; faci++) {
+ mpz_t **row = matrix->item[faci];
+ mpz_ptr order = fac->item[faci];
+ //gmp_printf("mod %Zd\n", order);
+ for (i=0; i<r+1; i++) {
+ mpz_mod(relm[i], rel[i], order);
+ }
+
+ for (;;) {
+ /*
+ for (i=0; i<r && !mpz_sgn(relm[i]); i++);
+ if (i == r) {
+ //printf("redundant relation\n");
+ break;
+ }
+ */
+ for (i=r-1; i>=0 && !mpz_sgn(relm[i]); i--);
+ if (i < 0) {
+ //printf("redundant relation\n");
+ break;
+ }
+ if (i < minfound[faci]) {
+ break;
+ }
+ mpz_set(z0, relm[i]);
+ if (!row[i]) {
+ row[i] = pbc_malloc(sizeof(mpz_t) * (r + 1));
+ mpz_invert(z1, z0, order);
+ for (j=0; j<r+1; j++) {
+ mpz_init(row[i][j]);
+ mpz_mul(row[i][j], z1, relm[j]);
+ mpz_mod(row[i][j], row[i][j], order);
+ }
+ count++;
+printf("%d / %d\n", count, r * fac->count);
+/*
+for (j=0; j<r; j++) {
+ if (mpz_sgn(row[i][j])) {
+ gmp_printf(" %d:%Zd", j, row[i][j]);
+ }
+}
+gmp_printf(" %Zd\n", row[i][j]);
+*/
+
+ if (i == minfound[faci]) {
+ do {
+ if (!minfound[faci]) {
+ printf("found log p_%d\n", minfound[faci]);
+ gmp_printf("km = %Zd mod %Zd\n", row[i][r], order);
+ }
+ minfound[faci]++;
+ if (minfound[faci] >= r) break;
+ } while (row[minfound[faci]]);
+ }
+ break;
+ }
+
+ /*
+ printf("before:");
+ for (j=0; j<r; j++) {
+ if (mpz_sgn(relm[j])) {
+ gmp_printf(" %d:%Zd", j, relm[j]);
+ }
+ }
+ gmp_printf(" %Zd\n", relm[j]);
+
+ printf("sub %d:", i);
+ for (j=0; j<r; j++) {
+ if (mpz_sgn(row[i][j])) {
+ gmp_printf(" %d:%Zd", j, row[i][j]);
+ }
+ }
+ gmp_printf(" %Zd\n", row[i][j]);
+ */
+
+ for (j=0; j<r+1; j++) {
+ mpz_mul(z1, z0, row[i][j]);
+ mpz_sub(relm[j], relm[j], z1);
+ mpz_mod(relm[j], relm[j], order);
+ }
+
+ /*
+ printf("after:");
+ for (j=0; j<r; j++) {
+ if (mpz_sgn(relm[j])) {
+ gmp_printf(" %d:%Zd", j, relm[j]);
+ }
+ }
+ gmp_printf(" %Zd\n", relm[j]);
+ */
+ }
+ }
+
+ } while (count < r * fac->count);
+
+ for (faci=0; faci<fac->count; faci++) {
+ mpz_t **row = matrix->item[faci];
+ mpz_ptr order = fac->item[faci];
+ /*
+ gmp_printf("mod %Zd:\n", order);
+ for (i=0; i<r; i++) {
+ for (j=0; j<r+1; j++) {
+ gmp_printf(" %Zd", row[i][j]);
+ }
+ printf("\n");
+ }
+ printf("\n");
+ */
+
+ for (i=1; i<r; i++) {
+ for (j=0; j<i; j++) {
+ if (mpz_sgn(row[i][j])) {
+ mpz_mul(z0, row[i][j], row[j][r]);
+ mpz_sub(row[i][r], row[i][r], z0);
+ mpz_mod(row[i][r], row[i][r], order);
+ }
+ }
+ }
+ /*
+ for (i=r-2; i>=0; i--) {
+ for (j=i+1; j<r; j++) {
+ if (mpz_sgn(row[i][j])) {
+ mpz_mul(z0, row[i][j], row[j][r]);
+ mpz_sub(row[i][r], row[i][r], z0);
+ mpz_mod(row[i][r], row[i][r], order);
+ }
+ }
+ }
+ */
+
+ /*
+ for (i=0; i<r; i++) {
+ mpz_set(rel[i], row[i][r]);
+ gmp_printf(" %Zd", row[i][r]);
+ printf("\n");
+ }
+ */
+ }
+
+ mpz_ptr *tmp = pbc_malloc(sizeof(mpz_ptr) * fac->count);
+ for (i=0; i<fac->count; i++) {
+ tmp[i] = pbc_malloc(sizeof(mpz_t));
+ mpz_init(tmp[i]);
+ mpz_pow_ui(fac->item[i], fac->item[i], (unsigned int) mul->item[i]);
+ }
+
+ for (i=0; i<r; i++) {
+ for (faci=0; faci<fac->count; faci++) {
+ mpz_t **row = matrix->item[faci];
+ mpz_set(tmp[faci], row[i][r]);
+ }
+ CRT(ind[i], tmp, (mpz_ptr *) fac->item, fac->count);
+ }
+
+ for (i=0; i<fac->count; i++) {
+ mpz_clear(tmp[i]);
+ }
+ pbc_free(tmp);
+
+ for (faci=0; faci<matrix->count; faci++) {
+ mpz_t **row = matrix->item[faci];
+ for (j=0; j<r; j++) {
+ for (i=0; i<r+1; i++) {
+ mpz_clear(row[j][i]);
+ }
+ pbc_free(row[j]);
+ }
+ pbc_free(row);
+ }
+ darray_clear(matrix);
+ for (i=0; i<r+1; i++) mpz_clear(rel[i]);
+ for (i=0; i<r+1; i++) mpz_clear(relm[i]);
+ pbc_free(prime);
+ pbc_free(rel);
+ pbc_free(relm);
+ mpz_clear(k);
+ mpz_clear(z);
+ mpz_clear(z0);
+ mpz_clear(z1);
+
+ printf("step 1 completed\n");
+ for (i=0; i<r; i++) element_printf(" %Zd", ind[i]);
+ printf("\n");
+}
+
+static void index_calculus_step2(mpz_t x, mpz_t *ind, int r,
+ mpz_t g, mpz_t h, mpz_t q) {
+ mpz_t prime;
+ mpz_t s;
+ mpz_t z, z1;
+ mpz_t rel[r];
+ int i;
+
+ mpz_init(z);
+ mpz_init(z1);
+ mpz_init(s);
+ mpz_init(prime);
+ for (i=0; i<r; i++) mpz_init(rel[i]);
+
+ mpz_set(z, h);
+
+ for (;;) {
+ mpz_mul(z, z, g);
+ mpz_mod(z, z, q);
+ mpz_add_ui(s, s, 1);
+
+ mpz_set(z1, z);
+ mpz_set_ui(prime, 1);
+ for (i=0; i<r; i++) {
+ mpz_set_ui(rel[i], 0);
+ mpz_nextprime(prime, prime);
+ while (mpz_divisible_p(z1, prime)) {
+ mpz_add_ui(rel[i], rel[i], 1);
+ mpz_divexact(z1, z1, prime);
+ }
+ }
+ if (mpz_cmp_ui(z1, 1)) continue;
+ element_printf("found r-smooth number on try #%Zd\n", s);
+ mpz_set_ui(x, 0);
+ for (i=0; i<r; i++) {
+ mpz_mul(z, rel[i], ind[i]);
+ mpz_add(x, x, z);
+ }
+ mpz_sub(x, x, s);
+ mpz_sub_ui(z, q, 1);
+ mpz_mod(x, x, z);
+ break;
+ }
+}
+
+static void mpzclear(void *p) {
+ mpz_clear(p);
+ pbc_free(p);
+}
+
+struct addfm_scope_var {
+ darray_ptr fac, mul;
+};
+
+static int addfm(mpz_t f, unsigned int m, struct addfm_scope_var *v) {
+ darray_append(v->fac, f);
+ darray_append(v->mul, int_to_voidp(m));
+ return 0;
+}
+
+void pbc_mpz_index_calculus(mpz_t x, mpz_t g, mpz_t h, mpz_t q) {
+ int i, r;
+ mpz_t q1, z0;
+
+ mpz_init(q1);
+ mpz_init(z0);
+
+ mpz_sub_ui(q1, q, 1);
+ mpz_setbit(z0, 6);
+
+ darray_t fac, mul;
+ darray_init(fac);
+ darray_init(mul);
+ struct addfm_scope_var v = {.fac = fac, .mul = mul};
+ pbc_trial_divide((int(*)(mpz_t,unsigned,void*))addfm, &v, q1, z0);
+
+ for (i=0; i<mul->count; i++) {
+ unsigned int m = (unsigned int) mul->item[i];
+ if (m != 1) {
+ //TODO
+ printf("p-adics not implemented yet\n");
+ return;
+ }
+ }
+
+ {
+ double dq = mpz_get_d(q);
+ //r = exp(sqrt(log(dq)*log(log(dq))));
+ //printf("r = %d\n", r);
+ r = exp(1.2 * sqrt(log(dq)));
+ printf("r = %d\n", r);
+ }
+ mpz_t *ind = pbc_malloc(sizeof(mpz_t) * r);
+ for (i=0; i<r; i++) mpz_init(ind[i]);
+
+ if (is_gen(g, q, fac, mul)) {
+
+ index_calculus_step1(ind, r, g, q, fac, mul);
+
+ index_calculus_step2(x, ind, r, g, h, q);
+ } else {
+ mpz_t y, z;
+ mpz_t d;
+
+ mpz_init(d);
+ mpz_init(y);
+ mpz_init(z);
+ do {
+ pbc_mpz_random(z, q);
+ } while (!is_gen(z, q, fac, mul));
+
+ gmp_printf("new gen: %Zd\n", z);
+
+ index_calculus_step1(ind, r, z, q, fac, mul);
+ //slow_index_calculus_step1(ind, r, z, q, fac, mul);
+
+ index_calculus_step2(x, ind, r, z, g, q);
+ index_calculus_step2(y, ind, r, z, h, q);
+ //want y / x mod q-1
+ mpz_gcd(d, x, q1);
+ mpz_divexact(q1, q1, d);
+ mpz_divexact(x, x, d);
+ //if y not divisible by d there is no solution
+ mpz_divexact(y, y, d);
+ mpz_invert(x, x, q1);
+ mpz_mul(x, y, x);
+ mpz_mod(x, x, q1);
+
+ do {
+ mpz_powm(z0, g, x, q);
+ if (!mpz_cmp(z0, h)) {
+ break;
+ }
+ mpz_add(x, x, q1);
+ mpz_sub_ui(d, d, 1);
+ } while (mpz_sgn(d));
+
+ mpz_clear(d);
+ mpz_clear(y);
+ mpz_clear(z);
+ }
+
+ for (i=0; i<r; i++) mpz_clear(ind[i]);
+ pbc_free(ind);
+
+ darray_forall(fac, mpzclear);
+ darray_clear(mul);
+ darray_clear(fac);
+ mpz_clear(q1);
+ mpz_clear(z0);
+}
diff --git a/moon-abe/pbc-0.5.14/guru/param_parse_test.c b/moon-abe/pbc-0.5.14/guru/param_parse_test.c
new file mode 100644
index 00000000..a345e2c1
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/guru/param_parse_test.c
@@ -0,0 +1,26 @@
+// Exercises a bug reported by Michael Adjedj.
+//
+// In ecc/param.c, token_get() would increment a pointer past a terminating
+// NUL, so the parser would keep attempting to read key/value pairs for a
+// symbol table. If the memory after the string contains a duplicate key,
+// then we have a memory leak because we strdup the value and misc/symtab.c
+// overwrites existing elements during insert.
+//
+// Run with valgrind to spot the bug.
+#include "pbc.h"
+
+int main(void) {
+ pairing_t p;
+ pairing_init_set_str(p,
+"type a\n"
+"q 8780710799663312522437781984754049815806883199414208211028653399266475630880222957078625179422662221423155858769582317459277713367317481324925129998224791\n"
+"h 12016012264891146079388821366740534204802954401251311822919615131047207289359704531102844802183906537786776\n"
+"r 730750818665451621361119245571504901405976559617\n"
+"exp2 159\n"
+"exp1 107\n"
+"sign1 1\n"
+"sign0 1\0a b a b\n"
+ );
+ pairing_clear(p);
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/guru/poly_test.c b/moon-abe/pbc-0.5.14/guru/poly_test.c
new file mode 100644
index 00000000..08ff597f
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/guru/poly_test.c
@@ -0,0 +1,136 @@
+// Test polynomials.
+#include "pbc.h"
+#include "pbc_fp.h"
+#include "pbc_poly.h"
+#include "pbc_test.h"
+#include "misc/darray.h"
+
+static void elfree(void *data) {
+ element_clear(data);
+ pbc_free(data);
+}
+
+static void inner(void *data2, element_ptr f, field_t fx, darray_t prodlist) {
+ element_ptr g = data2;
+ if (!poly_degree(f) || !poly_degree(g)) return;
+ if (poly_degree(f) + poly_degree(g) > 3) return;
+ element_ptr h = pbc_malloc(sizeof(*h));
+ element_init(h, fx);
+ element_mul(h, f, g);
+ darray_append(prodlist, h);
+ EXPECT(!poly_is_irred(h));
+}
+
+static void outer(void *data, darray_t list, field_t fx, darray_t prodlist) {
+ element_ptr f = data;
+ darray_forall4(list, (void(*)(void*,void*,void*,void*))inner, f, fx, prodlist);
+}
+
+int isf(void *data, element_ptr f) {
+ element_ptr f1 = data;
+ return !element_cmp(f, f1);
+}
+
+int main(void) {
+ field_t fp, fx;
+ mpz_t prime;
+ darray_t list;
+ int p = 7;
+
+ // Exercise poly_is_irred() with a sieve of Erastosthenes for polynomials.
+ darray_init(list);
+ mpz_init(prime);
+ mpz_set_ui(prime, p);
+ field_init_fp(fp, prime);
+ field_init_poly(fx, fp);
+ element_t e;
+ element_init(e, fp);
+ // Enumerate polynomials in F_p[x] up to degree 2.
+ int a[3], d;
+ a[0] = a[1] = a[2] = 0;
+ for(;;) {
+ element_ptr f = pbc_malloc(sizeof(*f));
+ element_init(f, fx);
+ int j;
+ for(j = 0; j < 3; j++) {
+ element_set_si(e, a[j]);
+ poly_set_coeff(f, e, j);
+ }
+
+ // Test poly_degree().
+ for(j = 2; j >= 0 && !a[j]; j--);
+ EXPECT(poly_degree(f) == j);
+
+ // Add monic polynomials to the list.
+ if (j >= 0 && a[j] == 1) darray_append(list, f);
+ else {
+ element_clear(f);
+ pbc_free(f);
+ }
+
+ // Next!
+ d = 0;
+ for(;;) {
+ a[d]++;
+ if (a[d] >= p) {
+ a[d] = 0;
+ d++;
+ if (d > 2) goto break2;
+ } else break;
+ }
+ }
+break2: ;
+
+ // Find all composite monic polynomials of degree 3 or less.
+ darray_t prodlist;
+ darray_init(prodlist);
+
+ darray_forall4(list, (void(*)(void*,void*,void*,void*))outer, list, fx, prodlist);
+
+ // Enumerate all monic polynomials in F_p[x] up to degree 3.
+ a[0] = a[1] = a[2] = 0;
+ for(;;) {
+ element_t f;
+ element_init(f, fx);
+ int j;
+ for(j = 0; j < 3; j++) {
+ element_set_si(e, a[j]);
+ poly_set_coeff(f, e, j);
+ }
+ for(j = 2; j >= 0 && !a[j]; j--);
+ element_set1(e);
+ poly_set_coeff(f, e, j + 1);
+
+ // Check f is a unit or appears on the list of composites if and only if
+ // poly_is_irred() returns 0.
+ if (poly_is_irred(f)) {
+ EXPECT(!darray_at_test(prodlist, (int(*)(void*,void*))isf, f));
+ } else if (poly_degree(f)) {
+ EXPECT(darray_at_test(prodlist, (int(*)(void*,void*))isf, f));
+ }
+ element_clear(f);
+
+ // Next!
+ d = 0;
+ for(;;) {
+ a[d]++;
+ if (a[d] >= p) {
+ a[d] = 0;
+ d++;
+ if (d > 2) goto break3;
+ } else break;
+ }
+ }
+break3: ;
+
+ darray_forall(list, elfree);
+ darray_forall(prodlist, elfree);
+ darray_clear(prodlist);
+ darray_clear(list);
+ mpz_clear(prime);
+ field_clear(fx);
+ field_clear(fp);
+ element_clear(e);
+
+ return pbc_err_count;
+}
diff --git a/moon-abe/pbc-0.5.14/guru/prodpairing_test.c b/moon-abe/pbc-0.5.14/guru/prodpairing_test.c
new file mode 100644
index 00000000..083f4a66
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/guru/prodpairing_test.c
@@ -0,0 +1,44 @@
+// Check product of pairings works for F pairings when initialized via
+// pairing_init_pbc_param().
+//
+// By Michael Adjedj, Ben Lynn.
+#include "pbc.h"
+#include "pbc_test.h"
+
+int main(void) {
+ pbc_param_t param;
+
+ pbc_param_init_f_gen(param, 200);
+ pairing_t pairing;
+ pairing_init_pbc_param(pairing, param);
+
+ element_t P[2], Q[2], res, tmp, tmp2;
+
+ element_init_G1(P[0], pairing); element_random(P[0]);
+ element_init_G1(P[1], pairing); element_random(P[1]);
+
+ element_init_G2(Q[0], pairing); element_random(Q[0]);
+ element_init_G2(Q[1], pairing); element_random(Q[1]);
+
+ element_init_GT(res, pairing);
+ element_init_GT(tmp, pairing);
+ element_init_GT(tmp2, pairing);
+
+ element_prod_pairing(res, P, Q, 2);
+ element_pairing(tmp, P[0], Q[0]);
+ element_pairing(tmp2, P[1], Q[1]);
+ element_mul(tmp, tmp, tmp2);
+ EXPECT(!element_cmp(res, tmp));
+
+ element_clear(P[0]);
+ element_clear(P[1]);
+ element_clear(Q[0]);
+ element_clear(Q[1]);
+ element_clear(res);
+ element_clear(tmp);
+ element_clear(tmp2);
+
+ pairing_clear(pairing);
+ pbc_param_clear(param);
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/guru/quadratic_test.c b/moon-abe/pbc-0.5.14/guru/quadratic_test.c
new file mode 100644
index 00000000..3f78e95a
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/guru/quadratic_test.c
@@ -0,0 +1,62 @@
+// Test quadratic field extensions.
+
+#include "pbc.h"
+#include "pbc_fp.h"
+#include "pbc_fieldquadratic.h"
+#include "pbc_test.h"
+
+int main(void) {
+ field_t fp, fp2;
+ mpz_t prime;
+ element_t a, b, c;
+
+ mpz_init(prime);
+ // Prime is 3 mod 4 so that -1 is a quadratic nonresidue.
+ // For smaller tests, try the prime 83.
+ mpz_setbit(prime, 256);
+ do {
+ mpz_nextprime(prime, prime);
+ } while (mpz_fdiv_ui(prime, 4) != 3);
+
+ field_init_fp(fp, prime);
+ field_init_fi(fp2, fp);
+ element_init(a, fp2);
+ element_init(b, fp2);
+ element_init(c, fp2);
+
+ element_printf("field: %Z^2\n", prime);
+
+ element_random(a);
+ element_random(b);
+ element_printf("a = %B, b = %B\n", a, b);
+
+ element_add(c, a, b);
+ element_printf("a + b = %B\n", c);
+
+ element_mul(c, a, b);
+ element_printf("a * b = %B\n", c);
+
+ for (;;) {
+ element_random(a);
+ element_printf("new a = %B\n", a);
+
+ if (element_is_sqr(a)) break;
+ printf(" is not a square\n");
+ }
+ element_sqrt(c, a);
+ element_printf("sqrt(a) = %B\n", c);
+ element_mul(c, c, c);
+ element_printf("sqrt(a) * sqrt(a) = %B\n", c);
+ element_invert(c, a);
+ element_printf("1/a = %B\n", c);
+ element_mul(c, c, a);
+ element_printf("1/a * a = %B\n", c);
+
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ field_clear(fp);
+ field_clear(fp2);
+ mpz_clear(prime);
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/guru/sing.c b/moon-abe/pbc-0.5.14/guru/sing.c
new file mode 100644
index 00000000..d29e3ff5
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/guru/sing.c
@@ -0,0 +1,263 @@
+/*
+ * Example of a singular curve, similar to 19.c
+ * but the Tate pairing degenerates
+ *
+ * Consider the curve E: y^2 = x^3 + x^2 over F_19:
+ * E_ns(F_19) is a cyclic group of order 18.
+ */
+
+#include "pbc.h"
+#include "pbc_singular.h"
+#include "pbc_fp.h"
+
+static void miller(element_t res, element_t P, element_t Q, element_t R, int n)
+{
+ //collate divisions
+ int m;
+ element_t v, vd;
+ element_t Z;
+ element_t a, b, c;
+ element_t e0, e1;
+ mpz_t q;
+ element_ptr Zx, Zy;
+ const element_ptr Px = curve_x_coord(P);
+ const element_ptr Py = curve_y_coord(P);
+ const element_ptr numx = curve_x_coord(Q);
+ const element_ptr numy = curve_y_coord(Q);
+ const element_ptr denomx = curve_x_coord(R);
+ const element_ptr denomy = curve_y_coord(R);
+
+ void do_vertical(element_t e, element_t edenom)
+ {
+ element_sub(e0, numx, Zx);
+ element_mul(e, e, e0);
+
+ element_sub(e0, denomx, Zx);
+ element_mul(edenom, edenom, e0);
+ }
+
+ void do_tangent(element_t e, element_t edenom)
+ {
+ //a = -slope_tangent(A.x, A.y);
+ //b = 1;
+ //c = -(A.y + a * A.x);
+ //but we multiply by 2*A.y to avoid division
+
+ //a = -Ax * (Ax + Ax + Ax + twicea_2) - a_4;
+ //This curve is special:
+ //a = -(3 Ax^2 + 2Ax)
+ //b = 2 * Ay
+ //c = -(2 Ay^2 + a Ax);
+
+ if (element_is0(Zy)) {
+ do_vertical(e, edenom);
+ return;
+ }
+ element_square(a, Zx);
+ element_mul_si(a, a, 3);
+ element_add(a, a, Zx);
+ element_add(a, a, Zx);
+ element_neg(a, a);
+
+ element_add(b, Zy, Zy);
+
+ element_mul(e0, b, Zy);
+ element_mul(c, a, Zx);
+ element_add(c, c, e0);
+ element_neg(c, c);
+
+ element_mul(e0, a, numx);
+ element_mul(e1, b, numy);
+ element_add(e0, e0, e1);
+ element_add(e0, e0, c);
+ element_mul(e, e, e0);
+
+ element_mul(e0, a, denomx);
+ element_mul(e1, b, denomy);
+ element_add(e0, e0, e1);
+ element_add(e0, e0, c);
+ element_mul(edenom, edenom, e0);
+ }
+
+ void do_line(element_ptr e, element_ptr edenom)
+ {
+ if (!element_cmp(Zx, Px)) {
+ if (!element_cmp(Zy, Py)) {
+ do_tangent(e, edenom);
+ } else {
+ do_vertical(e, edenom);
+ }
+ return;
+ }
+
+ element_sub(b, Px, Zx);
+ element_sub(a, Zy, Py);
+ element_mul(c, Zx, Py);
+ element_mul(e0, Zy, Px);
+ element_sub(c, c, e0);
+
+ element_mul(e0, a, numx);
+ element_mul(e1, b, numy);
+ element_add(e0, e0, e1);
+ element_add(e0, e0, c);
+ element_mul(e, e, e0);
+
+ element_mul(e0, a, denomx);
+ element_mul(e1, b, denomy);
+ element_add(e0, e0, e1);
+ element_add(e0, e0, c);
+ element_mul(edenom, edenom, e0);
+ }
+
+ element_init(a, res->field);
+ element_init(b, res->field);
+ element_init(c, res->field);
+ element_init(e0, res->field);
+ element_init(e1, res->field);
+
+ element_init(v, res->field);
+ element_init(vd, res->field);
+ element_init(Z, P->field);
+
+ element_set(Z, P);
+ Zx = curve_x_coord(Z);
+ Zy = curve_y_coord(Z);
+
+ element_set1(v);
+ element_set1(vd);
+
+ mpz_init(q);
+ mpz_set_ui(q, n);
+ m = mpz_sizeinbase(q, 2) - 2;
+
+ while(m >= 0) {
+ element_square(v, v);
+ element_square(vd, vd);
+ do_tangent(v, vd);
+ element_double(Z, Z);
+ do_vertical(vd, v);
+
+ if (mpz_tstbit(q, m)) {
+ do_line(v, vd);
+ element_add(Z, Z, P);
+ if (m) {
+ do_vertical(vd, v);
+ }
+ }
+ m--;
+ }
+
+ mpz_clear(q);
+
+ element_invert(vd, vd);
+ element_mul(res, v, vd);
+
+ element_clear(v);
+ element_clear(vd);
+ element_clear(Z);
+ element_clear(a);
+ element_clear(b);
+ element_clear(c);
+ element_clear(e0);
+ element_clear(e1);
+}
+
+static void tate_3(element_ptr out, element_ptr P, element_ptr Q, element_ptr R)
+{
+ mpz_t six;
+
+ mpz_init(six);
+ mpz_set_ui(six, 6);
+ element_t QR;
+ element_t e0;
+
+ element_init(QR, P->field);
+ element_init(e0, out->field);
+
+ element_add(QR, Q, R);
+
+ //for subgroup size 3, -2P = P, hence
+ //the tangent line at P has divisor 3(P) - 3(O)
+
+ miller(out, P, QR, R, 3);
+
+ element_pow_mpz(out, out, six);
+ element_clear(QR);
+ element_clear(e0);
+ mpz_clear(six);
+}
+
+static void tate_9(element_ptr out, element_ptr P, element_ptr Q, element_ptr R)
+{
+ element_t QR;
+ element_init(QR, P->field);
+
+ element_add(QR, Q, R);
+
+ miller(out, P, QR, R, 9);
+
+ element_square(out, out);
+
+ element_clear(QR);
+}
+
+int main(void)
+{
+ field_t c;
+ field_t Z19;
+ element_t P, Q, R;
+ mpz_t q, z;
+ element_t a;
+ int i;
+
+ mpz_init(q);
+ mpz_init(z);
+
+ mpz_set_ui(q, 19);
+
+ field_init_fp(Z19, q);
+ element_init(a, Z19);
+
+ field_init_curve_singular_with_node(c, Z19);
+
+ element_init(P, c);
+ element_init(Q, c);
+ element_init(R, c);
+
+ //(3,+/-6) is a generator
+ //we have an isomorphism from E_ns to F_19^*
+ // (3,6) --> 3
+ //(generally (x,y) --> (y+x)/(y-x)
+
+ curve_set_si(R, 3, 6);
+
+ for (i=1; i<=18; i++) {
+ mpz_set_si(z, i);
+ element_mul_mpz(Q, R, z);
+ element_printf("%dR = %B\n", i, Q);
+ }
+
+ mpz_set_ui(z, 6);
+ element_mul_mpz(P, R, z);
+ //P has order 3
+ element_printf("P = %B\n", P);
+
+ for (i=1; i<=3; i++) {
+ mpz_set_si(z, i);
+ element_mul_mpz(Q, R, z);
+ tate_3(a, P, Q, R);
+ element_printf("e_3(P,%dP) = %B\n", i, a);
+ }
+
+ element_double(P, R);
+ //P has order 9
+ element_printf("P = %B\n", P);
+ for (i=1; i<=9; i++) {
+ mpz_set_si(z, i);
+ element_mul_mpz(Q, P, z);
+ tate_9(a, P, Q, R);
+ element_printf("e_9(P,%dP) = %B\n", i, a);
+ }
+
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/guru/ternary_extension_field_test.c b/moon-abe/pbc-0.5.14/guru/ternary_extension_field_test.c
new file mode 100644
index 00000000..b431e4fa
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/guru/ternary_extension_field_test.c
@@ -0,0 +1,240 @@
+/* test ternary extension fields $GF(3^m)$, $GF(3^{2*m})$, $GF(3^{3*m})$ and $GF(3^{6*m})$
+ Outputing nothing if everything is good. */
+
+#include "pbc.h"
+#include "pbc_ternary_extension_field.h"
+#include "pbc_test.h"
+#include <string.h>
+#include <stdio.h>
+
+typedef struct {
+ unsigned int len;
+ unsigned int m;
+ unsigned int t;
+ element_ptr p;
+} params;
+
+#define data(x) ((unsigned long*)x->data)
+#define params(x) ((params *)x->field->data)
+#define print(e) {printf(#e": "); element_out_str(stdout, 0, e); printf("\n");}
+
+static field_t f97, f97_2, f97_3, f97_6;
+static element_t e0, e1, e2, a, b, a2, b2, a3, b3, a6, b6;
+static unsigned char *data;
+
+static void test_gf3m_param(void) {
+ params *pa = (params *) f97->data;
+ element_to_bytes(data, pa->p);
+ unsigned i;
+ unsigned char w;
+ for (i = 0; i < pa->len * 2 * sizeof(unsigned long); i++) {
+ switch (i) {
+ case 1:
+ w = 1;
+ break; // 2
+ case 2:
+ w = 16;
+ break; // x^12
+ case 24:
+ w = 2;
+ break; // x^97
+ default:
+ w = 0;
+ }
+ EXPECT(data[i] == w);
+ }
+}
+
+static void test_gf3m_to_bytes(void) {
+ element_random(a);
+ element_to_bytes(data, a);
+ element_from_bytes(b, data);
+ EXPECT(0 == element_cmp(a, b));
+}
+
+static void test_gf3m_add(void) {
+ element_random(a);
+ element_add(b, a, a);
+ element_add(b, b, b);
+ element_sub(b, b, a);
+ element_sub(b, b, a);
+ element_sub(b, b, a);
+ EXPECT(!element_cmp(a, b));
+
+ element_add(b, params(a)->p, a);
+ element_sub(b, b, params(a)->p);
+ EXPECT(!element_cmp(a, b));
+}
+
+static void test_gf3m_neg(void) {
+ element_random(a);
+ element_neg(b, a);
+ element_add(b, a, b);
+ EXPECT(!element_cmp(b, e0));
+}
+
+static void test_gf3m_mult(void) {
+ element_random(a);
+ element_mul(a, a, e0);
+ EXPECT(!element_cmp(a, e0));
+
+ element_random(a);
+ element_mul(b, a, e1);
+ EXPECT(!element_cmp(a, b));
+
+ element_random(a);
+ element_mul(b, a, e2);
+ element_add(a, a, b);
+ EXPECT(!element_cmp(a, e0));
+}
+
+static void test_gf3m_cubic(void) {
+ element_random(a);
+ element_mul(b, a, a);
+ element_mul(b, a, b);
+ element_cubic(a, a);
+ EXPECT(!element_cmp(a, b));
+}
+
+static void test_gf3m_cubic2(void) {
+ unsigned long x[] = {1153286547535200267ul, 6715371622ul, 4990694927524257316ul, 210763913ul};
+ unsigned long y[] = {8145587063258678275ul, 6451025920ul, 9976895054123379152ul, 1275593166ul};
+ memcpy(a->data, x, sizeof(x));
+ memcpy(b->data, y, sizeof(y));
+ element_cubic(a, a);
+ EXPECT(!element_cmp(a, b));
+}
+
+static void test_gf3m_inverse(void) {
+ element_set1(a);
+ element_invert(b, a);
+ EXPECT(!element_cmp(b, e1));
+
+ element_set(a, e2);
+ element_invert(b, a);
+ EXPECT(!element_cmp(b, e2));
+
+ element_random(a);
+ element_invert(b, a);
+ element_mul(a, a, b);
+ EXPECT(!element_cmp(a, e1));
+}
+
+static void test_gf3m_sqrt(void) {
+ mpz_t t;
+ mpz_init(t);
+ mpz_sub_ui(t, a->field->order, 1); // t == field_order - 1
+ element_random(a);
+ element_pow_mpz(a, a, t);
+ EXPECT(!element_cmp(a, e1));
+
+ while(1){
+ element_random(a);
+ element_mul(b, a, a);
+ element_sqrt(b, b);
+ if(element_cmp(a, b)) {// a != b
+ element_neg(b, b);
+ if(!element_cmp(a, b)) break;
+ }
+ }
+ mpz_clear(t);
+}
+
+static void test_gf32m_cubic(void) {
+ element_random(a2);
+ element_mul(b2, a2, a2);
+ element_mul(b2, b2, a2);
+ element_cubic(a2, a2);
+ EXPECT(!element_cmp(a2, b2));
+}
+
+static void test_gf33m_cubic(void) {
+ element_random(a3);
+ element_mul(b3, a3, a3);
+ element_mul(b3, b3, a3);
+ element_cubic(a3, a3);
+ EXPECT(!element_cmp(a3, b3));
+}
+
+static void test_gf33m_inverse(void) {
+ element_random(a3);
+ element_invert(b3, a3);
+ element_mul(a3, a3, b3);
+ element_ptr a0 = element_item(a3, 0);
+ EXPECT(!element_cmp(a0, e1));
+}
+
+static void test_gf36m_cubic(void) {
+ element_random(a6);
+ element_mul(b6, a6, a6);
+ element_mul(b6, b6, a6);
+ element_cubic(a6, a6);
+ EXPECT(!element_cmp(a6, b6));
+}
+
+void setup(void) {
+ field_init_gf3m(f97, 97, 12);
+ element_init(a, f97);
+ element_init(b, f97);
+ element_init(e0, f97);
+ element_init(e1, f97);
+ element_init(e2, f97);
+ element_set1(e1);
+ element_neg(e2, e1);
+
+ field_init_gf32m(f97_2, f97);
+ element_init(a2, f97_2);
+ element_init(b2, f97_2);
+
+ field_init_gf33m(f97_3, f97);
+ element_init(a3, f97_3);
+ element_init(b3, f97_3);
+
+ field_init_gf33m(f97_6, f97_2);
+ element_init(a6, f97_6);
+ element_init(b6, f97_6);
+
+ data = pbc_malloc(f97->fixed_length_in_bytes);
+}
+
+void tear_down(void) {
+ pbc_free(data);
+
+ element_clear(e0);
+ element_clear(e1);
+ element_clear(e2);
+ element_clear(a);
+ element_clear(b);
+ element_clear(a2);
+ element_clear(b2);
+ element_clear(a3);
+ element_clear(b3);
+ element_clear(a6);
+ element_clear(b6);
+
+ field_clear(f97_6);
+ field_clear(f97_3);
+ field_clear(f97_2);
+ field_clear(f97);
+}
+
+int main(void) {
+ setup();
+
+ test_gf3m_param();
+ test_gf3m_to_bytes();
+ test_gf3m_add();
+ test_gf3m_neg();
+ test_gf3m_mult();
+ test_gf3m_cubic();
+ test_gf3m_cubic2();
+ test_gf3m_inverse();
+ test_gf3m_sqrt();
+ test_gf32m_cubic();
+ test_gf33m_cubic();
+ test_gf33m_inverse();
+ test_gf36m_cubic();
+
+ tear_down();
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/guru/testindexcalculus.c b/moon-abe/pbc-0.5.14/guru/testindexcalculus.c
new file mode 100644
index 00000000..1bb36146
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/guru/testindexcalculus.c
@@ -0,0 +1,29 @@
+#include <stdio.h>
+#include <gmp.h>
+#include "pbc.h"
+
+int main(int argc, char **argv)
+{
+ mpz_t x;
+ mpz_t g, h, q;
+ mpz_init(x);
+ mpz_init(g);
+ mpz_init(h);
+ mpz_init(q);
+ int bits = 40;
+
+ if (argc == 2) {
+ bits = atoi(argv[1]);
+ }
+ mpz_setbit(q, bits);
+ pbc_mpz_random(q, q);
+ mpz_nextprime(q, q);
+ pbc_mpz_random(g, q);
+ pbc_mpz_random(h, q);
+ mpz_powm(h, g, h, q);
+
+ element_dlog_index_calculus(x, g, h, q);
+ element_printf("%Zd^%Zd %% %Zd = %Zd\n", g, x, q, h);
+
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/guru/timefp.c b/moon-abe/pbc-0.5.14/guru/timefp.c
new file mode 100644
index 00000000..6e308f9a
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/guru/timefp.c
@@ -0,0 +1,98 @@
+#include "pbc.h"
+#include "pbc_fp.h"
+#include "pbc_test.h"
+
+static void timefield(field_t fp) {
+ int i, n;
+ double t0, t1;
+
+ element_t x, y, z;
+ element_init(x, fp);
+ element_init(y, fp);
+ element_init(z, fp);
+
+ element_random(x);
+ element_random(y);
+
+ n = 20000;
+ t0 = pbc_get_time();
+ for (i=0; i<n; i++) {
+ element_mul(z, x, y);
+ element_mul(x, y, z);
+ element_mul(y, z, x);
+ }
+ t1 = pbc_get_time();
+ printf("mul %fs\n", t1 - t0);
+
+ n = 20000;
+ t0 = pbc_get_time();
+ for (i=0; i<n; i++) {
+ element_square(x, x);
+ }
+ t1 = pbc_get_time();
+ printf("square %fs\n", t1 - t0);
+
+ n = 1000;
+ t0 = pbc_get_time();
+ for (i=0; i<n; i++) {
+ element_invert(z, x);
+ element_invert(z, y);
+ }
+ t1 = pbc_get_time();
+ printf("invert %fs\n", t1 - t0);
+
+ n = 40000;
+ t0 = pbc_get_time();
+ for (i=0; i<n; i++) {
+ element_set0(z);
+ }
+ t1 = pbc_get_time();
+ printf("set0 %fs\n", t1 - t0);
+
+ n = 40000;
+ t0 = pbc_get_time();
+ for (i=0; i<n; i++) {
+ element_set(z, x);
+ element_set(z, y);
+ }
+ t1 = pbc_get_time();
+ printf("set %fs\n", t1 - t0);
+
+ n = 400;
+ t0 = pbc_get_time();
+ for (i=0; i<n; i++) {
+ element_pow_zn(x, y, z);
+ }
+ t1 = pbc_get_time();
+ printf("pow_zn %fs\n", t1 - t0);
+
+ element_clear(x);
+ element_clear(y);
+ element_clear(z);
+}
+
+int main(int argc, char **argv) {
+ field_t f1, f2;
+ mpz_t prime;
+
+ mpz_init(prime);
+ if (argc > 1) {
+ mpz_setbit(prime, atoi(argv[1]));
+ } else {
+ mpz_setbit(prime, 201);
+ }
+ mpz_setbit(prime, 70);
+ mpz_nextprime(prime, prime);
+ field_init_mont_fp(f1, prime);
+ field_init_faster_fp(f2, prime);
+
+ printf("montfp.c\n");
+ timefield(f1);
+ printf("fasterfp.c\n");
+ timefield(f2);
+
+ mpz_clear(prime);
+ field_clear(f1);
+ field_clear(f2);
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/include/pbc.h b/moon-abe/pbc-0.5.14/include/pbc.h
new file mode 100644
index 00000000..a963719b
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc.h
@@ -0,0 +1,34 @@
+#ifndef __PBC_H__
+#define __PBC_H__
+
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h>
+#include <gmp.h>
+
+#if defined (__cplusplus)
+extern "C" {
+#endif
+
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_param.h"
+#include "pbc_pairing.h"
+#include "pbc_curve.h"
+#include "pbc_mnt.h"
+#include "pbc_a1_param.h"
+#include "pbc_a_param.h"
+#include "pbc_d_param.h"
+#include "pbc_e_param.h"
+#include "pbc_f_param.h"
+#include "pbc_g_param.h"
+#include "pbc_i_param.h"
+#include "pbc_random.h"
+#include "pbc_memory.h"
+
+#if defined (__cplusplus)
+} // extern "C"
+#endif
+
+#endif //__PBC_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_a1_param.h b/moon-abe/pbc-0.5.14/include/pbc_a1_param.h
new file mode 100644
index 00000000..74dd9b1d
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_a1_param.h
@@ -0,0 +1,25 @@
+// requires
+// * gmp.h
+// * param.h
+#ifndef __PBC_A1_PARAM_H__
+#define __PBC_A1_PARAM_H__
+
+struct symtab_s;
+int pbc_param_init_a1(pbc_param_ptr par, struct symtab_s *tab);
+
+/*@manual a1param
+Generate type A1 pairing parameters and store them in 'p'. The group order
+will be 'n'. The order of the base field is a few bits longer. To be secure,
+generic discrete log algorithms must be infeasible in groups of order 'n', and
+finite field discrete log algorithms must be infeasible in finite fields of
+order roughly 'n'^2^. Additionally, 'n' should be hard to factorize.
+
+For example: 'n' a product of two primes, each at least 512 bits.
+
+The file `param/a1.param` contains sample parameters for a
+type A1 pairing, but it is only for benchmarking: it is useless without
+the factorization of +n+, the order of the group.
+*/
+void pbc_param_init_a1_gen(pbc_param_t param, mpz_t n);
+
+#endif //__PBC_A1_PARAM_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_a_param.h b/moon-abe/pbc-0.5.14/include/pbc_a_param.h
new file mode 100644
index 00000000..64d70468
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_a_param.h
@@ -0,0 +1,25 @@
+// Type A pairing parameters.
+
+// Requires:
+// * param.h
+#ifndef __PBC_A_PARAM_H__
+#define __PBC_A_PARAM_H__
+
+struct symtab_s;
+int pbc_param_init_a(pbc_param_ptr par, struct symtab_s *tab);
+
+/*@manual aparam
+Generate type A pairing parameters and store them in 'p',
+where the group order r is 'rbits' long, and the order of the base field q
+is 'qbits' long. Elements take 'qbits' to represent.
+
+To be secure, generic discrete log algorithms must be infeasible in groups of
+order r, and finite field discrete log algorithms must be infeasible in finite
+fields of order q^2, e.g. 'rbits' = 160, 'qbits' = 512.
+
+The file `param/a.param` contains parameters for a type A pairing suitable for
+cryptographic use.
+*/
+void pbc_param_init_a_gen(pbc_param_ptr par, int rbits, int qbits);
+
+#endif //__PBC_A_PARAM_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_curve.h b/moon-abe/pbc-0.5.14/include/pbc_curve.h
new file mode 100644
index 00000000..9a86903d
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_curve.h
@@ -0,0 +1,79 @@
+// A subgroup of the group of points on an elliptic curve.
+// Also used to represent quotient groups.
+//
+// We use the field_t structure even though E(K) is a group. Addition and
+// multiplication both refer to the group operation.
+
+// Requires:
+// * stdio.h
+// * gmp.h
+// * field.h
+#ifndef __PBC_CURVE_H__
+#define __PBC_CURVE_H__
+
+// Some initialization functions take an order parameter. This is meant to
+// be the order of the subgroup, but might actually be the order of the twist.
+// Certain routines initialize a curve, test a random point to see if it has
+// the correct order, and if not, immediately twist the curve so that it does.
+// TODO: Move such code into curve.c, so 'order' is always accurate.
+
+// If cofac != NULL, then the field_t represents the subgroup of
+// order = #E(K) / cofac.
+//
+// If not, and order = #E(K) then the field_t represents the entire E(K).
+//
+// Otherwise, if order is a factor of #E(K), then the field_t represents
+// the quotient group of that order, namely E(K)/(#E(K)/order). No attempt is
+// made to standardize the coset representative. This mode is useful for the
+// Tate pairing (see thesis), where any coset representative of G2 suffices
+// during the pairing computation.
+
+// Initialize a subgroup of points on the curve Y^2 = X^3 + b.
+void field_init_curve_b(field_ptr f, element_ptr b, mpz_t order, mpz_t cofac);
+
+// Initialize a subgroup of points on the curve with the given j-invariant.
+void field_init_curve_j(field_t f, element_ptr j, mpz_t order, mpz_t cofac);
+
+// Initialize a subgroup of points on the curve Y^2 = X^3 + a X + b.
+void field_init_curve_ab(field_ptr f, element_ptr a, element_ptr b, mpz_t order, mpz_t cofac);
+
+// Reinitialize as the subgroup of points on the twist curve.
+// Requires j-invariant of the original curve != 0, 1728.
+// Mangles f, thus existing points of f become invalid.
+// TODO: Refactor so we can remove this from the interface.
+void field_reinit_curve_twist(field_t f);
+
+// Compute trace of Frobenius at q^n given trace at q.
+void pbc_mpz_trace_n(mpz_t res, mpz_t q, mpz_t trace, int n);
+
+// Given q, t such that #E(F_q) = q - t + 1, compute #E(F_q^k).
+void pbc_mpz_curve_order_extn(mpz_t res, mpz_t q, mpz_t t, int k);
+
+void field_init_curve_with_map(field_ptr cnew, field_ptr c,
+ field_ptr dstfield, fieldmap map);
+
+void field_init_curve_ab_map(field_t cnew, field_t c,
+ fieldmap map, field_ptr mapdest,
+ mpz_t ordernew, mpz_t cofacnew);
+
+void field_curve_use_random_solvefory(field_ptr f);
+
+void field_curve_set_quotient_cmp(field_ptr c, mpz_t quotient_cmp);
+
+#pragma GCC visibility push(hidden)
+// Internal:
+
+element_ptr curve_x_coord(element_t e);
+element_ptr curve_y_coord(element_t e);
+element_ptr curve_a_coeff(element_t e);
+element_ptr curve_b_coeff(element_t e);
+element_ptr curve_field_a_coeff(field_t f);
+element_ptr curve_field_b_coeff(field_t f);
+
+void curve_from_x(element_ptr e, element_t x);
+void curve_set_si(element_t R, long int x, long int y);
+void curve_set_gen_no_cofac(element_ptr a);
+
+#pragma GCC visibility pop
+
+#endif //__PBC_CURVE_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_d_param.h b/moon-abe/pbc-0.5.14/include/pbc_d_param.h
new file mode 100644
index 00000000..41fcfc30
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_d_param.h
@@ -0,0 +1,40 @@
+// Type D pairings, aka MNT curves.
+
+// Requires:
+// * mnt.h
+// * param.h
+#ifndef __PBC_D_PARAM_H__
+#define __PBC_D_PARAM_H__
+
+struct symtab_s;
+int pbc_param_init_d(pbc_param_ptr par, struct symtab_s *tab);
+
+/*@manual dparam
+Type D curves are generated using the complex multiplication (CM) method. This
+function sets 'p' to a type D pairing parameters from CM parameters 'cm'.
+Other library calls search for appropriate CM parameters and the results
+can be passed to this function.
+
+To be secure, generic discrete log algorithms must be infeasible in groups of
+order r, and finite field discrete log algorithms must be infeasible in finite
+fields of order q^6^. For usual CM parameters, r is a few bits smaller than q.
+
+Using type D pairings allows elements of group G1 to be quite short, typically
+170-bits. Because of a certain trick, elements of group G2 need only be 3 times
+longer, that is, about 510 bits rather than 6 times long. They are not quite
+as short as type F pairings, but much faster.
+
+I sometimes refer to a type D curve as a triplet of numbers: the discriminant,
+the number of bits in the prime q, and the number of bits in the prime r. The
+`gen/listmnt` program prints these numbers.
+
+Among the bundled type D curve parameters are the curves 9563-201-181,
+62003-159-158 and 496659-224-224 which have shortened names `param/d201.param`,
+`param/d159.param` and `param/d225.param` respectively.
+
+See `gen/listmnt.c` and `gen/gendparam.c` for how to generate type D pairing
+parameters.
+*/
+void pbc_param_init_d_gen(pbc_param_ptr p, pbc_cm_ptr cm);
+
+#endif //__PBC_D_PARAM_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_e_param.h b/moon-abe/pbc-0.5.14/include/pbc_e_param.h
new file mode 100644
index 00000000..e59ebe82
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_e_param.h
@@ -0,0 +1,29 @@
+// Type E pairings.
+
+// Requires:
+// * param.h
+#ifndef __PBC_E_PARAM_H__
+#define __PBC_E_PARAM_H__
+
+struct symtab_s;
+int pbc_param_init_e(pbc_param_ptr par, struct symtab_s *tab);
+
+/*@manual eparam
+Generate type E pairing parameters and store them in 'p',
+where the group order r is 'rbits' long, and the order of the base field q
+is 'qbits' long. To be secure, generic discrete log algorithms must
+be infeasible in groups of order r, and finite field discrete log algorithms
+must be infeasible in finite fields of order q,
+e.g. 'rbits' = 160, 'qbits' = 1024.
+
+This pairing is just a curiosity: it can be implemented entirely in a field of
+prime order, that is, only arithmetic modulo a prime is needed and there is
+never a need to extend a field.
+
+If discrete log in field extensions are found to be substantially easier to
+solve than previously thought, or discrete log can be solved in elliptic curves
+as easily as they can be in finite fields, this pairing type may become useful.
+*/
+void pbc_param_init_e_gen(pbc_param_t p, int rbits, int qbits);
+
+#endif //__PBC_E_PARAM_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_f_param.h b/moon-abe/pbc-0.5.14/include/pbc_f_param.h
new file mode 100644
index 00000000..5c484a98
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_f_param.h
@@ -0,0 +1,27 @@
+// Type F pairings.
+
+// Requires:
+// * param.h
+#ifndef __PBC_F_PARAM_H__
+#define __PBC_F_PARAM_H__
+
+struct symtab_s;
+int pbc_param_init_f(pbc_param_ptr par, struct symtab_s *tab);
+
+/*@manual fparam
+Generate type F pairing parameters and store them in 'p'.
+Both the group order r and the order of the base field q will be roughly
+'bits'-bit numbers.
+To be secure, generic discrete log algorithms must
+be infeasible in groups of order r, and finite field discrete log algorithms
+must be infeasible in finite fields of order q^12, e.g. 'bits' = 160.
+
+Type F should be used when the top priority is to minimize bandwidth (e.g.
+short signatures). The current implementation makes them slow.
+
+If finite field discrete log algorithms improve further, type D pairings will
+have to use larger fields, but type F can still remain short, up to a point.
+*/
+void pbc_param_init_f_gen(pbc_param_t p, int bits);
+
+#endif //__PBC_F_PARAM_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_field.h b/moon-abe/pbc-0.5.14/include/pbc_field.h
new file mode 100644
index 00000000..5bcb8c83
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_field.h
@@ -0,0 +1,694 @@
+/*
+ * field_t: represents fields, rings and groups.
+ * element_t: represents an element of a field_t.
+ */
+
+// Requires:
+// * stdarg.h
+// * stdio.h
+// * gmp.h
+// * utils.h
+#ifndef __PBC_FIELD_H__
+#define __PBC_FIELD_H__
+
+struct field_s;
+
+struct element_s {
+ struct field_s *field;
+ void *data;
+};
+typedef struct element_s *element_ptr;
+typedef struct element_s element_t[1];
+
+struct element_pp_s {
+ struct field_s *field;
+ void *data;
+};
+typedef struct element_pp_s element_pp_t[1];
+typedef struct element_pp_s *element_pp_ptr;
+
+void pbc_assert(int expr, char *msg, const char *func);
+void pbc_assert_match2(element_ptr a, element_ptr b, const char *func);
+void pbc_assert_match3(element_ptr a, element_ptr b, element_ptr c,
+ const char *func);
+
+struct multiz_s;
+typedef struct multiz_s *multiz;
+
+struct pairing_s;
+struct field_s {
+ void (*field_clear)(struct field_s *f);
+ void (*init)(element_ptr);
+ void (*clear)(element_ptr);
+
+ void (*set_mpz)(element_ptr, mpz_ptr);
+ void (*set_multiz)(element_ptr, multiz);
+ void (*set)(element_ptr, element_ptr);
+ void (*set0)(element_ptr);
+ void (*set1)(element_ptr);
+ int (*set_str)(element_ptr e, const char *s, int base);
+ size_t(*out_str)(FILE *stream, int base, element_ptr);
+ void (*add)(element_ptr, element_ptr, element_ptr);
+ void (*sub)(element_ptr, element_ptr, element_ptr);
+ void (*mul)(element_ptr, element_ptr, element_ptr);
+
+ int (*is_sqr)(element_ptr);
+ void (*sqrt)(element_ptr, element_ptr);
+
+ // Defaults exist for these functions.
+ int (*item_count)(element_ptr);
+ element_ptr (*item)(element_ptr, int);
+ element_ptr (*get_x)(element_ptr);
+ element_ptr (*get_y)(element_ptr);
+ void (*set_si)(element_ptr, signed long int);
+ void (*add_ui)(element_ptr, element_ptr, unsigned long int);
+ void (*mul_mpz)(element_ptr, element_ptr, mpz_ptr);
+ void (*mul_si)(element_ptr, element_ptr, signed long int);
+ void (*div)(element_ptr, element_ptr, element_ptr);
+ void (*doub)(element_ptr, element_ptr); // Can't call it "double"!
+ void (*multi_doub)(element_ptr*, element_ptr*, int n);
+ void (*multi_add)(element_ptr*, element_ptr*, element_ptr*, int n);
+ void (*halve)(element_ptr, element_ptr);
+ void (*square)(element_ptr, element_ptr);
+
+ void (*cubic) (element_ptr, element_ptr);
+ void (*pow_mpz)(element_ptr, element_ptr, mpz_ptr);
+ void (*invert)(element_ptr, element_ptr);
+ void (*neg)(element_ptr, element_ptr);
+ void (*random)(element_ptr);
+ void (*from_hash)(element_ptr, void *data, int len);
+ int (*is1)(element_ptr);
+ int (*is0)(element_ptr);
+ int (*sign)(element_ptr); // satisfies sign(x) = -sign(-x)
+ int (*cmp)(element_ptr, element_ptr);
+ int (*to_bytes)(unsigned char *data, element_ptr);
+ int (*from_bytes)(element_ptr, unsigned char *data);
+ int (*length_in_bytes)(element_ptr);
+ int fixed_length_in_bytes; // length of an element in bytes; -1 for variable
+ int (*snprint)(char *s, size_t n, element_ptr e);
+ void (*to_mpz)(mpz_ptr, element_ptr);
+ void (*out_info)(FILE *, struct field_s *);
+ void (*pp_init)(element_pp_t p, element_t in);
+ void (*pp_clear)(element_pp_t p);
+ void (*pp_pow)(element_t out, mpz_ptr power, element_pp_t p);
+
+ struct pairing_s *pairing;
+
+ mpz_t order; // 0 for infinite order
+ element_ptr nqr; // nonquadratic residue
+
+ char *name;
+ void *data;
+};
+typedef struct field_s *field_ptr;
+typedef struct field_s field_t[1];
+
+typedef void (*fieldmap) (element_t dst, element_t src);
+
+void field_out_info(FILE* out, field_ptr f);
+
+/*@manual internal
+Initialize 'e' to be an element of the algebraic structure 'f'
+and set it to be the zero element.
+*/
+static inline void element_init(element_t e, field_ptr f) {
+ e->field = f;
+ f->init(e);
+}
+
+element_ptr element_new(field_ptr f);
+void element_free(element_ptr e);
+
+/*@manual einit
+Initialize 'e' to be an element of the algebraic structure that 'e2'
+lies in.
+*/
+static inline void element_init_same_as(element_t e, element_t e2) {
+ element_init(e, e2->field);
+}
+
+/*@manual einit
+Free the space occupied by 'e'. Call this when
+the variable 'e' is no longer needed.
+*/
+static inline void element_clear(element_t e) {
+ e->field->clear(e);
+}
+
+/*@manual eio
+Output 'e' on 'stream' in base 'base'. The base must be between
+2 and 36.
+*/
+static inline size_t element_out_str(FILE * stream, int base, element_t e) {
+ return e->field->out_str(stream, base, e);
+}
+
+/*@manual eio
+*/
+int element_printf(const char *format, ...);
+
+/*@manual eio
+*/
+int element_fprintf(FILE * stream, const char *format, ...);
+
+/*@manual eio
+*/
+int element_snprintf(char *buf, size_t size, const char *fmt, ...);
+
+/*@manual eio
+Same as printf family
+except also has the 'B' conversion specifier for types
+of *element_t*, and 'Y', 'Z' conversion specifiers for
++mpz_t+. For example if 'e' is of type
++element_t+ then
+
+ element_printf("%B\n", e);
+
+will print the value of 'e' in a human-readable form on standard output.
+*/
+int element_vsnprintf(char *buf, size_t size, const char *fmt, va_list ap);
+
+/*@manual eio
+Convert an element to a human-friendly string.
+Behaves as *snprintf* but only on one element at a time.
+*/
+static inline int element_snprint(char *s, size_t n, element_t e) {
+ return e->field->snprint(s, n, e);
+}
+
+static inline void element_set_multiz(element_t e, multiz m) {
+ e->field->set_multiz(e, m);
+}
+
+/*@manual eio
+Set the element 'e' from 's', a null-terminated C string in base 'base'.
+Whitespace is ignored. Points have the form "['x,y']" or "'O'",
+while polynomials have the form "['a0,...,an']".
+Returns number of characters read (unlike GMP's mpz_set_str).
+A return code of zero means PBC could not find a well-formed string
+describing an element.
+*/
+static inline int element_set_str(element_t e, const char *s, int base) {
+ return e->field->set_str(e, s, base);
+}
+
+/*@manual eassign
+Set 'e' to zero.
+*/
+static inline void element_set0(element_t e) {
+ e->field->set0(e);
+}
+
+/*@manual eassign
+Set 'e' to one.
+*/
+static inline void element_set1(element_t e) {
+ e->field->set1(e);
+}
+
+/*@manual eassign
+Set 'e' to 'i'.
+*/
+static inline void element_set_si(element_t e, signed long int i) {
+ e->field->set_si(e, i);
+}
+
+/*@manual eassign
+Set 'e' to 'z'.
+*/
+static inline void element_set_mpz(element_t e, mpz_t z) {
+ e->field->set_mpz(e, z);
+}
+
+/*@manual eassign
+Set 'e' to 'a'.
+*/
+static inline void element_set(element_t e, element_t a) {
+ PBC_ASSERT_MATCH2(e, a);
+ e->field->set(e, a);
+}
+
+static inline void element_add_ui(element_t n, element_t a,
+ unsigned long int b) {
+ n->field->add_ui(n, a, b);
+}
+
+/*@manual econvert
+Converts 'e' to a GMP integer 'z'
+if such an operation makes sense
+*/
+static inline void element_to_mpz(mpz_t z, element_t e) {
+ e->field->to_mpz(z, e);
+}
+
+static inline long element_to_si(element_t e) {
+ mpz_t z;
+ mpz_init(z);
+ e->field->to_mpz(z, e);
+ long res = mpz_get_si(z);
+ mpz_clear(z);
+ return res;
+}
+
+/*@manual econvert
+Generate an element 'e' deterministically from
+the 'len' bytes stored in the buffer 'data'.
+*/
+static inline void element_from_hash(element_t e, void *data, int len) {
+ e->field->from_hash(e, data, len);
+}
+
+/*@manual earith
+Set 'n' to 'a' + 'b'.
+*/
+static inline void element_add(element_t n, element_t a, element_t b) {
+ PBC_ASSERT_MATCH3(n, a, b);
+ n->field->add(n, a, b);
+}
+
+/*@manual earith
+Set 'n' to 'a' - 'b'.
+*/
+static inline void element_sub(element_t n, element_t a, element_t b) {
+ PBC_ASSERT_MATCH3(n, a, b);
+ n->field->sub(n, a, b);
+}
+
+/*@manual earith
+Set 'n' = 'a' 'b'.
+*/
+static inline void element_mul(element_t n, element_t a, element_t b) {
+ PBC_ASSERT_MATCH3(n, a, b);
+ n->field->mul(n, a, b);
+}
+
+static inline void element_cubic(element_t n, element_t a) {
+ PBC_ASSERT_MATCH2(n, a);
+ n->field->cubic(n, a);
+}
+
+/*@manual earith
+*/
+static inline void element_mul_mpz(element_t n, element_t a, mpz_t z) {
+ PBC_ASSERT_MATCH2(n, a);
+ n->field->mul_mpz(n, a, z);
+}
+
+/*@manual earith
+Set 'n' = 'a' 'z', that is 'a' + 'a' + ... + 'a' where there are 'z' 'a'#'s#.
+*/
+static inline void element_mul_si(element_t n, element_t a,
+ signed long int z) {
+ PBC_ASSERT_MATCH2(n, a);
+ n->field->mul_si(n, a, z);
+}
+
+/*@manual earith
+'z' must be an element of a integer mod ring (i.e. *Z*~n~ for some n).
+Set 'c' = 'a' 'z', that is 'a' + 'a' + ... + 'a'
+where there are 'z' 'a''s.
+*/
+static inline void element_mul_zn(element_t c, element_t a, element_t z) {
+ mpz_t z0;
+ PBC_ASSERT_MATCH2(c, a);
+ //TODO: check z->field is Zn
+ mpz_init(z0);
+ element_to_mpz(z0, z);
+ element_mul_mpz(c, a, z0);
+ mpz_clear(z0);
+}
+
+/*@manual earith
+Set 'n' = 'a' / 'b'.
+*/
+static inline void element_div(element_t n, element_t a, element_t b) {
+ PBC_ASSERT_MATCH3(n, a, b);
+ n->field->div(n, a, b);
+}
+
+/*@manual earith
+Set 'n' = 'a' + 'a'.
+*/
+static inline void element_double(element_t n, element_t a) {
+ PBC_ASSERT_MATCH2(n, a);
+ n->field->doub(n, a);
+}
+
+// Set n_i = a_i + a_i for all i at one time.
+// Uses multi_doub(), which only elliptic curves have at the moment.
+void element_multi_double(element_t n[], element_t a[], int m);
+
+// Set n_i =a_i + b_i for all i at one time.
+// Uses multi_add(), which only elliptic curves have at the moment.
+void element_multi_add(element_t n[], element_t a[],element_t b[], int m);
+
+/*@manual earith
+Set 'n' = 'a/2'
+*/
+static inline void element_halve(element_t n, element_t a) {
+ PBC_ASSERT_MATCH2(n, a);
+ n->field->halve(n, a);
+}
+
+/*@manual earith
+Set 'n' = 'a'^2^
+*/
+static inline void element_square(element_t n, element_t a) {
+ PBC_ASSERT_MATCH2(n, a);
+ n->field->square(n, a);
+}
+
+/*@manual epow
+Set 'x' = 'a'^'n'^, that is
+'a' times 'a' times ... times 'a' where there are 'n' 'a'#'s#.
+*/
+static inline void element_pow_mpz(element_t x, element_t a, mpz_t n) {
+ PBC_ASSERT_MATCH2(x, a);
+ x->field->pow_mpz(x, a, n);
+}
+
+/*@manual epow
+Set 'x' = 'a'^'n'^, where 'n' is an element of a ring *Z*~N~
+for some 'N' (typically the order of the algebraic structure 'x' lies in).
+*/
+static inline void element_pow_zn(element_t x, element_t a, element_t n) {
+ mpz_t z;
+ PBC_ASSERT_MATCH2(x, a);
+ mpz_init(z);
+ element_to_mpz(z, n);
+ element_pow_mpz(x, a, z);
+ mpz_clear(z);
+}
+
+/*@manual earith
+Set 'n' = -'a'.
+*/
+static inline void element_neg(element_t n, element_t a) {
+ PBC_ASSERT_MATCH2(n, a);
+ n->field->neg(n, a);
+}
+
+/*@manual earith
+Set 'n' to the inverse of 'a'.
+*/
+static inline void element_invert(element_t n, element_t a) {
+ PBC_ASSERT_MATCH2(n, a);
+ n->field->invert(n, a);
+}
+
+/*@manual erandom
+If the 'e' lies in a finite algebraic structure,
+assigns a uniformly random element to 'e'.
+*/
+static inline void element_random(element_t e) {
+ e->field->random(e);
+}
+
+/*@manual ecmp
+Returns true if 'n' is 1.
+*/
+static inline int element_is1(element_t n) {
+ return n->field->is1(n);
+}
+
+/*@manual ecmp
+Returns true if 'n' is 0.
+*/
+static inline int element_is0(element_t n) {
+ return n->field->is0(n);
+}
+
+/*@manual ecmp
+Returns 0 if 'a' and 'b' are the same, nonzero otherwise.
+*/
+static inline int element_cmp(element_t a, element_t b) {
+ PBC_ASSERT_MATCH2(a, b);
+ return a->field->cmp(a, b);
+}
+
+/*@manual ecmp
+Returns nonzero if 'a' is a perfect square (quadratic residue),
+zero otherwise.
+*/
+static inline int element_is_sqr(element_t a) {
+ return a->field->is_sqr(a);
+}
+
+/*@manual ecmp
+*/
+static inline int element_sgn(element_t a) {
+ return a->field->sign(a);
+}
+
+/*@manual ecmp
+If 'a' is zero, returns 0. For nozero 'a' the behaviour depends on
+the algebraic structure, but has the property that
+element_sgn('a') = -element_sgn(-'a')
+and
+element_sgn('a') = 0 implies 'a' = 0 with overwhelming probability.
+*/
+static inline int element_sign(element_t a) {
+ return a->field->sign(a);
+}
+
+static inline void element_sqrt(element_t a, element_t b) {
+ PBC_ASSERT_MATCH2(a, b);
+ a->field->sqrt(a, b);
+}
+
+/*@manual etrade
+Returns the length in bytes the element 'e' will take to represent
+*/
+static inline int element_length_in_bytes(element_t e) {
+ if (e->field->fixed_length_in_bytes < 0) {
+ return e->field->length_in_bytes(e);
+ } else {
+ return e->field->fixed_length_in_bytes;
+ }
+}
+
+/*@manual etrade
+Converts 'e' to byte, writing the result in the buffer 'data'.
+The number of bytes it will write can be determined from calling
+*element_length_in_bytes()*. Returns number of bytes written.
+*/
+static inline int element_to_bytes(unsigned char *data, element_t e) {
+ return e->field->to_bytes(data, e);
+}
+
+/*@manual etrade
+Reads 'e' from the buffer 'data', and returns the number of bytes read.
+*/
+static inline int element_from_bytes(element_t e, unsigned char *data) {
+ return e->field->from_bytes(e, data);
+}
+
+/*@manual epow
+Sets 'x' = 'a1'^'n1'^ 'a2'^'n2'^, and is generally faster than
+performing two separate exponentiations.
+*/
+void element_pow2_mpz(element_t x, element_t a1, mpz_t n1, element_t a2,
+ mpz_t n2);
+/*@manual epow
+Also sets 'x' = 'a1'^'n1'^ 'a2'^'n2'^,
+but 'n1', 'n2' must be elements of a ring *Z*~n~ for some integer n.
+*/
+static inline void element_pow2_zn(element_t x, element_t a1, element_t n1,
+ element_t a2, element_t n2) {
+ mpz_t z1, z2;
+ mpz_init(z1);
+ mpz_init(z2);
+ element_to_mpz(z1, n1);
+ element_to_mpz(z2, n2);
+ element_pow2_mpz(x, a1, z1, a2, z2);
+ mpz_clear(z1);
+ mpz_clear(z2);
+}
+
+/*@manual epow
+Sets 'x' = 'a1'^'n1'^ 'a2'^'n2'^ 'a3'^'n3'^,
+generally faster than performing three separate exponentiations.
+*/
+void element_pow3_mpz(element_t x, element_t a1, mpz_t n1,
+ element_t a2, mpz_t n2, element_t a3, mpz_t n3);
+
+/*@manual epow
+Also sets 'x' = 'a1'^'n1'^ 'a2'^'n2'^ 'a3'^'n3'^,
+but 'n1', 'n2', 'n3' must be elements of a ring *Z*~n~ for some integer n.
+*/
+static inline void element_pow3_zn(element_t x, element_t a1, element_t n1,
+ element_t a2, element_t n2,
+ element_t a3, element_t n3) {
+ mpz_t z1, z2, z3;
+ mpz_init(z1);
+ mpz_init(z2);
+ mpz_init(z3);
+ element_to_mpz(z1, n1);
+ element_to_mpz(z2, n2);
+ element_to_mpz(z3, n3);
+ element_pow3_mpz(x, a1, z1, a2, z2, a3, z3);
+ mpz_clear(z1);
+ mpz_clear(z2);
+ mpz_clear(z3);
+}
+
+void field_clear(field_ptr f);
+
+element_ptr field_get_nqr(field_ptr f);
+void field_set_nqr(field_ptr f, element_t nqr);
+void field_gen_nqr(field_ptr f);
+
+void field_init(field_ptr f);
+
+static inline int mpz_is0(mpz_t z) {
+ return !mpz_sgn(z);
+ //return !mpz_cmp_ui(z, 0);
+}
+
+/*@manual etrade
+Assumes 'e' is a point on an elliptic curve.
+Writes the x-coordinate of 'e' to the buffer 'data'
+*/
+int element_to_bytes_x_only(unsigned char *data, element_t e);
+/*@manual etrade
+Assumes 'e' is a point on an elliptic curve.
+Sets 'e' to a point with
+x-coordinate represented by the buffer 'data'. This is not unique.
+For each 'x'-coordinate, there exist two different points, at least
+for the elliptic curves in PBC. (They are inverses of each other.)
+*/
+int element_from_bytes_x_only(element_t e, unsigned char *data);
+/*@manual etrade
+Assumes 'e' is a point on an elliptic curve.
+Returns the length in bytes needed to hold the x-coordinate of 'e'.
+*/
+int element_length_in_bytes_x_only(element_t e);
+
+/*@manual etrade
+If possible, outputs a compressed form of the element 'e' to
+the buffer of bytes 'data'.
+Currently only implemented for points on an elliptic curve.
+*/
+int element_to_bytes_compressed(unsigned char *data, element_t e);
+
+/*@manual etrade
+Sets element 'e' to the element in compressed form in the buffer of bytes
+'data'.
+Currently only implemented for points on an elliptic curve.
+*/
+int element_from_bytes_compressed(element_t e, unsigned char *data);
+
+/*@manual etrade
+Returns the number of bytes needed to hold 'e' in compressed form.
+Currently only implemented for points on an elliptic curve.
+*/
+int element_length_in_bytes_compressed(element_t e);
+
+/*@manual epow
+Prepare to exponentiate an element 'in', and store preprocessing information
+in 'p'.
+*/
+static inline void element_pp_init(element_pp_t p, element_t in) {
+ p->field = in->field;
+ in->field->pp_init(p, in);
+}
+
+/*@manual epow
+Clear 'p'. Should be called after 'p' is no longer needed.
+*/
+static inline void element_pp_clear(element_pp_t p) {
+ p->field->pp_clear(p);
+}
+
+/*@manual epow
+Raise 'in' to 'power' and store the result in 'out', where 'in'
+is a previously preprocessed element, that is, the second argument
+passed to a previous *element_pp_init* call.
+*/
+static inline void element_pp_pow(element_t out, mpz_ptr power,
+ element_pp_t p) {
+ p->field->pp_pow(out, power, p);
+}
+
+/*@manual epow
+Same except 'power' is an element of *Z*~n~ for some integer n.
+*/
+static inline void element_pp_pow_zn(element_t out, element_t power,
+ element_pp_t p) {
+ mpz_t z;
+ mpz_init(z);
+ element_to_mpz(z, power);
+ element_pp_pow(out, z, p);
+ mpz_clear(z);
+}
+
+void pbc_mpz_out_raw_n(unsigned char *data, int n, mpz_t z);
+void pbc_mpz_from_hash(mpz_t z, mpz_t limit,
+ unsigned char *data, unsigned int len);
+
+/*@manual etrade
+For points, returns the number of coordinates.
+For polynomials, returns the number of coefficients.
+Otherwise returns zero.
+*/
+static inline int element_item_count(element_t e) {
+ return e->field->item_count(e);
+}
+
+/*@manual etrade
+For points, returns 'n'#th# coordinate.
+For polynomials, returns coefficient of 'x^n^'.
+Otherwise returns NULL.
+The element the return value points to may be modified.
+*/
+static inline element_ptr element_item(element_t e, int i) {
+ // TODO: Document the following:
+ // For polynomials, never zero the leading coefficient, e.g. never write:
+ // element_set0(element_item(f, poly_degree(f)));
+ // Use poly_set_coeff0() to zero the leading coefficient.
+ return e->field->item(e, i);
+}
+
+// Returns the field containing the items.
+// Returns NULL if there are no items.
+static inline field_ptr element_item_field(element_t e) {
+ if (!element_item_count(e)) return NULL;
+ return element_item(e, 0)->field;
+}
+
+/*@manual etrade
+Equivalent to `element_item(a, 0)`.
+*/
+static inline element_ptr element_x(element_ptr a) {
+ return a->field->get_x(a);
+}
+/*@manual etrade
+Equivalent to `element_item(a, 1)`.
+*/
+static inline element_ptr element_y(element_ptr a) {
+ return a->field->get_y(a);
+}
+
+/*@manual epow
+Computes 'x' such that 'g^x^ = h' by brute force, where
+'x' lies in a field where `element_set_mpz()` makes sense.
+*/
+void element_dlog_brute_force(element_t x, element_t g, element_t h);
+
+/*@manual epow
+Computes 'x' such that 'g^x^ = h' using Pollard rho method, where
+'x' lies in a field where `element_set_mpz()` makes sense.
+*/
+void element_dlog_pollard_rho(element_t x, element_t g, element_t h);
+
+// Trial division up to a given limit. If limit == NULL, then there is no limit.
+// Call the callback for each factor found, abort and return 1 if the callback
+// returns nonzero, otherwise return 0.
+int pbc_trial_divide(int (*fun)(mpz_t factor,
+ unsigned int multiplicity,
+ void *scope_ptr),
+ void *scope_ptr,
+ mpz_t n,
+ mpz_ptr limit);
+
+#endif // __PBC_FIELD_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_fieldquadratic.h b/moon-abe/pbc-0.5.14/include/pbc_fieldquadratic.h
new file mode 100644
index 00000000..5a2111b3
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_fieldquadratic.h
@@ -0,0 +1,23 @@
+/*
+ * Quadratic field extensions.
+ */
+
+//requires
+// * field.h
+#ifndef __PBC_FIELDQUADRATIC_H__
+#define __PBC_FIELDQUADRATIC_H__
+
+// Initialize L as K[sqrt(a)], where a is a quadratic nonresidue of K. We
+// automatically randomly generate a if necessary (see field_get_nqr() in
+// field.c).
+void field_init_quadratic(field_ptr L, field_ptr K);
+
+// Initialize L as K[i], where i = sqrt(-1). Faster than the generic version.
+// Requires -1 to be a quadratic nonresidue in K.
+void field_init_fi(field_ptr L, field_ptr K);
+
+// Naturally map an element from a field K to K[a].
+void element_field_to_quadratic(element_ptr out, element_ptr in);
+void element_field_to_fi(element_ptr a, element_ptr b);
+
+#endif //__PBC_FIELDQUADRATIC_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_fp.h b/moon-abe/pbc-0.5.14/include/pbc_fp.h
new file mode 100644
index 00000000..3410cee1
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_fp.h
@@ -0,0 +1,26 @@
+/* There does not appear to be a succint name for rings of type Z/nZ.
+ * Sage calls it integer mod ring.
+ * NTL calls it ZZ_p.
+ * I'll call it fp, as it's the quickest to type.
+ * "zn" might be better since it can also handle composite numbers.
+ */
+// Requires:
+// * field.h
+// * gmp.h
+#ifndef __PBC_FP_H__
+#define __PBC_FP_H__
+
+void field_init_naive_fp(field_ptr f, mpz_t prime);
+void field_init_tiny_fp(field_ptr f, mpz_t prime);
+void field_init_fast_fp(field_ptr f, mpz_t prime);
+void field_init_faster_fp(field_ptr f, mpz_t prime);
+void field_init_mont_fp(field_ptr f, mpz_t prime);
+
+void pbc_tweak_use_fp(char *s);
+
+void element_tonelli(element_ptr x, element_ptr a);
+
+void field_init_fp(field_ptr f, mpz_t prime);
+
+int pbc_mpz_set_str(mpz_t z, const char *s, int base);
+#endif //__PBC_FP_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_g_param.h b/moon-abe/pbc-0.5.14/include/pbc_g_param.h
new file mode 100644
index 00000000..0b7bf45d
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_g_param.h
@@ -0,0 +1,28 @@
+// Type G pairings.
+
+// Requires:
+// * mnt.h
+// * param.h
+#ifndef __PBC_G_PARAM_H__
+#define __PBC_G_PARAM_H__
+
+struct symtab_s;
+int pbc_param_init_g(pbc_param_ptr par, struct symtab_s *tab);
+
+/*@manual gparam
+Type G curves are generated using the complex multiplication (CM) method. This
+function sets 'p' to a type G pairing parameters from CM parameters 'cm'.
+They have embedding degree 10.
+
+To be secure, generic discrete log algorithms must be infeasible in groups of
+order r, and finite field discrete log algorithms must be infeasible in finite
+fields of order q^6^. For usual CM parameters, r is a few bits smaller than q.
+
+They are quite slow at the moment so for now type F is a better choice.
+
+The file `param/g149.param` contains parameters for a
+type G pairing with 149-bit group and field sizes.
+*/
+void pbc_param_init_g_gen(pbc_param_t p, pbc_cm_ptr cm);
+
+#endif //__PBC_G_PARAM_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_hilbert.h b/moon-abe/pbc-0.5.14/include/pbc_hilbert.h
new file mode 100644
index 00000000..64bdf9c1
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_hilbert.h
@@ -0,0 +1,13 @@
+// Requires:
+// * gmp.h
+#ifndef __PBC_HILBERT_H__
+#define __PBC_HILBERT_H__
+
+// Allocate an array of mpz_t and fill it with the coefficients of the Hilbert
+// polynomial H_D(x). Returns the size of array.
+size_t pbc_hilbert(mpz_t **arr, int D);
+
+// Free an array allocated by `pbc_hilbert()`.
+void pbc_hilbert_free(mpz_t *arr, size_t n);
+
+#endif //__PBC_HILBERT_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_i_param.h b/moon-abe/pbc-0.5.14/include/pbc_i_param.h
new file mode 100644
index 00000000..3f0dde58
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_i_param.h
@@ -0,0 +1,23 @@
+// Eta_T pairing over ternary extension field
+//
+// Requires:
+// * pbc_param.h
+#ifndef __PBC_I_PARAM_H__
+#define __PBC_I_PARAM_H__
+
+struct symtab_s;
+int pbc_param_init_i(pbc_param_ptr par, struct symtab_s *);
+
+/*@manual aparam
+Generate type I pairing parameters and store them in 'p',
+where the group order is at least 2^'group_size'.
+
+To be as secure as 64 bit symmetric encryption, 'group_size' may be 150.
+To get 128 bit symmetric secure level, 'group_size' may be 696.
+
+The file `param/i.param` contains parameters for a type I pairing suitable for
+cryptographic use.
+*/
+void pbc_param_init_i_gen(pbc_param_ptr par, int group_size);
+
+#endif //__PBC_I_PARAM_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_memory.h b/moon-abe/pbc-0.5.14/include/pbc_memory.h
new file mode 100644
index 00000000..4c71a2e0
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_memory.h
@@ -0,0 +1,24 @@
+// Requires:
+// * stdlib.h
+#ifndef __PBC_MEMORY_H__
+#define __PBC_MEMORY_H__
+
+// Memory allocation functions used by PBC.
+extern void *(*pbc_malloc)(size_t);
+extern void *(*pbc_realloc)(void *, size_t);
+extern void (*pbc_free)(void *);
+
+void *pbc_calloc(size_t, size_t);
+
+/*@manual alloc
+Set custom allocation functions. The parameters must be function pointers to
+drop-in replacements for malloc, realloc and free, except that malloc and
+realloc should terminate the program on failure: they must not return in this
+case.
+*/
+void pbc_set_memory_functions(void *(*malloc_fn)(size_t),
+ void *(*realloc_fn)(void *, size_t), void (*free_fn)(void *));
+
+char *pbc_strdup(const char *s);
+
+#endif //__PBC_MEMORY_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_mnt.h b/moon-abe/pbc-0.5.14/include/pbc_mnt.h
new file mode 100644
index 00000000..82e4993b
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_mnt.h
@@ -0,0 +1,49 @@
+//requires
+// * gmp.h
+#ifndef __PBC_MNT_H__
+#define __PBC_MNT_H__
+
+struct pbc_cm_s {
+ mpz_t q; //curve defined over F_q
+ mpz_t n; //has order n (= q - t + 1) in F_q (and r^2 in F_q^k)
+ mpz_t h; //h * r = n, r is prime
+ mpz_t r;
+ int D; //discrminant needed to find j-invariant
+ int k; //embedding degree
+};
+
+typedef struct pbc_cm_s *pbc_cm_ptr;
+typedef struct pbc_cm_s pbc_cm_t[1];
+
+/*@manual cminfo
+Initializes 'cm'.
+*/
+void pbc_cm_init(pbc_cm_t cm);
+/*@manual cminfo
+Clears 'cm'.
+*/
+void pbc_cm_clear(pbc_cm_t cm);
+
+/*@manual cminfo
+For a given discriminant D, searches for type D pairings suitable for
+cryptography (MNT curves of embedding degree 6).
+The group order is at most 'bitlimit' bits. For each set of CM parameters
+found, call 'callback' with +pbc_cm_t+ and given +void *+. If the callback
+returns nonzero, stops search and returns that value.
+Otherwise returns 0.
+*/
+int pbc_cm_search_d(int (*callback)(pbc_cm_ptr, void *), void *data,
+ unsigned int D, unsigned int bitlimit);
+
+/*@manual cminfo
+For a given discriminant D, searches for type G pairings suitable for
+cryptography (Freeman curve).
+The group order is at most 'bitlimit' bits. For each set of CM parameters
+found, call 'callback' with +pbc_cm_t+ and given +void *+. If the callback
+returns nonzero, stops search and returns that value.
+Otherwise returns 0.
+*/
+int pbc_cm_search_g(int (*callback)(pbc_cm_ptr, void *), void *data,
+ unsigned int D, unsigned int bitlimit);
+
+#endif //__PBC_MNT_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_multiz.h b/moon-abe/pbc-0.5.14/include/pbc_multiz.h
new file mode 100644
index 00000000..17657779
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_multiz.h
@@ -0,0 +1,20 @@
+// Multinomnials with integer coefficients.
+
+//requires
+// * field.h
+
+#ifndef __PBC_FIELDMULTI_H__
+#define __PBC_FIELDMULTI_H__
+
+void field_init_multiz(field_ptr f);
+
+element_ptr multiz_new_list(element_ptr e);
+void multiz_append(element_ptr l, element_ptr m);
+
+void multiz_to_mpz(mpz_ptr z, multiz ep);
+int multiz_is_z(multiz m);
+multiz multiz_at(multiz m, int i);
+int multiz_count(multiz m);
+int multiz_is0(multiz m);
+
+#endif //__PBC_FIELDMULTI_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_pairing.h b/moon-abe/pbc-0.5.14/include/pbc_pairing.h
new file mode 100644
index 00000000..1f127fb1
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_pairing.h
@@ -0,0 +1,280 @@
+// Requires:
+// * stdio.h
+// * gmp.h
+// * utils.h
+// * field.h
+// * param.h
+#ifndef __PBC_PAIRING_H__
+#define __PBC_PAIRING_H__
+
+struct pairing_pp_s {
+ struct pairing_s *pairing;
+ void *data;
+};
+typedef struct pairing_pp_s pairing_pp_t[1];
+typedef struct pairing_pp_s *pairing_pp_ptr;
+
+struct pairing_s {
+ mpz_t r; // order of G1, G2, GT
+ field_t Zr; // the field Z_r
+ field_ptr G1, G2;
+ field_t GT; // group of rth roots of unity
+
+ mpz_t phikonr;
+ // Phi_k(q)/r where Phi_k is the kth cyclotomic polynomial,
+ // q as in F_q, is the base field
+
+ void (*phi)(element_ptr out, element_ptr in, struct pairing_s *pairing); //isomorphism G2 --> G1
+ void (*map)(element_ptr out, element_ptr in1, element_ptr in2,
+ struct pairing_s *p);
+ void (*prod_pairings)(element_ptr out, element_t in1[], element_t in2[], int n_prod,
+ struct pairing_s *p); //calculate a product of pairings at one time.
+ // is_almost coddh returns true given (g, g^x, h, h^x) or (g, g^x, h, h^-x)
+ // order is important: a, b are from G1, c, d are from G2
+ int (*is_almost_coddh)(element_ptr a, element_ptr b,
+ element_ptr c, element_ptr d,
+ struct pairing_s *p);
+ void (*clear_func)(struct pairing_s *);
+ void (*pp_init)(pairing_pp_t p, element_t in1, struct pairing_s *);
+ void (*pp_clear)(pairing_pp_t p);
+ void (*pp_apply)(element_t out, element_t in2, pairing_pp_t p);
+ void (*finalpow)(element_t e);
+ void (*option_set)(struct pairing_s *, char *key, char *value);
+ void *data;
+};
+
+typedef struct pairing_s pairing_t[1];
+typedef struct pairing_s *pairing_ptr;
+
+// TODO: The 'pairing' argument is redundant.
+/*@manual pairing_apply
+Get ready to perform a pairing whose first input is 'in1',
+and store the results of time-saving precomputation in 'p'.
+*/
+static inline void pairing_pp_init(pairing_pp_t p, element_t in1, pairing_t pairing) {
+ if (element_is0(in1)) {
+ p->pairing = NULL;
+ return;
+ }
+ p->pairing = pairing;
+ pairing->pp_init(p, in1, pairing);
+}
+
+/*@manual pairing_apply
+Clear 'p'. This should be called after 'p' is no longer needed.
+*/
+static inline void pairing_pp_clear(pairing_pp_t p) {
+ if (!p->pairing) {
+ // happens when p was initialized with identity
+ return;
+ }
+ p->pairing->pp_clear(p);
+}
+
+/*@manual pairing_apply
+Compute a pairing using 'in2' and the preprocessed information stored in 'p'
+and store the output in 'out'. The inputs to the pairing are the element
+previously used to initialize 'p' and the element 'in2'.
+*/
+static inline void pairing_pp_apply(element_t out, element_t in2, pairing_pp_t p) {
+ if (!p->pairing) {
+ element_set0(out);
+ return;
+ }
+ if (element_is0(in2)) {
+ element_set0(out);
+ return;
+ }
+ p->pairing->pp_apply((element_ptr) out->data, in2, p);
+}
+
+/*@manual pairing_init
+Initialize pairing from parameters in a ASCIIZ string 'str'
+Returns 0 on success, 1 on failure.
+*/
+int pairing_init_set_str(pairing_t pairing, const char *s);
+
+/*@manual pairing_init
+Same, but read at most 'len' bytes.
+If 'len' is 0, it behaves as the previous function.
+Returns 0 on success, 1 on failure.
+*/
+int pairing_init_set_buf(pairing_t pairing, const char *s, size_t len);
+
+/*@manual pairing_init
+Initialize a pairing with pairing parameters 'p'.
+*/
+void pairing_init_pbc_param(struct pairing_s *pairing, pbc_param_ptr p);
+
+/*@manual pairing_init
+Free the space occupied by 'pairing'. Call
+whenever a +pairing_t+ variable is no longer needed.
+Only call this after all elements associated with 'pairing'
+have been cleared, as they need information stored in the 'pairing'
+structure.
+*/
+void pairing_clear(pairing_t pairing);
+
+static inline void pairing_apply(element_t out, element_t in1, element_t in2,
+ pairing_t pairing) {
+ PBC_ASSERT(pairing->GT == out->field, "pairing output mismatch");
+ PBC_ASSERT(pairing->G1 == in1->field, "pairing 1st input mismatch");
+ PBC_ASSERT(pairing->G2 == in2->field, "pairing 2nd input mismatch");
+ if (element_is0(in1)) {
+ element_set0(out);
+ return;
+ }
+ if (element_is0(in2)) {
+ element_set0(out);
+ return;
+ }
+ // TODO: 'out' is an element of a multiplicative subgroup, but the
+ // pairing routine expects it to be an element of the full group, hence
+ // the 'out->data'. I should make this clearer.
+ pairing->map((element_ptr) out->data, in1, in2, pairing);
+}
+
+/*@manual pairing_apply
+Computes a pairing: 'out' = 'e'('in1', 'in2'),
+where 'in1', 'in2', 'out' must be in the groups G1, G2, GT.
+*/
+static inline void element_pairing(element_t out, element_t in1, element_t in2) {
+ pairing_ptr pairing = out->field->pairing;
+ PBC_ASSERT(pairing != NULL, "pairing output mismatch");
+ pairing_apply(out, in1, in2, pairing);
+}
+
+/*@manual pairing_apply
+Computes the product of pairings, that is
+'out' = 'e'('in1'[0], 'in2'[0]) ... 'e'('in1'[n-1], 'in2'[n-1]).
+The arrays 'in1', 'in2' must have at least 'n' elements belonging to
+the groups G1, G2 respectively, and 'out' must belong to the group GT.
+*/
+static inline void element_prod_pairing(
+ element_t out, element_t in1[], element_t in2[], int n) {
+ pairing_ptr pairing = out->field->pairing;
+ int i;
+ PBC_ASSERT(pairing->GT == out->field, "pairing output mismatch");
+ for(i = 0; i < n; i++) {
+ PBC_ASSERT(pairing->G1 == in1[i]->field, "pairing 1st input mismatch");
+ PBC_ASSERT(pairing->G2 == in2[i]->field, "pairing 2nd input mismatch");
+ if (element_is0(in1[i])) {
+ element_set0(out);
+ return;
+ }
+ if (element_is0(in2[i])) {
+ element_set0(out);
+ return;
+ }
+ }
+ pairing->prod_pairings((element_ptr) out->data, in1, in2, n, pairing);
+}
+
+/*@manual pairing_op
+Returns true if G1 and G2 are the same group.
+*/
+static inline int pairing_is_symmetric(pairing_t pairing) {
+ return pairing->G1 == pairing->G2;
+}
+
+/*@manual pairing_op
+Returns the length in bytes needed to represent an element of G1.
+*/
+static inline int pairing_length_in_bytes_G1(pairing_t pairing) {
+ return pairing->G1->fixed_length_in_bytes;
+}
+
+/*@manual pairing_op
+Returns the length in bytes needed to represent the x-coordinate of
+an element of G1.
+*/
+static inline int pairing_length_in_bytes_x_only_G1(pairing_t pairing) {
+ return pairing->G1->fixed_length_in_bytes / 2;
+}
+
+/*@manual pairing_op
+Returns the length in bytes needed to represent a compressed form of
+an element of G1. There is some overhead in decompressing.
+*/
+static inline int pairing_length_in_bytes_compressed_G1(pairing_t pairing) {
+ return pairing->G1->fixed_length_in_bytes / 2 + 1;
+}
+
+/*@manual pairing_op
+Returns the length in bytes needed to represent an element of G2.
+*/
+static inline int pairing_length_in_bytes_G2(pairing_t pairing) {
+ return pairing->G2->fixed_length_in_bytes;
+}
+
+/*@manual pairing_op
+Returns the length in bytes needed to represent a compressed form of
+an element of G2. There is some overhead in decompressing.
+*/
+static inline int pairing_length_in_bytes_compressed_G2(pairing_t pairing) {
+ return pairing->G2->fixed_length_in_bytes / 2 + 1;
+}
+
+/*@manual pairing_op
+Returns the length in bytes needed to represent the x-coordinate of
+an element of G2.
+*/
+static inline int pairing_length_in_bytes_x_only_G2(pairing_t pairing) {
+ return pairing->G2->fixed_length_in_bytes / 2;
+}
+
+/*@manual pairing_op
+Returns the length in bytes needed to represent an element of GT.
+*/
+static inline int pairing_length_in_bytes_GT(pairing_t pairing) {
+ return pairing->GT->fixed_length_in_bytes;
+}
+
+/*@manual pairing_op
+Returns the length in bytes needed to represent an element of Zr.
+*/
+static inline int pairing_length_in_bytes_Zr(pairing_t pairing) {
+ return pairing->Zr->fixed_length_in_bytes;
+}
+
+static inline int is_almost_coddh(element_t a, element_t b,
+ element_t c, element_t d, pairing_t pairing) {
+ return pairing->is_almost_coddh(a, b, c, d, pairing);
+}
+
+/*@manual einit.1
+*/
+static inline void element_init_G1(element_t e, pairing_t pairing) {
+ element_init(e, pairing->G1);
+}
+
+/*@manual einit.1
+*/
+static inline void element_init_G2(element_t e, pairing_t pairing) {
+ element_init(e, pairing->G2);
+}
+
+/*@manual einit.1
+Initialize 'e' to be an element of the group G1, G2 or GT of 'pairing'.
+*/
+static inline void element_init_GT(element_t e, pairing_t pairing) {
+ element_init(e, pairing->GT);
+}
+
+/*@manual einit.1
+Initialize 'e' to be an element of the ring Z_r of 'pairing'.
+r is the order of the groups G1, G2 and GT that are involved in the pairing.
+*/
+static inline void element_init_Zr(element_t e, pairing_t pairing) {
+ element_init(e, pairing->Zr);
+}
+
+static inline void pairing_option_set(pairing_t pairing, char *key, char *value) {
+ pairing->option_set(pairing, key, value);
+}
+
+// Initialize GT = group of rth roots of unity in f.
+// Requires pairing->r has been set.
+void pairing_GT_init(pairing_ptr pairing, field_t f);
+
+#endif //__PBC_PAIRING_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_param.h b/moon-abe/pbc-0.5.14/include/pbc_param.h
new file mode 100644
index 00000000..143ab73c
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_param.h
@@ -0,0 +1,49 @@
+// Requires:
+// * gmp.h
+#ifndef __PBC_PARAM_H__
+#define __PBC_PARAM_H__
+
+struct pairing_s;
+struct pbc_param_interface_s {
+ void (*clear)(void *);
+ void (*init_pairing)(struct pairing_s *, void *);
+ void (*out_str)(FILE *stream, void *data);
+};
+typedef struct pbc_param_interface_s pbc_param_interface_t[1];
+typedef struct pbc_param_interface_s *pbc_param_interface_ptr;
+
+struct pbc_param_s {
+ pbc_param_interface_ptr api;
+ void *data;
+};
+typedef struct pbc_param_s *pbc_param_ptr;
+typedef struct pbc_param_s pbc_param_t[1];
+
+/*@manual param
+Initializes pairing parameters from the string 's'.
+Returns 0 if successful, 1 otherwise.
+*/
+int pbc_param_init_set_str(pbc_param_t par, const char *s);
+
+/*@manual param
+Same, but read at most 'len' bytes.
+If 'len' is 0, it behaves as the previous function.
+Returns 0 if successful, 1 otherwise.
+*/
+int pbc_param_init_set_buf(pbc_param_t par, const char *s, size_t len);
+
+/*@manual param
+Write pairing parameters to ''stream'' in a text format.
+*/
+static inline void pbc_param_out_str(FILE *stream, pbc_param_ptr p) {
+ p->api->out_str(stream, p->data);
+}
+
+/*@manual param
+Clear 'p'. Call after 'p' is no longer needed.
+*/
+static inline void pbc_param_clear(pbc_param_ptr p) {
+ p->api->clear(p->data);
+}
+
+#endif //__PBC_PARAM_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_poly.h b/moon-abe/pbc-0.5.14/include/pbc_poly.h
new file mode 100644
index 00000000..bca8e108
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_poly.h
@@ -0,0 +1,57 @@
+// Polynomial rings R[x], and polynomial rings modulo polynomials,
+// i.e. R[x]_{f(x)}.
+
+// Requires:
+// * gmp.h
+// * field.h
+#ifndef __PBC_POLY_H__
+#define __PBC_POLY_H__
+
+// Initializes a polynomial ring.
+void field_init_poly(field_ptr f, field_ptr base_field);
+
+// Initializes a polynomial modulo ring.
+// Requires poly to be monic.
+void field_init_polymod(field_ptr f, element_ptr poly);
+
+#pragma GCC visibility push(hidden)
+// Internal library functions:
+
+// Returns deg f.
+static inline int poly_degree(element_ptr f) {
+ return element_item_count(f) - 1;
+}
+
+// Returns base field of f (where the coefficients live).
+field_ptr poly_base_field(element_t f);
+
+// Sets the coefficient of x^n to 0.
+void poly_set_coeff0(element_ptr f, int n);
+
+// Sets the coefficient of x^n to 1.
+void poly_set_coeff1(element_ptr f, int n);
+
+// Sets the coefficient of x^n to a.
+void poly_set_coeff(element_ptr f, element_ptr a, int n);
+
+// Sets f = x.
+void poly_setx(element_ptr f);
+void poly_const_mul(element_ptr res, element_ptr a, element_ptr poly);
+
+// Returns 0 when a root exists and sets root to one of the roots.
+int poly_findroot(element_ptr root, element_ptr poly);
+
+// Returns 1 if polynomial is irreducible, 0 otherwise.
+// Requires the polynomial to be monic.
+int poly_is_irred(element_ptr f);
+void poly_random_monic(element_ptr f, int deg);
+
+void element_field_to_poly(element_t poly, element_t constant);
+void element_field_to_polymod(element_ptr f, element_ptr a);
+
+void polymod_const_mul(element_ptr res, element_ptr a, element_ptr e);
+int polymod_field_degree(field_t f);
+
+#pragma GCC visibility pop
+
+#endif //__PBC_POLY_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_random.h b/moon-abe/pbc-0.5.14/include/pbc_random.h
new file mode 100644
index 00000000..df688b9a
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_random.h
@@ -0,0 +1,32 @@
+// Requires:
+// * gmp.h
+#ifndef __PBC_RANDOM_H__
+#define __PBC_RANDOM_H__
+
+/*@manual pbcrandom
+Sets 'filename' as a source of random bytes. For example,
+on Linux one might use `/dev/random`.
+*/
+void pbc_random_set_file(char *filename);
+
+/*@manual pbcrandom
+Uses a determinstic random number generator, seeded with 'seed'.
+*/
+void pbc_random_set_deterministic(unsigned int seed);
+
+/*@manual pbcrandom
+Uses given function as a random number generator.
+*/
+void pbc_random_set_function(void (*fun)(mpz_t, mpz_t, void *), void *data);
+
+/*@manual pbcrandom
+Selects a random 'z' that is less than 'limit'.
+*/
+void pbc_mpz_random(mpz_t z, mpz_t limit);
+
+/*@manual pbcrandom
+Selects a random 'bits'-bit integer 'z'.
+*/
+void pbc_mpz_randomb(mpz_t z, unsigned int bits);
+
+#endif //__PBC_RANDOM_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_singular.h b/moon-abe/pbc-0.5.14/include/pbc_singular.h
new file mode 100644
index 00000000..afa6156f
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_singular.h
@@ -0,0 +1,11 @@
+//requires
+// * stdio.h
+// * gmp.h
+// * field.h
+#ifndef __PBC_SINGULAR_H__
+#define __PBC_SINGULAR_H__
+
+void field_init_curve_singular_with_node(field_t c, field_t field);
+void pairing_init_singular_with_node(pairing_t pairing, mpz_t q);
+
+#endif //__PBC_SINGULAR_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_ternary_extension_field.h b/moon-abe/pbc-0.5.14/include/pbc_ternary_extension_field.h
new file mode 100644
index 00000000..8effc16a
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_ternary_extension_field.h
@@ -0,0 +1,22 @@
+// some ternary extension fields,
+// including $GF(3^m) = GF(3)[x]/(x^m + x^t + 2)$,
+// $GF(3^{2*m}) = GF(3^m)[x]/(x^2 + 1)$,
+// $GF(3^{3*m}) = GF(3^m)[x]/(x^3 - x - 1)$,
+// and $GF(3^{6*m}) = GF(3^{2*m})[x]/(x^3 - x - 1)$
+//
+// Requires:
+// * pbc_field.h
+
+#ifndef __PBC_TERNARY_EXTENSION_FIELD_H__
+#define __PBC_TERNARY_EXTENSION_FIELD_H__
+
+/* initialize $f$ as $GF(3)[x]/(x^m + x^t + 2)$ */
+void field_init_gf3m(field_t f, unsigned m, unsigned t);
+
+/* initialize $f$ as $base_field[x]/(x^2 + 1)$ */
+void field_init_gf32m(field_t f, field_t base_field);
+
+/* initialize $f$ as $base_field[x]/(x^3 - x - 1)$ */
+void field_init_gf33m(field_t f, field_t base_field);
+
+#endif //__PBC_TERNARY_EXTENSION_FIELD_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_test.h b/moon-abe/pbc-0.5.14/include/pbc_test.h
new file mode 100644
index 00000000..35d6f754
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_test.h
@@ -0,0 +1,42 @@
+// Useful for tests.
+
+#ifndef __PBC_TEST_H__
+#define __PBC_TEST_H__
+
+/*@manual test
+Initializes pairing from file specified as first argument, or from standard
+input if there is no first argument.
+*/
+static inline void pbc_demo_pairing_init(pairing_t pairing, int argc, char **argv) {
+ char s[16384];
+ FILE *fp = stdin;
+
+ if (argc > 1) {
+ fp = fopen(argv[1], "r");
+ if (!fp) pbc_die("error opening %s", argv[1]);
+ }
+ size_t count = fread(s, 1, 16384, fp);
+ if (!count) pbc_die("input error");
+ fclose(fp);
+
+ if (pairing_init_set_buf(pairing, s, count)) pbc_die("pairing init failed");
+}
+
+/*@manual test
+Returns seconds elapsed since the first call to this function.
+Returns 0 the first time.
+*/
+double pbc_get_time(void);
+
+/*@manual test
+Macro: if `condition` evaluates to 0 then print an error.
+*/
+#define EXPECT(condition) \
+ if (condition); else pbc_err_count++, fprintf(stderr, "\n*** FAIL ***\n %s:%d: %s\n\n", __FILE__, __LINE__, #condition)
+
+/*@manual test
+Total number of failed EXPECT checks.
+*/
+int pbc_err_count;
+
+#endif //__PBC_TEST_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_utils.h b/moon-abe/pbc-0.5.14/include/pbc_utils.h
new file mode 100644
index 00000000..62c02b07
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_utils.h
@@ -0,0 +1,86 @@
+#ifndef __PBC_UTILS_H__
+#define __PBC_UTILS_H__
+
+#ifdef PBC_DEBUG
+
+/*@manual debug
+Macro: if `expr` evaluates to 0, print `msg` and exit.
+*/
+#define PBC_ASSERT(expr, msg) \
+ (pbc_assert(expr, msg, __func__))
+
+/*@manual debug
+Macro: if elements `a` and `b` are from different fields then exit.
+*/
+#define PBC_ASSERT_MATCH2(a, b) \
+ (pbc_assert_match2(a, b, __func__))
+
+/*@manual debug
+Macro: if elements `a`, `b` and `c` are from different fields then exit.
+*/
+#define PBC_ASSERT_MATCH3(a, b, c) \
+ (pbc_assert_match3(a, b, c, __func__))
+
+#else
+
+#define PBC_ASSERT(expr, msg) ((void) (0))
+#define PBC_ASSERT_MATCH2(a, b) ((void) (0))
+#define PBC_ASSERT_MATCH3(a, b, c) ((void) (0))
+
+#endif
+
+// die, warn and info based on Git code.
+
+/*@manual log
+By default error messages are printed to standard error.
+Call `pbc_set_msg_to_stderr(0)` to suppress messages.
+*/
+int pbc_set_msg_to_stderr(int i);
+
+/*@manual log
+Reports error message and exits with code 128.
+*/
+void pbc_die(const char *err, ...)
+ __attribute__((__noreturn__))
+ __attribute__((format (printf, 1, 2)));
+
+/*@manual log
+Reports informational message.
+*/
+void pbc_info(const char *err, ...)
+ __attribute__((format (printf, 1, 2)));
+
+/*@manual log
+Reports warning message.
+*/
+void pbc_warn(const char *err, ...)
+ __attribute__((format (printf, 1, 2)));
+
+/*@manual log
+Reports error message.
+*/
+void pbc_error(const char *err, ...)
+ __attribute__((format (printf, 1, 2)));
+
+#ifndef UNUSED_VAR
+#if defined(__GNUC__)
+// We could use __attribute__((unused)) instead.
+#define UNUSED_VAR(a) (void) a
+#else
+// From the ACE project: http://www.cs.wustl.edu/~schmidt/ACE.html
+// silences warnings, and generates no code for many compilers
+// See ACE_wrappers/ace/ace/config-macros.h:391
+//
+// Not anymore: gcc no longer likes it -blynn
+#define UNUSED_VAR(a) do { /* nothing */ } while (&a == 0)
+#endif
+#endif
+
+// For storing small integers in void *
+// C99 standard introduced the intptr_t and uintptr_t types,
+// guaranteed to be able to hold pointers
+static inline void *int_to_voidp(intptr_t i) {
+ return (void *) i;
+}
+
+#endif //__PBC_UTILS_H__
diff --git a/moon-abe/pbc-0.5.14/include/pbc_z.h b/moon-abe/pbc-0.5.14/include/pbc_z.h
new file mode 100644
index 00000000..2ec54af3
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/include/pbc_z.h
@@ -0,0 +1,12 @@
+// ring of integers Z
+// wrappers around GMP's mpz_t
+
+//requires
+// * field.h
+
+#ifndef __PBC_FIELDMPZ_H__
+#define __PBC_FIELDMPZ_H__
+
+void field_init_z(field_ptr f);
+
+#endif //__PBC_FIELDMPZ_H__
diff --git a/moon-abe/pbc-0.5.14/makedeb.sh b/moon-abe/pbc-0.5.14/makedeb.sh
new file mode 100644
index 00000000..14ddc192
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/makedeb.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+set -e
+
+dpkg-buildpackage -rfakeroot
diff --git a/moon-abe/pbc-0.5.14/misc/darray.c b/moon-abe/pbc-0.5.14/misc/darray.c
new file mode 100644
index 00000000..50b127f3
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/misc/darray.c
@@ -0,0 +1,176 @@
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include "pbc_memory.h"
+#include "darray.h"
+
+#define NDEBUG
+#include <assert.h>
+
+enum {
+ max_init = 8
+};
+
+void darray_init(darray_ptr a)
+{
+ a->max = max_init;
+ a->count = 0;
+ a->item = pbc_malloc(sizeof(void *) * a->max);
+}
+
+darray_ptr darray_new(void)
+{
+ darray_ptr res = pbc_malloc(sizeof(darray_t));
+ darray_init(res);
+ return res;
+}
+
+void darray_remove_all(darray_ptr a)
+{
+ a->max = max_init;
+ a->count = 0;
+ pbc_free(a->item);
+ a->item = pbc_malloc(sizeof(void *) * a->max);
+}
+
+void darray_remove_last(darray_ptr a)
+{
+ assert(a->count > 0);
+ a->count--;
+}
+
+static void darray_realloc(darray_ptr a, int size)
+{
+ a->max = size;
+ a->item = pbc_realloc(a->item, sizeof(void *) * a->max);
+}
+
+void darray_append(darray_ptr a, void *p)
+{
+ if (a->count == a->max) {
+ if (!a->max) a->max = max_init;
+ else a->max *= 2;
+ a->item = pbc_realloc(a->item, sizeof(void *) * a->max);
+ }
+ a->item[a->count] = p;
+ a->count++;
+}
+
+int darray_index_of(darray_ptr a, void *p)
+{
+ int i;
+ for (i=0; i<a->count; i++) {
+ if (a->item[i] == p) return i;
+ }
+ return -1;
+}
+
+void darray_clear(darray_t a)
+{
+ pbc_free(a->item);
+ a->max = 0;
+ a->count = 0;
+}
+
+void darray_free(darray_ptr a) {
+ darray_clear(a);
+ pbc_free(a);
+}
+
+void darray_remove_index(darray_ptr a, int n)
+{
+ assert(a->count >= n-1);
+ a->count--;
+ memmove(&a->item[n], &a->item[n+1], sizeof(void *) * (a->count - n));
+}
+
+void darray_remove(darray_ptr a, void *p)
+{
+ int i;
+ for (i=0; i<a->count; i++) {
+ if (a->item[i] == p) {
+ a->count--;
+ memmove(&a->item[i], &a->item[i+1], sizeof(void *) * (a->count - i));
+ return;
+ }
+ }
+ assert(0);
+}
+
+void darray_remove_with_test(darray_ptr a, int (*test)(void *))
+{
+ int i;
+ for (i=0; i<a->count; i++) {
+ if (test(a->item[i])) {
+ for (;i<a->count; i++) {
+ a->item[i] = a->item[i+1];
+ }
+ a->count--;
+ }
+ }
+}
+
+void darray_copy(darray_ptr dst, darray_ptr src)
+{
+ darray_realloc(dst, src->count);
+ memcpy(dst->item, src->item, src->count * sizeof(void *));
+ dst->count = src->count;
+}
+
+void darray_forall(darray_t a, void (*func)(void *))
+{
+ int i, n = a->count;
+ for (i=0; i<n; i++) {
+ func(a->item[i]);
+ }
+}
+
+void darray_forall2(darray_t a,
+ void (*func)(void *darray_item, void *scope_ptr),
+ void *scope_ptr)
+{
+ int i, n = a->count;
+ for (i=0; i<n; i++) {
+ func(a->item[i], scope_ptr);
+ }
+}
+
+void darray_forall3(darray_t a,
+ void (*func)(void *darray_item,
+ void *scope_ptr1,
+ void *scope_ptr2),
+ void *scope_ptr1,
+ void *scope_ptr2)
+{
+ int i, n = a->count;
+ for (i=0; i<n; i++) {
+ func(a->item[i], scope_ptr1, scope_ptr2);
+ }
+}
+
+void darray_forall4(darray_t a,
+ void (*func)(void *darray_item,
+ void *scope_ptr1,
+ void *scope_ptr2,
+ void *scope_ptr3),
+ void *scope_ptr1,
+ void *scope_ptr2,
+ void *scope_ptr3)
+{
+ int i, n = a->count;
+ for (i=0; i<n; i++) {
+ func(a->item[i], scope_ptr1, scope_ptr2, scope_ptr3);
+ }
+}
+
+void *darray_at_test(darray_ptr a,
+ int (*test)(void *data, void *scope_ptr),
+ void *scope_ptr)
+{
+ int i;
+ for (i = 0; i < a->count; i++) {
+ void *p = a->item[i];
+ if (test(p, scope_ptr)) return p;
+ }
+ return NULL;
+}
diff --git a/moon-abe/pbc-0.5.14/misc/darray.h b/moon-abe/pbc-0.5.14/misc/darray.h
new file mode 100644
index 00000000..ecbd04ad
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/misc/darray.h
@@ -0,0 +1,92 @@
+// darray = "dynamic array"
+// A linked-list implementation using C arrays.
+
+#ifndef __PBC_DARRAY_H__
+#define __PBC_DARRAY_H__
+
+#pragma GCC visibility push(hidden)
+
+struct darray_s {
+ void **item;
+ int count;
+ int max;
+};
+
+typedef struct darray_s darray_t[1];
+typedef struct darray_s *darray_ptr;
+
+/*@manual darray
+Initialize a dynamic array 'a'. Must be called before 'a' is used.
+*/
+void darray_init(darray_t a);
+darray_ptr darray_new(void);
+
+void darray_free(darray_ptr a);
+
+/*@manual darray
+Clears a dynamic array 'a'. Should be called after 'a' is no longer needed.
+*/
+void darray_clear(darray_t a);
+
+/*@manual darray
+Appends 'p' to the dynamic array 'a'.
+*/
+void darray_append(darray_t a, void *p);
+
+/*@manual darray
+Returns the pointer at index 'i' in the dynamic array 'a'.
+*/
+static inline void *darray_at(darray_t a, int i) {
+ return a->item[i];
+}
+
+int darray_index_of(darray_ptr a, void *p);
+void darray_remove(darray_ptr a, void *p);
+void darray_remove_last(darray_ptr a);
+void darray_remove_with_test(darray_ptr a, int (*test)(void *));
+
+/*@manual darray
+Removes the pointer at index 'i' in the dynamic array 'a'.
+*/
+void darray_remove_index(darray_ptr a, int n);
+void darray_copy(darray_ptr dst, darray_ptr src);
+void darray_remove_all(darray_ptr d);
+void darray_forall(darray_t a, void (*func)(void *));
+void darray_forall2(darray_t a,
+ void (*func)(void *darray_item, void *scope_ptr),
+ void *scope_ptr);
+void darray_forall3(darray_t a,
+ void (*func)(void *darray_item,
+ void *scope_ptr1,
+ void *scope_ptr2),
+ void *scope_ptr1,
+ void *scope_ptr2);
+void darray_forall4(darray_t a,
+ void (*func)(void *darray_item,
+ void *scope_ptr1,
+ void *scope_ptr2,
+ void *scope_ptr3),
+ void *scope_ptr1,
+ void *scope_ptr2,
+ void *scope_ptr3);
+
+void *darray_at_test(darray_ptr a, int (*test)(void *,void *), void *scope_ptr);
+
+/*@manual darray
+Returns the number of pointers held in 'a'.
+*/
+static inline int darray_count(darray_ptr a) {
+ return a->count;
+}
+
+static inline int darray_is_empty(darray_ptr a) {
+ return !a->count;
+}
+
+static inline void *darray_last(darray_t a) {
+ return a->item[a->count - 1];
+}
+
+#pragma GCC visibility pop
+
+#endif //__PBC_DARRAY_H__
diff --git a/moon-abe/pbc-0.5.14/misc/extend_printf.c b/moon-abe/pbc-0.5.14/misc/extend_printf.c
new file mode 100644
index 00000000..5e6537e2
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/misc/extend_printf.c
@@ -0,0 +1,188 @@
+/*
+ * Behaves as gmp_printf with new conversion specifier %B for element_t types
+ */
+
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <stdlib.h>
+#include <string.h>
+#include <stdarg.h>
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+#include "pbc_memory.h"
+
+struct sninfo_s {
+ char *s;
+ size_t size;
+ size_t left;
+ size_t result;
+};
+
+// TODO: remove repeated code for error handling
+static int do_print(int (*strcb)(void *, char *s),
+ int (*fstrcb)(void *, char *s, void *),
+ int (*elcb)(void *, element_ptr e),
+ void *data,
+ const char *format, va_list ap) {
+ // A primitive front-end for printf()-family functions. Only handles types
+ // in specifiers, and assumes they all take void * arguments.
+ //
+ // I wish register_printf_specifier() were more widespread.
+ int count = 0, status;
+ char *copy, *c, *start, *next;
+ element_ptr e;
+ int found;
+
+ copy = pbc_strdup(format);
+ start = next = copy;
+
+ for(;;) {
+ for(;;) {
+ c = strchr(next, '%');
+ if (!c) {
+ status = strcb(data, start);
+ if (status < 0) {
+ count = -1;
+ } else count += status;
+ goto done;
+ }
+ if (!*(c + 1)) goto done;
+ if (*(c + 1) != '%') break;
+ next = c + 2;
+ }
+ *c = 0;
+ status = strcb(data, start);
+ if (status < 0) {
+ count = -1;
+ goto done;
+ } else count += status;
+ *c = '%';
+ start = c;
+ found = 0;
+ while(!found) {
+ c++;
+ switch (*c) {
+ case '\0':
+ goto done;
+ case 'B':
+ e = va_arg(ap, element_ptr);
+ status = elcb(data, e);
+ if (status < 0) {
+ count = -1;
+ goto done;
+ } else count += status;
+ found = 1;
+ break;
+ default:
+ if (strchr("diouxXeEfFgGaAcspnmZ", *c)) {
+ if (*c == 'Z') c++;
+ char ch = *(c+1);
+ *(c+1) = '\0';
+ status = fstrcb(data, start, va_arg(ap, void *));
+ if (status < 0) {
+ count = -1;
+ goto done;
+ } else count += status;
+ *(c+1) = ch;
+ found = 1;
+ }
+ break;
+ }
+ }
+ next = start = c + 1;
+ }
+
+done:
+ pbc_free(copy);
+
+ return count;
+}
+
+static int string_cb(void *file, char *s) {
+ if (fputs(s, file) == EOF) return -1;
+ return strlen(s);
+}
+
+static int format_cb(void *file, char *fstring, void *ptr) {
+ return gmp_fprintf(file, fstring, ptr);
+}
+
+static int element_cb(void *file, element_ptr e) {
+ return element_out_str(file, 0, e);
+}
+
+int element_vfprintf(FILE *stream, const char *format, va_list ap) {
+ return do_print(string_cb, format_cb, element_cb, stream, format, ap);
+}
+
+int element_fprintf(FILE *stream, const char *format, ...) {
+ int status;
+ va_list ap;
+
+ va_start(ap, format);
+ status = element_vfprintf(stream, format, ap);
+ va_end(ap);
+ return status;
+}
+
+int element_printf(const char *format, ...) {
+ int status;
+ va_list ap;
+
+ va_start(ap, format);
+ status = element_vfprintf(stdout, format, ap);
+ va_end(ap);
+ return status;
+}
+
+static void next(struct sninfo_s *p, int status) {
+ p->result += status;
+ p->left = p->result >= p->size ? 0 : p->size - p->result;
+}
+
+static int string_cbv(void *data, char *s) {
+ struct sninfo_s *p = data;
+ int status = snprintf(p->s + p->result, p->left, "%s", s);
+ if (status < 0) return status;
+ next(data, status);
+ return status;
+}
+
+static int format_cbv(void *data, char *fstring, void *ptr) {
+ struct sninfo_s *p = data;
+ int status = gmp_snprintf(p->s + p->result, p->left, fstring, ptr);
+ if (status < 0) return status;
+ next(data, status);
+ return status;
+}
+
+static int element_cbv(void *data, element_ptr e) {
+ struct sninfo_s *p = data;
+ int status = element_snprint(p->s + p->result, p->left, e);
+ if (status < 0) return status;
+ next(data, status);
+ return status;
+}
+
+int element_vsnprintf(char *buf, size_t size, const char *fmt, va_list ap) {
+ struct sninfo_s info;
+
+ info.s = buf;
+ info.left = info.size = size;
+ info.result = 0;
+
+ do_print(string_cbv, format_cbv, element_cbv, &info, fmt, ap);
+
+ return info.result;
+}
+
+int element_snprintf(char *buf, size_t size, const char *fmt, ...) {
+ int status;
+ va_list ap;
+
+ va_start(ap, fmt);
+ status = element_vsnprintf(buf, size, fmt, ap);
+ va_end(ap);
+ return status;
+}
diff --git a/moon-abe/pbc-0.5.14/misc/get_time.c b/moon-abe/pbc-0.5.14/misc/get_time.c
new file mode 100644
index 00000000..8932364b
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/misc/get_time.c
@@ -0,0 +1,21 @@
+#include <sys/time.h>
+#include <time.h>
+
+double pbc_get_time(void) {
+ static struct timeval last_tv, tv;
+ static int first = 1;
+ static double res = 0;
+
+ if (first) {
+ gettimeofday(&last_tv, NULL);
+ first = 0;
+ return 0;
+ } else {
+ gettimeofday(&tv, NULL);
+ res += tv.tv_sec - last_tv.tv_sec;
+ res += (tv.tv_usec - last_tv.tv_usec) / 1000000.0;
+ last_tv = tv;
+
+ return res;
+ }
+}
diff --git a/moon-abe/pbc-0.5.14/misc/get_time.win32.c b/moon-abe/pbc-0.5.14/misc/get_time.win32.c
new file mode 100644
index 00000000..98463198
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/misc/get_time.win32.c
@@ -0,0 +1,42 @@
+#include <stdint.h> // for intptr_t
+#include <sys/time.h>
+#include "pbc_utils.h"
+
+typedef struct _FILETIME {
+ unsigned long dwLowDateTime;
+ unsigned long dwHighDateTime;
+} FILETIME;
+
+void __stdcall GetSystemTimeAsFileTime(FILETIME*);
+
+int __cdecl gettimeofday(struct timeval* p, void* tz) {
+ UNUSED_VAR(tz);
+ union {
+ long long ns100; // Time since 1 Jan 1601 in 100ns units.
+ FILETIME ft;
+ } _now;
+
+ GetSystemTimeAsFileTime( &(_now.ft) );
+ p->tv_usec=(long)((_now.ns100 / 10LL) % 1000000LL );
+ p->tv_sec= (long)((_now.ns100-(116444736000000000LL))/10000000LL);
+ return 0; // Assume success?
+}
+
+double pbc_get_time(void) {
+ static struct timeval last_tv, tv;
+ static int first = 1;
+ static double res = 0;
+
+ if (first) {
+ gettimeofday(&last_tv, NULL);
+ first = 0;
+ return 0;
+ } else {
+ gettimeofday(&tv, NULL);
+ res += tv.tv_sec - last_tv.tv_sec;
+ res += (tv.tv_usec - last_tv.tv_usec) / 1000000.0;
+ last_tv = tv;
+
+ return res;
+ }
+}
diff --git a/moon-abe/pbc-0.5.14/misc/memory.c b/moon-abe/pbc-0.5.14/misc/memory.c
new file mode 100644
index 00000000..cfe80ecc
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/misc/memory.c
@@ -0,0 +1,131 @@
+#include <stdlib.h>
+#include <stdint.h> // for intptr_t
+#include <stdio.h>
+#include <string.h>
+#include "pbc_utils.h"
+#include "pbc_memory.h"
+
+#ifdef SAFE_CLEAN
+/* guarantee zeroing the memory */
+static void gmp_free(void *ptr, size_t size) {
+ if(ptr)
+ memset(ptr, 0, size);
+ free(ptr);
+}
+
+static void* gmp_malloc(size_t size) {
+ return malloc(size);
+}
+
+/* guarantee zeroing the memory
+ * realloc() is not suitable for use with secure memory
+ * because memory contents are not zeroed out. */
+static void* gmp_realloc(void *old_ptr, size_t old_size, size_t new_size) {
+ void *new_ptr = malloc(new_size);
+ if(new_ptr && old_ptr)
+ memcpy(new_ptr, old_ptr, old_size);
+ gmp_free(old_ptr, old_size);
+ return new_ptr;
+}
+
+static void gmp_guarantee_zero_memory(void) {
+ __gmp_set_memory_functions(gmp_malloc, gmp_realloc, gmp_free);
+}
+
+__attribute__((constructor)) void init(void) {
+ gmp_guarantee_zero_memory();
+}
+
+/* pbc_mem is a continuous memory keeping track of its size */
+static inline size_t pbc_mem_get_size(size_t *p) {
+ return *p;
+}
+
+static inline void pbc_mem_set_size(size_t *p, size_t size) {
+ *p = size;
+}
+
+static inline void *pbc_mem_to_ptr(size_t *p) {
+ return p + 1;
+}
+
+static inline void *pbc_ptr_to_mem(size_t *p) {
+ return p - 1;
+}
+
+static void *pbc_mem_malloc(size_t size) {
+ void *ptr = malloc(size + sizeof(size_t));
+ if(ptr)
+ pbc_mem_set_size(ptr, size);
+ return ptr;
+}
+
+static void pbc_mem_free(void *ptr) {
+ memset(ptr, 0, pbc_mem_get_size(ptr) + sizeof(size_t));
+ free(ptr);
+}
+
+static void *default_pbc_malloc(size_t size) {
+ void *ptr = pbc_mem_malloc(size);
+ if(!ptr) pbc_die("malloc() error");
+ return pbc_mem_to_ptr(ptr);
+}
+
+static void *default_pbc_realloc(void *old, size_t new_size) {
+ void *new = pbc_mem_malloc(new_size);
+ if(!new) pbc_die("realloc() error");
+ if(old) {
+ old = pbc_ptr_to_mem(old);
+ memcpy(pbc_mem_to_ptr(new), pbc_mem_to_ptr(old), pbc_mem_get_size(old));
+ pbc_mem_free(old);
+ }
+ return pbc_mem_to_ptr(new);
+}
+
+static void default_pbc_free(void *ptr) {
+ if(ptr)
+ pbc_mem_free(pbc_ptr_to_mem(ptr));
+}
+#else
+static void *default_pbc_malloc(size_t size) {
+ void *res = malloc(size);
+ if (!res) pbc_die("malloc() error");
+ return res;
+}
+
+static void *default_pbc_realloc(void *ptr, size_t size) {
+ void *res = realloc(ptr, size);
+ if (!res) pbc_die("realloc() error");
+ return res;
+}
+
+static void default_pbc_free(void *ptr) { free(ptr); }
+#endif
+
+/* release memory got from pbc_malloc only by pbc_free(), do not use free() */
+void *(*pbc_malloc)(size_t) = default_pbc_malloc;
+/* pbc_realloc guarantees zeroing out the memory before moving old memory */
+void *(*pbc_realloc)(void *, size_t) = default_pbc_realloc;
+/* pbc_free guarantees zeroing out the memory */
+void (*pbc_free)(void *) = default_pbc_free;
+
+void pbc_set_memory_functions(void *(*malloc_fn)(size_t),
+ void *(*realloc_fn)(void *, size_t), void (*free_fn)(void *)) {
+ pbc_malloc = malloc_fn;
+ pbc_realloc = realloc_fn;
+ pbc_free = free_fn;
+}
+
+void *pbc_calloc(size_t nmemb, size_t size) {
+ void *res = pbc_malloc(nmemb * size);
+ if (!res) pbc_die("calloc() error");
+ memset(res, 0, nmemb * size);
+ return res;
+}
+
+char *pbc_strdup(const char *s) {
+ int len = strlen(s);
+ char *res = pbc_malloc(len + 1);
+ strcpy(res, s);
+ return res;
+}
diff --git a/moon-abe/pbc-0.5.14/misc/symtab.c b/moon-abe/pbc-0.5.14/misc/symtab.c
new file mode 100644
index 00000000..9d62f590
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/misc/symtab.c
@@ -0,0 +1,67 @@
+#include <stdlib.h>
+#include <string.h>
+#include "pbc_memory.h"
+
+#include "symtab.h"
+
+struct entry_s {
+ char *key;
+ void *data;
+};
+typedef struct entry_s *entry_ptr;
+typedef struct entry_s entry_t[1];
+
+void symtab_init(symtab_t t) {
+ darray_init(t->list);
+}
+
+static void clear(void *data) {
+ entry_ptr e = data;
+ pbc_free(e->key);
+ pbc_free(e);
+}
+
+void symtab_clear(symtab_t t) {
+ darray_forall(t->list, clear);
+ darray_clear(t->list);
+}
+
+void symtab_put(symtab_t t, void *data, const char *key) {
+ int i, n = t->list->count;
+ entry_ptr e;
+ for (i=0; i<n; i++) {
+ e = t->list->item[i];
+ if (!strcmp(e->key, key)) goto doit;
+ }
+ e = pbc_malloc(sizeof(entry_t));
+ e->key = pbc_strdup(key);
+ darray_append(t->list, e);
+doit:
+ e->data = data;
+}
+
+int symtab_has(symtab_t t, const char *key) {
+ int i, n = t->list->count;
+ for (i = 0; i < n; i++) {
+ entry_ptr e = t->list->item[i];
+ if (!strcmp(e->key, key)) return 1;
+ }
+ return 0;
+}
+
+void *symtab_at(symtab_t t, const char *key) {
+ int i, n = t->list->count;
+ for (i=0; i<n; i++) {
+ entry_ptr e = t->list->item[i];
+ if (!strcmp(e->key, key)) return e->data;
+ }
+ return NULL;
+}
+
+void symtab_forall_data(symtab_t t, void (*func)(void *)) {
+ int i, n = t->list->count;
+ for (i=0; i<n; i++) {
+ entry_ptr e = t->list->item[i];
+ func(e->data);
+ }
+}
diff --git a/moon-abe/pbc-0.5.14/misc/symtab.h b/moon-abe/pbc-0.5.14/misc/symtab.h
new file mode 100644
index 00000000..39f255c3
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/misc/symtab.h
@@ -0,0 +1,43 @@
+#ifndef __PBC_SYMTAB_H__
+#define __PBC_SYMTAB_H__
+
+#include "darray.h"
+
+#pragma GCC visibility push(hidden)
+
+struct symtab_s {
+ darray_t list;
+};
+typedef struct symtab_s symtab_t[1];
+typedef struct symtab_s *symtab_ptr;
+
+/*@manual symtab
+Initialize symbol table 't'. Must be called before 't' is used.
+*/
+void symtab_init(symtab_t t);
+
+/*@manual symtab
+Clears symbol table 't'. Should be called after 't' is no longer needed.
+*/
+void symtab_clear(symtab_t t);
+
+/*@manual symtab
+Puts 'value' at 'key' in 't'.
+*/
+void symtab_put(symtab_t t, void *value, const char *key);
+
+/*@manual symtab
+Returns true if 't' contains key 'key'.
+*/
+int symtab_has(symtab_t t, const char *key);
+
+/*@manual symtab
+Returns pointer at key 'key' in 't'.
+*/
+void *symtab_at(symtab_t t, const char *key);
+
+void symtab_forall_data(symtab_t t, void (*func)(void *));
+
+#pragma GCC visibility pop
+
+#endif //__PBC_SYMTAB_H__
diff --git a/moon-abe/pbc-0.5.14/misc/utils.c b/moon-abe/pbc-0.5.14/misc/utils.c
new file mode 100644
index 00000000..1a808256
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/misc/utils.c
@@ -0,0 +1,101 @@
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdint.h> // for intptr_t
+#include <gmp.h>
+
+#include "pbc_utils.h"
+#include "pbc_field.h"
+
+static int pbc_msg_to_stderr = 1;
+
+int pbc_set_msg_to_stderr(int i) {
+ return pbc_msg_to_stderr = i;
+}
+
+static int out(const char *format, ...) {
+ if (!pbc_msg_to_stderr) return 0;
+ va_list params;
+
+ va_start(params, format);
+ int res = vfprintf(stderr, format, params);
+ va_end(params);
+ return res;
+}
+
+static void print_warning(void) {
+ static int first = 1;
+ if (first) {
+ out("*** PBC asserts enabled: potential performance penalties ***\n");
+ first = 0;
+ }
+}
+
+void pbc_assert(int expr, char *msg, const char *func) {
+ print_warning();
+ if (!expr) {
+ out("PBC assert failed: %s(): %s\n", func, msg);
+ abort();
+ }
+}
+
+void pbc_assert_match2(element_ptr a, element_ptr b, const char *func) {
+ print_warning();
+ if (a->field != b->field) {
+ out("PBC assert failed: %s(): field mismatch\n", func);
+ abort();
+ }
+}
+
+void pbc_assert_match3(element_ptr a, element_ptr b, element_ptr c,
+ const char *func) {
+ print_warning();
+ if (a->field != b->field) {
+ out("PBC assert failed: %s(): first two args field mismatch\n", func);
+ abort();
+ }
+ if (b->field != c->field) {
+ out("PBC assert failed: %s(): last two args field mismatch\n", func);
+ abort();
+ }
+}
+
+// Print at most the first 1024 bytes of an error message.
+static void report(const char *prefix, const char *err, va_list params) {
+ char msg[1024];
+ element_vsnprintf(msg, sizeof(msg), err, params);
+ out("%s%s\n", prefix, msg);
+}
+
+void pbc_die(const char *err, ...) {
+ va_list params;
+
+ va_start(params, err);
+ report("fatal: ", err, params);
+ va_end(params);
+ exit(128);
+}
+
+void pbc_info(const char *err, ...) {
+ va_list params;
+
+ va_start(params, err);
+ report("", err, params);
+ va_end(params);
+}
+
+void pbc_warn(const char *err, ...) {
+ va_list params;
+
+ va_start(params, err);
+ report("warning: ", err, params);
+ va_end(params);
+}
+
+void pbc_error(const char *err, ...) {
+ va_list params;
+
+ va_start(params, err);
+ report("error: ", err, params);
+ va_end(params);
+}
diff --git a/moon-abe/pbc-0.5.14/param/a.param b/moon-abe/pbc-0.5.14/param/a.param
new file mode 100644
index 00000000..cee0e9bb
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/param/a.param
@@ -0,0 +1,8 @@
+type a
+q 8780710799663312522437781984754049815806883199414208211028653399266475630880222957078625179422662221423155858769582317459277713367317481324925129998224791
+h 12016012264891146079388821366740534204802954401251311822919615131047207289359704531102844802183906537786776
+r 730750818665451621361119245571504901405976559617
+exp2 159
+exp1 107
+sign1 1
+sign0 1
diff --git a/moon-abe/pbc-0.5.14/param/a1.param b/moon-abe/pbc-0.5.14/param/a1.param
new file mode 100644
index 00000000..fd6957f5
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/param/a1.param
@@ -0,0 +1,4 @@
+type a1
+p 48512875896303752499712277254589628516419352188294521198189567511009073158115045361294839347099315898960045398524682007334164928531594799149100548036445760110913157420655690361891290858441360807158247259460501343449199712532828063940008683740048500980441989713739689655610578458388126934242630557397618776539259
+n 36203638728584889925158415861634051131656232976339194924022065306723188923966451762160327870969638730567198058600508960697138006366861790409776528385407283664860565239295291314844246909284597617282274074224254733917313218308080644731349763985110821627195514711746037056425804819692632040479575042834043863089
+l 1340
diff --git a/moon-abe/pbc-0.5.14/param/d105171-196-185.param b/moon-abe/pbc-0.5.14/param/d105171-196-185.param
new file mode 100644
index 00000000..6242cef1
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/param/d105171-196-185.param
@@ -0,0 +1,14 @@
+type d
+q 90144054120102937439179516551801119443207521965651508326977
+n 90144054120102937439179516552101359437412329625948146453801
+h 3523
+r 25587298927080027658012919827448583433838299638361665187
+a 53241464724463691897001131065853762954208272388634868483573
+b 5446291776274815451607581859968802155069674270539409546723
+k 6
+nk 536565217356706344663314419655601558604376922027564701618757289270614360593294739461568130362279778081437146273088457636627768012396592169059882662689261645948113285006858612654825829457395553891546397990662355454563776046265747800873542312230073566643975827908869710713161941935371830987701273239900997531501272405727670675418703842862606824000125008640
+hk 819546557806423450339849940898193664969813698879192227897917671302330185914203886301113045602626676261586588840857293388779160133822229389038218318388504449595493650939257095992443062327856033482709266319687677297858891026083277228064475554560
+coeff0 43907136006531280293838495445857758305366399383908394927288
+coeff1 21720089592072695009765372832780685887129370300993349347738
+coeff2 11773373318911376280677890769414834592007872486079550520860
+nqr 4468071665857441743453009416233415235254714637554162977327
diff --git a/moon-abe/pbc-0.5.14/param/d159.param b/moon-abe/pbc-0.5.14/param/d159.param
new file mode 100644
index 00000000..6303b336
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/param/d159.param
@@ -0,0 +1,14 @@
+type d
+q 625852803282871856053922297323874661378036491717
+n 625852803282871856053923088432465995634661283063
+h 3
+r 208617601094290618684641029477488665211553761021
+a 581595782028432961150765424293919699975513269268
+b 517921465817243828776542439081147840953753552322
+k 6
+nk 60094290356408407130984161127310078516360031868417968262992864809623507269833854678414046779817844853757026858774966331434198257512457993293271849043664655146443229029069463392046837830267994222789160047337432075266619082657640364986415435746294498140589844832666082434658532589211525696
+hk 1380801711862212484403205699005242141541629761433899149236405232528956996854655261075303661691995273080620762287276051361446528504633283152278831183711301329765591450680250000592437612973269056
+coeff0 472731500571015189154958232321864199355792223347
+coeff1 352243926696145937581894994871017455453604730246
+coeff2 289113341693870057212775990719504267185772707305
+nqr 431211441436589568382088865288592347194866189652
diff --git a/moon-abe/pbc-0.5.14/param/d201.param b/moon-abe/pbc-0.5.14/param/d201.param
new file mode 100644
index 00000000..4a3a7802
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/param/d201.param
@@ -0,0 +1,14 @@
+type d
+q 2094476214847295281570670320144695883131009753607350517892357
+n 2094476214847295281570670320143248652598286201895740019876423
+h 1122591
+r 1865751832009427548920907365321162072917283500309320153
+a 9937051644888803031325524114144300859517912378923477935510
+b 6624701096592535354217016076096200573011941585948985290340
+k 6
+nk 84421409121513221644716967251498543569964760150943970280296295496165154657097987617093928595467244393873913569302597521196137376192587250931727762632568620562823714441576400096248911214941742242106512149305076320555351603145285797909942596124862593877499051211952936404822228308154770272833273836975042632765377879565229109013234552083886934379264203243445590336
+hk 24251848326363771171270027814768648115136299306034875585195931346818912374815385257266068811350396365799298585287746735681314613260560203359251331805443378322987677594618057568388400134442772232086258797844238238645130212769322779762522643806720212266304
+coeff0 362345194706722765382504711221797122584657971082977778415831
+coeff1 856577648996637037517940613304411075703495574379408261091623
+coeff2 372728063705230489408480761157081724912117414311754674153886
+nqr 279252656555925299126768437760706333663688384547737180929542
diff --git a/moon-abe/pbc-0.5.14/param/d224.param b/moon-abe/pbc-0.5.14/param/d224.param
new file mode 100644
index 00000000..70ca0836
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/param/d224.param
@@ -0,0 +1,14 @@
+type d
+q 15028799613985034465755506450771565229282832217860390155996483840017
+n 15028799613985034465755506450771561352583254744125520639296541195021
+h 1
+r 15028799613985034465755506450771561352583254744125520639296541195021
+a 1871224163624666631860092489128939059944978347142292177323825642096
+b 9795501723343380547144152006776653149306466138012730640114125605701
+k 6
+nk 11522474695025217370062603013790980334538096429455689114222024912184432319228393204650383661781864806076247259556378350541669994344878430136202714945761488385890619925553457668158504202786580559970945936657636855346713598888067516214634859330554634505767198415857150479345944721710356274047707536156296215573412763735135600953865419000398920292535215757291539307525639675204597938919504807427238735811520
+hk 51014915936684265604900487195256160848193571244274648855332475661658304506316301006112887177277345010864012988127829655449256424871024500368597989462373813062189274150916552689262852603254011248502356041206544262755481779137398040376281542938513970473990787064615734720
+coeff0 11975189258259697166257037825227536931446707944682470951111859446192
+coeff1 13433042200347934827742738095249546804006687562088254057411901362771
+coeff2 8327464521117791238079105175448122006759863625508043495770887411614
+nqr 142721363302176037340346936780070353538541593770301992936740616924
diff --git a/moon-abe/pbc-0.5.14/param/d277699-175-167.param b/moon-abe/pbc-0.5.14/param/d277699-175-167.param
new file mode 100644
index 00000000..4b17cba2
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/param/d277699-175-167.param
@@ -0,0 +1,14 @@
+type d
+q 24994387946177175129042685848468049026804978919305617
+n 24994387946177175129042685690371913886893430450813821
+h 229
+r 109145798891603384842981160219964689462416726859449
+a 598438980536154202688764346450047600409548341922774
+b 2875105607672412900453598974161063211122182087044229
+k 6
+nk 243811978207976466816344961736020867657571589744716369993616160430124878187777534556332968211231348405325558364420372020389334407618390934280171068317414599279780297481622580529528050992634268269363295483561945471307823553023060227602413124921195950792341822316780542925838280447629986129163382236857435952423222720
+hk 20466377960554454661250703981850495382861210804514548253197536030737388862020158040530944627371011675413446234288217324489952533357398143673990515812569649274174108257473718452526832616061894959492351305900495030720
+coeff0 10041240416257104004698194348998922958451952509010108
+coeff1 6606091442536002616272024969858190106364268669962931
+coeff2 12365372508104594162350045194732619146000136006974723
+nqr 4719190100394795070479603407875910135476373878231286
diff --git a/moon-abe/pbc-0.5.14/param/d278027-190-181.param b/moon-abe/pbc-0.5.14/param/d278027-190-181.param
new file mode 100644
index 00000000..618df405
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/param/d278027-190-181.param
@@ -0,0 +1,14 @@
+type d
+q 1025495854338995749571854560267623501674077942914916484097
+n 1025495854338995749571854560299646865868662429911796824033
+h 507
+r 2022674268913206606650600710650191056940162583652459219
+a 494269185205966411737543736898850690664292886001616030226
+b 329512790137310941158362491265900460442861924001077353484
+k 6
+nk 1163063573811270165418238020887346859653395473890436628526146579469835139893592951370316986442274188522240665142315088845208474263130963692231646660745632465067191546037520099467878991038317453245980447223411653285837935397784647413623321732546136850572717414092922159420979113590712309473365852809027797574703469302515439503999924539399090176
+hk 284283435268437561375615427397926034491451593725613267750320269284935326382124567760429621954504595753708251572460518724890352303911035771114654446079537012334942433977914482649786330507074232745179428411947147165283593756194384162816
+coeff0 371147398957045566296469880060929177532640478149373679647
+coeff1 799893859981434553395477926437166938993746654077284825629
+coeff2 487916511441855364478875403860530511399828011671346895561
+nqr 229823540541650681569938894061962046762057059051593485287
diff --git a/moon-abe/pbc-0.5.14/param/e.param b/moon-abe/pbc-0.5.14/param/e.param
new file mode 100644
index 00000000..83aa36cd
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/param/e.param
@@ -0,0 +1,10 @@
+type e
+q 7245986106510086080714203333362098431608853335867425877960916928496629182991629664903654100214900946450053872786629995869445693724001299041657434948257845644905153122838458864000479326695430719258600053239930483226650953770354174712511646273516974069245462534034085895319225452125649979474047163305307830001
+r 730750862221594424981965739670091261094297337857
+h 13569343110918781839835249021482970252603216587988030044836106948825516930173270978617489032334001006615524543925753725725046733884363846960470444404747241287743773746682188521738728797153760275116924829183670000
+a 7130970454025799000067946137594446075551569949583815943390108723282396973737794273397246892274981883807989525599540630855644968426794929215599380425269625872763801485968007136000471718335185787206876242871042697778608875139078711621836858237429403052273312335081163896980825048123655535355411494046493419999
+b 7169309004853894693616698536183663527570664411678352588247044791687141043489072737232715961588288238022010974661903752526911876859197052490952065266265699130144252031591491045333807587788600764557450846327338626261289568016170532652061787582791926724597362401398804563093625182790987016728290050466098223333
+exp2 159
+exp1 135
+sign1 1
+sign0 1
diff --git a/moon-abe/pbc-0.5.14/param/f.param b/moon-abe/pbc-0.5.14/param/f.param
new file mode 100644
index 00000000..9712d2fb
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/param/f.param
@@ -0,0 +1,7 @@
+type f
+q 205523667896953300194896352429254920972540065223
+r 205523667896953300194895899082072403858390252929
+b 40218105156867728698573668525883168222119515413
+beta 115334401956802802075595682801335644058796914268
+alpha0 191079354656274778837764015557338301375963168470
+alpha1 71445317903696340296199556072836940741717506375
diff --git a/moon-abe/pbc-0.5.14/param/g149.param b/moon-abe/pbc-0.5.14/param/g149.param
new file mode 100644
index 00000000..d026d083
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/param/g149.param
@@ -0,0 +1,16 @@
+type g
+q 503189899097385532598615948567975432740967203
+n 503189899097385532598571084778608176410973351
+h 1
+r 503189899097385532598571084778608176410973351
+a 465197998498440909244782433627180757481058321
+b 463074517126110479409374670871346701448503064
+k 10
+nk 1040684643531490707494989587381629956832530311976146077888095795458709511789670022388326295177424065807612879371896982185473788988016190582073591316127396374860265835641044035656044524481121528846249501655527462202999638159773731830375673076317719519977183373353791119388388468745670818193868532404392452816602538968163226713846951514831917487400267590451867746120591750902040267826351982737642689423713163967384383105678367875981348397359466338807
+hk 4110127713690841149713310614420858884651261781185442551927080083178682965171097172366598236129731931693425629387502221804555636704708008882811353539555915064049685663790355716130262332064327767695339422323460458479884756000782939428852120522712008037615051139080628734566850259704397643028017435446110322024094259858170303605703280329322675124728639532674407
+coeff0 67343110967802947677845897216565803152319250
+coeff1 115936772834120270862756636148166314916823221
+coeff2 87387877425076080433559927080662339215696505
+coeff3 433223145899090928132052677121692683015058909
+coeff4 405367866213598664862417230702935310328613596
+nqr 22204504160560785687198080413579021865783099
diff --git a/moon-abe/pbc-0.5.14/param/i.param b/moon-abe/pbc-0.5.14/param/i.param
new file mode 100644
index 00000000..f8db1e2e
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/param/i.param
@@ -0,0 +1,5 @@
+type i
+m 97
+t 12
+n 2726865189058261010774960798134976187171462721
+n2 7
diff --git a/moon-abe/pbc-0.5.14/pbc/bilinear.test b/moon-abe/pbc-0.5.14/pbc/bilinear.test
new file mode 100644
index 00000000..956c792e
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/pbc/bilinear.test
@@ -0,0 +1,50 @@
+define test_element_order(group) {
+ a := random(group);
+ o := order(group);
+ b := a^o;
+ CHECK(b == group(0));
+}
+
+define test_group_order() {
+ CHECK(order(G1) == order(G2));
+ CHECK(order(G2) == order(GT));
+ a := pairing(random(G1), random(G2));
+ o := order(GT);
+ b := a^o;
+ CHECK(b == GT(0));
+}
+
+define test_pairing_with_zero() {
+ CHECK(GT(0) == GT(1));
+ CHECK(pairing(G1(0), random(G2)) == GT(0));
+ CHECK(pairing(random(G1), G2(0)) == GT(0));
+ CHECK(pairing(G1(0), G2(0)) == GT(0));
+}
+
+define test_bilinear() {
+ a1 := random(G1);
+ b1 := random(G2);
+ x := random(Zr);
+ y := random(Zr);
+ CHECK(pairing(a1^x, b1) == pairing(a1, b1^x));
+ CHECK(pairing(a1^x, b1) == pairing(a1, b1)^x);
+ CHECK(pairing(a1, b1^x) == pairing(a1, b1)^x);
+ CHECK(pairing(a1^x, b1^y) == pairing(a1, b1)^(x*y));
+}
+
+define test(initfn) {
+ initfn();
+ test_element_order(G1);
+ test_element_order(G2);
+ test_element_order(GT);
+ test_group_order();
+ test_pairing_with_zero();
+ test_bilinear();
+}
+
+test(init_pairing_a);
+test(init_pairing_d);
+test(init_pairing_e);
+test(init_pairing_f);
+test(init_pairing_g);
+test(init_pairing_i);
diff --git a/moon-abe/pbc-0.5.14/pbc/g2_test.pbc b/moon-abe/pbc-0.5.14/pbc/g2_test.pbc
new file mode 100644
index 00000000..892660f9
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/pbc/g2_test.pbc
@@ -0,0 +1,37 @@
+# Exercises a bug found by Zhang Ye.
+
+define test_cmp_0(initfn) {
+ initfn();
+ CHECK(random(G2) != G2(0));
+ CHECK(G2(0) != random(G2));
+ CHECK(G2(0) == G2(0));
+ CHECK(random(G1) != G1(0));
+ CHECK(G1(0) != random(G1));
+ CHECK(G1(0) == G1(0));
+}
+
+test_cmp_0(init_pairing_a);
+test_cmp_0(init_pairing_d);
+test_cmp_0(init_pairing_e);
+test_cmp_0(init_pairing_f);
+test_cmp_0(init_pairing_g);
+test_cmp_0(init_pairing_i);
+
+# Exercises a bug found by Mario Di Raimondo.
+
+define test_g2_cmp(initfn) {
+ initfn();
+ a := rnd(G2);
+ m := rnd(Zr);
+ n := rnd(Zr);
+ CHECK((a^m)^n == a^(m*n));
+ CHECK(a != a^m);
+ CHECK(a != a^n);
+}
+
+test_g2_cmp(init_pairing_a);
+test_g2_cmp(init_pairing_d);
+test_g2_cmp(init_pairing_e);
+test_g2_cmp(init_pairing_f);
+test_g2_cmp(init_pairing_g);
+test_g2_cmp(init_pairing_i);
diff --git a/moon-abe/pbc-0.5.14/pbc/oldpbc.c b/moon-abe/pbc-0.5.14/pbc/oldpbc.c
new file mode 100644
index 00000000..525fe8f2
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/pbc/oldpbc.c
@@ -0,0 +1,1221 @@
+// Pairing-Based Calculator.
+// Mainly for demonstration purposes.
+//
+// It's times like these I wish C had garbage collection.
+
+#include <string.h>
+#include <ctype.h>
+#include <stdarg.h>
+#include <unistd.h> //for getopt
+#include "pbc.h"
+#include "pbc_z.h"
+#include "pbc_fp.h"
+
+#include "misc/darray.h"
+#include "misc/symtab.h"
+
+char *pbc_getline(const char *);
+
+enum {
+ t_none = 0,
+ t_id,
+ t_int,
+ t_string,
+ t_comma,
+ t_lparen,
+ t_rparen,
+ t_add,
+ t_sub,
+ t_mul,
+ t_div,
+ t_set,
+ t_pow,
+ t_unk,
+ t_function,
+ t_pairing,
+ t_element,
+ t_field,
+ t_err,
+};
+
+enum {
+ pe_expect_factor = 100,
+ pe_expect_rparen,
+ pe_arglist,
+ re_varnotfound = 200,
+ re_badlvalue,
+ re_funnotfound,
+ re_unimplemented,
+ re_badargcount,
+ re_badarg,
+ re_fieldmismatch,
+};
+
+static int option_echo = 0;
+
+static field_t Z;
+
+static int tok_type;
+//TODO: dynamic allocation:
+static char word[1024];
+
+struct id_s {
+ char *data;
+ int alloc;
+};
+typedef struct id_s *id_ptr;
+
+id_ptr id_new(char *id) {
+ id_ptr res = pbc_malloc(sizeof(struct id_s));
+ res->alloc = strlen(id) + 1;
+ res->data = pbc_malloc(res->alloc);
+ strcpy(res->data, id);
+ return res;
+}
+
+void id_delete(id_ptr id) {
+ pbc_free(id->data);
+ pbc_free(id);
+}
+
+struct tree_s {
+ int type;
+ void *data;
+ darray_t child;
+};
+typedef struct tree_s *tree_ptr;
+
+tree_ptr tree_new(int type, void *data) {
+ tree_ptr res = pbc_malloc(sizeof(struct tree_s));
+ res->type = type;
+ res->data = data;
+ darray_init(res->child);
+ return res;
+}
+
+static void delete_child(void *p) {
+ tree_delete(p);
+}
+
+void tree_delete(tree_ptr t) {
+ darray_forall(t->child, delete_child);
+ darray_clear(t->child);
+ switch(t->type) {
+ case t_id:
+ case t_string:
+ case t_function:
+ case t_int:
+ id_delete(t->data);
+ break;
+ }
+ pbc_free(t);
+}
+
+static char *currentline;
+static char *lexcp;
+
+
+static void lex(void) {
+ char c;
+ if (!lexcp) {
+ tok_type = t_none;
+ return;
+ }
+ c = *lexcp++;
+ skipwhitespace:
+ for (;;) {
+ if (!strchr(" \t\r\n", c)) break;
+ if (!c) {
+ tok_type = t_none;
+ return;
+ }
+ c = *lexcp++;
+ }
+
+ //comments start with '#' and end at a newline
+ if (c == '#') {
+ for (;;) {
+ c = *lexcp++;
+ if (!c) {
+ tok_type = t_none;
+ return;
+ }
+ if (c == '\n') break;
+ }
+ goto skipwhitespace;
+ }
+
+ //strings
+ if (c == '"') {
+ tok_type = t_string;
+ int i = 0;
+ for (;;) {
+ c = *lexcp++;
+ if (!c) {
+ //string continues on next line
+ word[i++] = '\n';
+ pbc_free(currentline);
+ currentline = pbc_getline(NULL);
+ if (!currentline) break;
+ if (option_echo) puts(currentline);
+ lexcp = currentline;
+ c = *lexcp++;
+ }
+ if (c == '"') {
+ break;
+ }
+ word[i++] = c;
+ }
+ word[i] = '\0';
+ return;
+ }
+
+ if (isdigit(c)) {
+ tok_type = t_int;
+ word[0] = c;
+
+ int i = 1;
+ for (;;) {
+ c = *lexcp++;
+ if (isdigit(c)) {
+ word[i++] = c;
+ } else {
+ word[i] = '\0';
+ lexcp--;
+ break;
+ }
+ }
+ return;
+ }
+
+ if (isalpha(c) || c == '_') {
+ tok_type = t_id;
+ word[0] = c;
+
+ int i = 1;
+ for (;;) {
+ c = *lexcp++;
+ if (isalnum(c) || c == '_') {
+ word[i++] = c;
+ } else {
+ word[i] = '\0';
+ lexcp--;
+ break;
+ }
+ }
+ return;
+ }
+
+ switch(c) {
+ case ',':
+ tok_type = t_comma;
+ break;
+ case '=':
+ tok_type = t_set;
+ break;
+ case '^':
+ tok_type = t_pow;
+ break;
+ case '*':
+ tok_type = t_mul;
+ break;
+ case '/':
+ tok_type = t_div;
+ break;
+ case '+':
+ tok_type = t_add;
+ break;
+ case '-':
+ tok_type = t_sub;
+ break;
+ case '(':
+ tok_type = t_lparen;
+ break;
+ case ')':
+ tok_type = t_rparen;
+ break;
+ default:
+ tok_type = t_unk;
+ break;
+ }
+}
+
+static int lastparseerror;
+static void setparseerror(int i) {
+ lastparseerror = i;
+}
+
+static tree_ptr parsesetexpr(void);
+
+static tree_ptr parseexprlist(tree_ptr t) {
+ tree_ptr c;
+ lex(); // expect lparen
+ if (tok_type == t_rparen) {
+ lex();
+ return t;
+ }
+ c = parsesetexpr();
+ if (!c) return NULL;
+ darray_append(t->child, c);
+ for (;;) {
+ if (tok_type == t_rparen) {
+ lex();
+ return t;
+ }
+ if (tok_type != t_comma) {
+ setparseerror(pe_arglist);
+ return NULL;
+ }
+ lex(); //expect comma
+ c = parsesetexpr();
+ if (!c) return NULL;
+ darray_append(t->child, c);
+ }
+}
+
+static tree_ptr parseprimitive(void) {
+ tree_ptr t;
+ switch(tok_type) {
+ id_ptr id;
+ case t_id:
+ id = id_new(word);
+ lex();
+ if (tok_type == t_lparen) {
+ if (parseexprlist(t = tree_new(t_function, id))) {
+ return t;
+ }
+ tree_delete(t);
+ return NULL;
+ } else {
+ return tree_new(t_id, id);
+ }
+ case t_string:
+ lex();
+ return tree_new(t_string, id_new(word));
+ case t_lparen:
+ lex();
+ t = parsesetexpr();
+ if (!t) return NULL;
+ if (tok_type != t_rparen) {
+ tree_delete(t);
+ setparseerror(pe_expect_rparen);
+ return NULL;
+ }
+ lex();
+ return t;
+ case t_int:
+ id = id_new(word);
+ lex();
+ return tree_new(t_int, id);
+ default:
+ setparseerror(pe_expect_factor);
+ return NULL;
+ }
+}
+
+static tree_ptr parsepow(void) {
+ tree_ptr t1;
+ t1 = parseprimitive();
+ if (tok_type == t_pow) {
+ tree_ptr t2, res;
+ lex();
+ t2 = parseprimitive();
+ if (!t2) {
+ tree_delete(t1);
+ return NULL;
+ }
+ res = tree_new(t_function, id_new("pow"));
+ darray_append(res->child, t1);
+ darray_append(res->child, t2);
+ return res;
+ }
+ return t1;
+}
+
+static tree_ptr parsefactor(void) {
+ tree_ptr t;
+ if (tok_type == t_sub) {
+ lex();
+ t = parsefactor();
+ if (!t) return NULL;
+ tree_ptr t1 = tree_new(t_function, id_new("neg"));
+ darray_append(t1->child, t);
+ return t1;
+ }
+
+ t = parsepow();
+ return t;
+}
+
+static tree_ptr parseterm(void) {
+ tree_ptr t1, t2, res;
+ res = parsefactor();
+ if (!res) return NULL;
+ for (;;) {
+ switch(tok_type) {
+ case t_mul:
+ lex();
+ t2 = parsefactor();
+ if (!t2) {
+ tree_delete(res);
+ return NULL;
+ }
+ t1 = tree_new(t_function, id_new("mul"));
+ darray_append(t1->child, res);
+ darray_append(t1->child, t2);
+ res = t1;
+ break;
+ case t_div:
+ lex();
+ t2 = parsefactor();
+ if (!t2) {
+ tree_delete(res);
+ return NULL;
+ }
+ t1 = tree_new(t_function, id_new("div"));
+ darray_append(t1->child, res);
+ darray_append(t1->child, t2);
+ res = t1;
+ break;
+ default:
+ return res;
+ }
+ }
+}
+
+static tree_ptr parseexpr(void) {
+ tree_ptr t1, t2, res;
+ res = parseterm();
+ if (!res) {
+ return NULL;
+ }
+ for (;;) {
+ switch(tok_type) {
+ case t_add:
+ lex();
+ t2 = parseterm();
+ if (!t2) {
+ tree_delete(res);
+ return NULL;
+ }
+ //t1 = tree_new(t_add, NULL);
+ t1 = tree_new(t_function, id_new("add"));
+ darray_append(t1->child, res);
+ darray_append(t1->child, t2);
+ res = t1;
+ break;
+ case t_sub:
+ lex();
+ t2 = parseterm();
+ if (!t2) {
+ tree_delete(res);
+ return NULL;
+ }
+ //t1 = tree_new(t_sub, NULL);
+ t1 = tree_new(t_function, id_new("sub"));
+ darray_append(t1->child, res);
+ darray_append(t1->child, t2);
+ res = t1;
+ break;
+ default:
+ return res;
+ }
+ }
+}
+
+static tree_ptr parsesetexpr(void) {
+ tree_ptr t1, t2, res;
+ t1 = parseexpr();
+ if (!t1) return NULL;
+ if (tok_type == t_set) {
+ lex();
+ t2 = parsesetexpr();
+ if (!t2) {
+ tree_delete(t1);
+ return NULL;
+ }
+ res = tree_new(t_set, NULL);
+ darray_append(res->child, t1);
+ darray_append(res->child, t2);
+ return res;
+ }
+ return t1;
+}
+
+static void print_tree(tree_ptr t) {
+ id_ptr id;
+ int i;
+ if (!t) {
+ printf("NULL");
+ return;
+ }
+ switch (t->type) {
+ case t_set:
+ print_tree(t->child->item[0]);
+ printf(" = ");
+ print_tree(t->child->item[1]);
+ break;
+ case t_id:
+ id = t->data;
+ printf("%s", id->data);
+ break;
+ case t_function:
+ id = t->data;
+ printf("%s(", id->data);
+ for (i=0; i<t->child->count; i++) {
+ print_tree(t->child->item[i]);
+ if (i < t->child->count - 1) printf(", ");
+ }
+ printf(")");
+ break;
+ default:
+ printf("?!?");
+ break;
+ }
+}
+
+static symtab_t var;
+static symtab_t builtin;
+
+struct val_s {
+ int type;
+ void *data;
+};
+typedef struct val_s *val_ptr;
+
+static int lastruntimeerror;
+static val_ptr newruntimeerror(int i) {
+ val_ptr res = pbc_malloc(sizeof(struct val_s));
+ lastruntimeerror = i;
+ res->type = t_err;
+ res->data = int_to_voidp(i);
+ return res;
+}
+
+val_ptr val_new(int type, void *data) {
+ val_ptr res = pbc_malloc(sizeof(struct val_s));
+ res->type = type;
+ res->data = data;
+ return res;
+}
+
+static void val_print(val_ptr v) {
+ pairing_ptr pairing;
+ field_ptr field;
+ element_ptr e;
+ switch (v->type) {
+ case t_element:
+ e = v->data;
+ element_out_str(stdout, 0, e);
+ printf("\n");
+ break;
+ case t_pairing:
+ pairing = v->data;
+ printf("pairing: G1bits=%d G2bits=%d GTbits=%d\n",
+ pairing_length_in_bytes_x_only_G1(pairing) * 8,
+ pairing_length_in_bytes_x_only_G2(pairing) * 8,
+ pairing_length_in_bytes_GT(pairing) * 8);
+ break;
+ case t_field:
+ field = v->data;
+ field_out_info(stdout, field);
+ break;
+ case t_string:
+ printf("%s", (char *) v->data);
+ break;
+ default:
+ printf("val type %d unknown\n", v->type);
+ break;
+ }
+}
+
+val_ptr val_copy(val_ptr v) {
+ val_ptr res = pbc_malloc(sizeof(struct val_s));
+ res->type = v->type;
+ if (v->type == t_element) {
+ //current policy: always clear elements, always copy elements
+ res->data = pbc_malloc(sizeof(element_t));
+ element_ptr e = v->data;
+ element_init(res->data, e->field);
+ element_set(res->data, e);
+ } else if (v->type == t_string) {
+ res->data = pbc_strdup(v->data);
+ } else {
+ res->data = v->data;
+ }
+
+ return res;
+}
+
+void val_delete(val_ptr v) {
+ switch(v->type) {
+ case t_element:
+ //current policy: always clear elements, always copy elements
+ element_clear(v->data);
+ pbc_free(v->data);
+ break;
+ case t_string:
+ pbc_free(v->data);
+ break;
+ case t_err:
+ break;
+ case t_pairing:
+ break;
+ case t_field:
+ break;
+ default:
+ printf("val_delete: case %d not handled: memory leak\n", v->type);
+ break;
+ }
+ pbc_free(v);
+}
+
+struct fun_s {
+ val_ptr (*f)(darray_ptr);
+ int arity;
+ int type[32]; //TODO: replace with darray? who needs more than 32 args?
+};
+
+typedef val_ptr (*fun)(darray_ptr);
+
+static val_ptr check_arg(darray_ptr arg, int n, ...) {
+ va_list ap;
+ int i;
+ val_ptr res = NULL;
+
+ va_start(ap, n);
+ if (arg->count != n) {
+ printf("expect %d argument(s)\n", n);
+ res = newruntimeerror(re_badargcount);
+ } else for (i=0; i<n; i++) {
+ int t = va_arg(ap, int);
+ val_ptr vp = arg->item[i];
+ if (vp->type != t) {
+ printf("arg not type %d\n", t);
+ return newruntimeerror(re_badarg);
+ break;
+ }
+ }
+
+ va_end(ap);
+ return res;
+}
+
+static val_ptr f_pairing_get_group(
+ field_ptr (*get_group)(pairing_ptr p), darray_ptr arg) {
+ val_ptr res;
+ res = check_arg(arg, 1, t_pairing);
+ if (res) return res;
+ val_ptr a0 = arg->item[0];
+ pairing_ptr pairing = a0->data;
+ res = val_new(t_field, get_group(pairing));
+ return res;
+}
+
+static val_ptr f_pairing_G1(darray_ptr arg) {
+ field_ptr getG1(pairing_ptr p) { return p->G1; }
+ return f_pairing_get_group(getG1, arg);
+}
+
+static val_ptr f_pairing_G2(darray_ptr arg) {
+ field_ptr getG2(pairing_ptr p) { return p->G2; }
+ return f_pairing_get_group(getG2, arg);
+}
+
+static val_ptr f_pairing_GT(darray_ptr arg) {
+ field_ptr getGT(pairing_ptr p) { return p->GT; }
+ return f_pairing_get_group(getGT, arg);
+}
+
+static val_ptr f_pairing_Zr(darray_ptr arg) {
+ field_ptr getZr(pairing_ptr p) { return p->Zr; }
+ return f_pairing_get_group(getZr, arg);
+}
+
+static val_ptr f_random(darray_ptr arg) {
+ val_ptr res;
+ res = check_arg(arg, 1, t_field);
+ if (res) return res;
+ val_ptr a0 = arg->item[0];
+ field_ptr f = a0->data;
+ element_ptr e = pbc_malloc(sizeof(element_t));
+ element_init(e, f);
+ element_random(e);
+ res = val_new(t_element, e);
+ return res;
+}
+
+static val_ptr f_order(darray_ptr arg) {
+ val_ptr res;
+ res = check_arg(arg, 1, t_field);
+ if (res) return res;
+ val_ptr a0 = arg->item[0];
+ field_ptr f = a0->data;
+
+ element_ptr e = pbc_malloc(sizeof(element_t));
+ element_init(e, Z);
+ element_set_mpz(e, f->order);
+ res = val_new(t_element, e);
+ return res;
+}
+
+static val_ptr f_unary(
+ void (*unary)(element_ptr, element_ptr), darray_ptr arg) {
+ val_ptr res;
+ res = check_arg(arg, 1, t_element);
+ if (res) return res;
+ val_ptr a0 = arg->item[0];
+ element_ptr e0 = a0->data;
+ element_ptr e = pbc_malloc(sizeof(element_t));
+ element_init(e, e0->field);
+ unary(e, e0);
+ res = val_new(t_element, e);
+ return res;
+}
+
+static val_ptr f_bin_op(
+ void (*binop)(element_ptr, element_ptr, element_ptr),
+ darray_ptr arg) {
+ val_ptr res;
+ res = check_arg(arg, 2, t_element, t_element);
+ if (res) return res;
+ val_ptr a0 = arg->item[0];
+ val_ptr a1 = arg->item[1];
+ element_ptr e0 = a0->data;
+ element_ptr e1 = a1->data;
+ if (e0->field != e1->field) {
+ printf("field mismatch!\n");
+ return newruntimeerror(re_fieldmismatch);
+ }
+ element_ptr e = pbc_malloc(sizeof(element_t));
+ element_init(e, e0->field);
+ binop(e, e0, e1);
+ res = val_new(t_element, e);
+ return res;
+}
+
+
+static val_ptr f_add(darray_ptr arg) {
+ return f_bin_op(element_add, arg);
+}
+
+static val_ptr f_mul(darray_ptr arg) {
+ return f_bin_op(element_mul, arg);
+}
+
+static val_ptr f_sub(darray_ptr arg) {
+ return f_bin_op(element_sub, arg);
+}
+
+static val_ptr f_div(darray_ptr arg) {
+ return f_bin_op(element_div, arg);
+}
+
+static val_ptr f_inv(darray_ptr arg) {
+ return f_unary(element_invert, arg);
+}
+
+static val_ptr f_neg(darray_ptr arg) {
+ return f_unary(element_neg, arg);
+}
+
+static val_ptr f_pow(darray_ptr arg) {
+ val_ptr res;
+ res = check_arg(arg, 2, t_element, t_element);
+ if (res) return res;
+ val_ptr a0 = arg->item[0];
+ val_ptr a1 = arg->item[1];
+ element_ptr e0 = a0->data;
+ element_ptr e1 = a1->data;
+ element_ptr e = pbc_malloc(sizeof(element_t));
+ mpz_t z;
+ mpz_init(z);
+ element_to_mpz(z, e1);
+ element_init(e, e0->field);
+ element_pow_mpz(e, e0, z);
+ res = val_new(t_element, e);
+ mpz_clear(z);
+ return res;
+}
+
+static pairing_ptr current_pairing;
+static val_ptr f_pairing(darray_ptr arg) {
+ val_ptr res;
+ if (arg->count != 2) {
+ printf("expect two arguments\n");
+ return newruntimeerror(re_badargcount);
+ }
+ val_ptr a0 = arg->item[0];
+ val_ptr a1 = arg->item[1];
+ if (a0->type != t_element) {
+ printf("arg 1 not element!\n");
+ return newruntimeerror(re_badarg);
+ }
+ if (a1->type != t_element) {
+ printf("arg 2 not element!\n");
+ return newruntimeerror(re_badarg);
+ }
+ pairing_ptr p;
+ element_ptr e0 = a0->data;
+ element_ptr e1 = a1->data;
+ p = e0->field->pairing;
+ if (e0->field != p->G1) {
+ printf("arg 1 not from G1!\n");
+ return newruntimeerror(re_badarg);
+ }
+ if (e1->field != p->G2) {
+ printf("arg 2 not from G2!\n");
+ return newruntimeerror(re_badarg);
+ }
+ element_ptr e = pbc_malloc(sizeof(element_t));
+ element_init(e, p->GT);
+ pairing_apply(e, e0, e1, p);
+ res = val_new(t_element, e);
+ return res;
+}
+
+static val_ptr execute_tree(tree_ptr t) {
+ darray_t arg;
+ id_ptr id;
+ fun fn;
+ int i;
+ val_ptr res, v;
+ tree_ptr t1, t2;
+
+ switch (t->type) {
+ case t_id:
+ id = t->data;
+ v = symtab_at(var, id->data);
+ if (!v) {
+ return newruntimeerror(re_varnotfound);
+ }
+ return val_copy(v);
+ case t_set:
+ t1 = t->child->item[0];
+ if (t1->type != t_id) {
+ return newruntimeerror(re_badlvalue);
+ }
+ t2 = t->child->item[1];
+ v = execute_tree(t2);
+ if (v->type == t_err) return v;
+ id = t1->data;
+ // clear what's there first
+ if ((res = symtab_at(var, id->data))) {
+ val_delete(res);
+ }
+ symtab_put(var, v, id->data);
+ v = symtab_at(var, id->data);
+ return val_copy(v);
+ case t_function:
+ id = t->data;
+ fn = symtab_at(builtin, id->data);
+ if (!fn) {
+ return newruntimeerror(re_funnotfound);
+ }
+ darray_init(arg);
+ for (i=0; i<t->child->count; i++) {
+ v = execute_tree(t->child->item[i]);
+ if (v->type == t_err) {
+ darray_forall(arg, (void (*)(void *)) val_delete);
+ return v;
+ }
+ darray_append(arg, v);
+ }
+ res = fn(arg);
+ for (i=0; i<arg->count; i++) {
+ val_delete(arg->item[i]);
+ }
+ darray_clear(arg);
+ return res;
+ case t_int:
+ id = t->data;
+ char *cp;
+ mpz_t z;
+ mpz_init(z);
+ for (cp = id->data; *cp; cp++) {
+ mpz_mul_ui(z, z, 10);
+ mpz_add_ui(z, z, *cp - '0');
+ }
+ element_ptr e = pbc_malloc(sizeof(element_t));
+ element_init(e, Z);
+ element_set_mpz(e, z);
+ mpz_clear(z);
+ return val_new(t_element, e);
+ case t_string:
+ id = t->data;
+ return val_new(t_string, pbc_strdup(id->data));
+ default:
+ return newruntimeerror(re_unimplemented);
+ }
+}
+
+static void parseline(void) {
+ val_ptr v;
+
+ tree_ptr t;
+ lex();
+ if (tok_type == t_none) return;
+ t = parsesetexpr();
+ if (0) {
+ print_tree(t);
+ printf("\n");
+ }
+ if (t) {
+ v = execute_tree(t);
+ if (v) {
+ if (v->type == t_err) {
+ printf("runtime error (error code = %d)\n", lastruntimeerror);
+ } else {
+ if (t->type != t_set) val_print(v);
+ }
+ val_delete(v);
+ }
+ tree_delete(t);
+ } else {
+ printf("parse error (error code = %d)\n", lastparseerror);
+ }
+}
+
+static char *aparam =
+"type a\n"
+"q 8780710799663312522437781984754049815806883199414208211028653399266475630880222957078625179422662221423155858769582317459277713367317481324925129998224791\n"
+"h 12016012264891146079388821366740534204802954401251311822919615131047207289359704531102844802183906537786776\n"
+"r 730750818665451621361119245571504901405976559617\n"
+"exp2 159\n"
+"exp1 107\n"
+"sign1 1\n"
+"sign0 1\n";
+
+static char *dparam =
+"type d\n"
+"q 625852803282871856053922297323874661378036491717\n"
+"n 625852803282871856053923088432465995634661283063\n"
+"h 3\n"
+"r 208617601094290618684641029477488665211553761021\n"
+"a 581595782028432961150765424293919699975513269268\n"
+"b 517921465817243828776542439081147840953753552322\n"
+"k 6\n"
+"nk 60094290356408407130984161127310078516360031868417968262992864809623507269833854678414046779817844853757026858774966331434198257512457993293271849043664655146443229029069463392046837830267994222789160047337432075266619082657640364986415435746294498140589844832666082434658532589211525696\n"
+"hk 1380801711862212484403205699005242141541629761433899149236405232528956996854655261075303661691995273080620762287276051361446528504633283152278831183711301329765591450680250000592437612973269056\n"
+"coeff0 472731500571015189154958232321864199355792223347\n"
+"coeff1 352243926696145937581894994871017455453604730246\n"
+"coeff2 289113341693870057212775990719504267185772707305\n"
+"nqr 431211441436589568382088865288592347194866189652\n";
+
+static char *eparam =
+"type e\n"
+"q 7245986106510086080714203333362098431608853335867425877960916928496629182991629664903654100214900946450053872786629995869445693724001299041657434948257845644905153122838458864000479326695430719258600053239930483226650953770354174712511646273516974069245462534034085895319225452125649979474047163305307830001\n"
+"r 730750862221594424981965739670091261094297337857\n"
+"h 13569343110918781839835249021482970252603216587988030044836106948825516930173270978617489032334001006615524543925753725725046733884363846960470444404747241287743773746682188521738728797153760275116924829183670000\n"
+"a 7130970454025799000067946137594446075551569949583815943390108723282396973737794273397246892274981883807989525599540630855644968426794929215599380425269625872763801485968007136000471718335185787206876242871042697778608875139078711621836858237429403052273312335081163896980825048123655535355411494046493419999\n"
+"b 7169309004853894693616698536183663527570664411678352588247044791687141043489072737232715961588288238022010974661903752526911876859197052490952065266265699130144252031591491045333807587788600764557450846327338626261289568016170532652061787582791926724597362401398804563093625182790987016728290050466098223333\n"
+"exp2 159\n"
+"exp1 135\n"
+"sign1 1\n"
+"sign0 1\n";
+
+static char *fparam =
+"type f\n"
+"q 205523667896953300194896352429254920972540065223\n"
+"r 205523667896953300194895899082072403858390252929\n"
+"b 40218105156867728698573668525883168222119515413\n"
+"beta 115334401956802802075595682801335644058796914268\n"
+"alpha0 191079354656274778837764015557338301375963168470\n"
+"alpha1 71445317903696340296199556072836940741717506375\n";
+
+static char *gparam =
+"type g\n"
+"q 503189899097385532598615948567975432740967203\n"
+"n 503189899097385532598571084778608176410973351\n"
+"h 1\n"
+"r 503189899097385532598571084778608176410973351\n"
+"a 465197998498440909244782433627180757481058321\n"
+"b 463074517126110479409374670871346701448503064\n"
+"k 10\n"
+"nk 1040684643531490707494989587381629956832530311976146077888095795458709511789670022388326295177424065807612879371896982185473788988016190582073591316127396374860265835641044035656044524481121528846249501655527462202999638159773731830375673076317719519977183373353791119388388468745670818193868532404392452816602538968163226713846951514831917487400267590451867746120591750902040267826351982737642689423713163967384383105678367875981348397359466338807\n"
+"hk 4110127713690841149713310614420858884651261781185442551927080083178682965171097172366598236129731931693425629387502221804555636704708008882811353539555915064049685663790355716130262332064327767695339422323460458479884756000782939428852120522712008037615051139080628734566850259704397643028017435446110322024094259858170303605703280329322675124728639532674407\n"
+"coeff0 67343110967802947677845897216565803152319250\n"
+"coeff1 115936772834120270862756636148166314916823221\n"
+"coeff2 87387877425076080433559927080662339215696505\n"
+"coeff3 433223145899090928132052677121692683015058909\n"
+"coeff4 405367866213598664862417230702935310328613596\n"
+"nqr 22204504160560785687198080413579021865783099\n";
+
+static pairing_t pairing_A, pairing_D, pairing_E, pairing_F, pairing_G;
+
+static void set_pairing_groups(pairing_ptr p) {
+ symtab_put(var, val_new(t_field, p->G1), "G1");
+ symtab_put(var, val_new(t_field, p->G2), "G2");
+ symtab_put(var, val_new(t_field, p->GT), "GT");
+ symtab_put(var, val_new(t_field, p->Zr), "Zr");
+ symtab_put(var, val_new(t_pairing, p), "current_pairing");
+ current_pairing = p;
+}
+
+static val_ptr f_init_pairing(darray_ptr arg) {
+ val_ptr res;
+
+ res = check_arg(arg, 1, t_pairing);
+ if (res) return res;
+
+ val_ptr a0 = arg->item[0];
+ pairing_ptr p = a0->data;
+ set_pairing_groups(p);
+ return NULL;
+}
+
+static val_ptr f_nextprime(darray_ptr arg) {
+ mpz_t p;
+ val_ptr res;
+
+ res = check_arg(arg, 1, t_element);
+ if (res) return res;
+ val_ptr a0 = arg->item[0];
+ element_ptr e0 = a0->data;
+ if (e0->field != Z) {
+ printf("arg not integer!\n");
+ return newruntimeerror(re_badarg);
+ }
+ element_ptr e = pbc_malloc(sizeof(element_t));
+ element_init(e, Z);
+ mpz_init(p);
+ element_to_mpz(p, e0);
+ mpz_nextprime(p, p);
+ element_set_mpz(e, p);
+ res = val_new(t_element, e);
+ mpz_clear(p);
+ return res;
+}
+
+static val_ptr f_brute_force_dlog(darray_ptr arg) {
+ val_ptr res;
+ res = check_arg(arg, 2, t_element, t_element);
+ if (res) return res;
+ val_ptr a0 = arg->item[0];
+ val_ptr a1 = arg->item[1];
+ element_ptr e0 = a0->data;
+ element_ptr e1 = a1->data;
+ if (e0->field != e1->field) {
+ printf("arg field mismatch!\n");
+ return newruntimeerror(re_badarg);
+ }
+ element_ptr e = pbc_malloc(sizeof(element_t));
+ element_init(e, Z);
+ element_dlog_brute_force(e, e0, e1);
+ res = val_new(t_element, e);
+ return res;
+}
+static val_ptr f_pollard_rho(darray_ptr arg) {
+ val_ptr res;
+ res = check_arg(arg, 3, t_element, t_element, t_field);
+ if (res) return res;
+ val_ptr a0 = arg->item[0];
+ val_ptr a1 = arg->item[1];
+ val_ptr a2 = arg->item[2];
+ element_ptr e0 = a0->data;
+ element_ptr e1 = a1->data;
+ if (e0->field != e1->field) {
+ printf("arg field mismatch!\n");
+ return newruntimeerror(re_badarg);
+ }
+ field_ptr f = a2->data;
+ element_ptr e = pbc_malloc(sizeof(element_t));
+ element_init(e, f);
+ element_dlog_pollard_rho(e, e0, e1);
+ res = val_new(t_element, e);
+ return res;
+}
+
+static val_ptr f_zz(darray_ptr arg) {
+ mpz_t p;
+ val_ptr res;
+ res = check_arg(arg, 1, t_element);
+ if (res) return res;
+ val_ptr a0 = arg->item[0];
+ element_ptr e0 = a0->data;
+ if (e0->field != Z) {
+ printf("arg not integer!\n");
+ return newruntimeerror(re_badarg);
+ }
+ field_ptr f = pbc_malloc(sizeof(field_t));
+ mpz_init(p);
+ element_to_mpz(p, e0);
+ field_init_fp(f, p);
+ res = val_new(t_field, f);
+ mpz_clear(p);
+ return res;
+}
+
+static val_ptr f_gen_A(darray_ptr arg) {
+ mpz_t rbits, qbits;
+ pairing_ptr p;
+ val_ptr res;
+ res = check_arg(arg, 2, t_element, t_element);
+ if (res) return res;
+ val_ptr a0 = arg->item[0];
+ val_ptr a1 = arg->item[1];
+ element_ptr e0 = a0->data;
+ if (e0->field != Z) {
+ printf("arg not integer!\n");
+ return newruntimeerror(re_badarg);
+ }
+ element_ptr e1 = a1->data;
+ if (e1->field != Z) {
+ printf("arg not integer!\n");
+ return newruntimeerror(re_badarg);
+ }
+ mpz_init(rbits);
+ mpz_init(qbits);
+ element_to_mpz(rbits, e0);
+ element_to_mpz(qbits, e1);
+ //TODO: check rbits and qbits aren't too big
+ pbc_param_t param;
+ pbc_param_init_a_gen(param, mpz_get_ui(rbits), mpz_get_ui(qbits));
+ p = pbc_malloc(sizeof(pairing_t));
+ pairing_init_pbc_param(p, param);
+ res = val_new(t_pairing, p);
+ mpz_clear(rbits);
+ mpz_clear(qbits);
+ pbc_param_clear(param);
+ return res;
+}
+
+static val_ptr f_fromZZ(darray_ptr arg) {
+ val_ptr res;
+ res = check_arg(arg, 2, t_element, t_field);
+ if (res) return res;
+ val_ptr a0 = arg->item[0];
+ val_ptr a1 = arg->item[1];
+ element_ptr e = a0->data;
+ field_ptr f = a1->data;
+ if (e->field != Z) {
+ printf("arg not integer!\n");
+ return newruntimeerror(re_badarg);
+ }
+ element_ptr e1 = pbc_malloc(sizeof(element_t));
+ element_init(e1, f);
+ element_set_mpz(e1, e->data);
+ res = val_new(t_element, e1);
+ return res;
+}
+
+static val_ptr f_fromstr(darray_ptr arg) {
+ val_ptr res;
+ res = check_arg(arg, 2, t_string, t_field);
+ if (res) return res;
+ val_ptr a0 = arg->item[0];
+ val_ptr a1 = arg->item[1];
+ field_ptr f = a1->data;
+ element_ptr e1 = pbc_malloc(sizeof(element_t));
+ element_init(e1, f);
+ element_set_str(e1, a0->data, 0);
+ res = val_new(t_element, e1);
+ return res;
+}
+
+/* I'll probably never finish this :(
+static val_ptr f_index_calculus(darray_ptr arg) {
+ val_ptr res;
+ res = check_arg(arg, 2, t_element, t_element);
+ if (res) return res;
+ val_ptr a0 = arg->item[0];
+ val_ptr a1 = arg->item[1];
+ element_ptr e0 = a0->data;
+ element_ptr e1 = a1->data;
+ element_ptr e = pbc_malloc(sizeof(element_t));
+ mpz_t x, g, h, q1;
+
+ //TODO: check e0, e1 are from an integer mod ring
+ mpz_init(x);
+ mpz_init(g);
+ mpz_init(h);
+ mpz_init(q1);
+
+ mpz_sub_ui(q1, e0->field->order, 1);
+
+ element_init(e, Z);
+ element_to_mpz(g, e0);
+ element_to_mpz(h, e1);
+ pbc_mpz_index_calculus(x, g, h, q1);
+ element_set_mpz(e, x);
+ res = val_new(t_element, e);
+ mpz_clear(x);
+ mpz_clear(g);
+ mpz_clear(h);
+ mpz_clear(q1);
+ return res;
+}
+*/
+
+int main(int argc, char **argv) {
+ for (;;) {
+ int c = getopt(argc, argv, "e");
+ if (c == -1) break;
+ switch (c) {
+ case 'e':
+ option_echo = 1;
+ break;
+ default:
+ fprintf(stderr, "unrecognized option: %c\n", c);
+ break;
+ }
+ }
+
+ symtab_init(var);
+ symtab_init(builtin);
+
+ pairing_init_set_str(pairing_A, aparam);
+ pairing_init_set_str(pairing_D, dparam);
+ pairing_init_set_str(pairing_E, eparam);
+ pairing_init_set_str(pairing_F, fparam);
+ pairing_init_set_str(pairing_G, gparam);
+ symtab_put(var, val_new(t_pairing, pairing_A), "A");
+ symtab_put(var, val_new(t_pairing, pairing_D), "D");
+ symtab_put(var, val_new(t_pairing, pairing_E), "E");
+ symtab_put(var, val_new(t_pairing, pairing_F), "F");
+ symtab_put(var, val_new(t_pairing, pairing_G), "G");
+
+ set_pairing_groups(pairing_A);
+
+ symtab_put(builtin, f_init_pairing, "init_pairing");
+ symtab_put(builtin, f_pairing_G1, "get_G1");
+ symtab_put(builtin, f_pairing_G2, "get_G2");
+ symtab_put(builtin, f_pairing_GT, "get_GT");
+ symtab_put(builtin, f_pairing_Zr, "get_Zr");
+ symtab_put(builtin, f_random, "random");
+ symtab_put(builtin, f_random, "rand");
+ symtab_put(builtin, f_random, "rnd");
+ symtab_put(builtin, f_order, "order");
+ symtab_put(builtin, f_order, "ord");
+ symtab_put(builtin, f_neg, "neg");
+ symtab_put(builtin, f_sub, "sub");
+ symtab_put(builtin, f_add, "add");
+ symtab_put(builtin, f_pow, "pow");
+ symtab_put(builtin, f_mul, "mul");
+ symtab_put(builtin, f_inv, "inv");
+ symtab_put(builtin, f_inv, "invert");
+ symtab_put(builtin, f_div, "div");
+ symtab_put(builtin, f_pairing, "pairing");
+ symtab_put(builtin, f_nextprime, "nextprime");
+ symtab_put(builtin, f_brute_force_dlog, "element_dlog_brute_force");
+ symtab_put(builtin, f_pollard_rho, "element_dlog_pollard_rho");
+ //symtab_put(builtin, f_index_calculus, "index_calculus");
+ symtab_put(builtin, f_zz, "ZZ");
+ symtab_put(builtin, f_gen_A, "gen_A");
+ symtab_put(builtin, f_fromZZ, "fromZZ");
+ symtab_put(builtin, f_fromstr, "fromstr");
+
+ field_init_z(Z);
+
+ fprintf(stderr, "pbc\n");
+
+ for (;;) {
+ currentline = pbc_getline(NULL);
+ if (!currentline) break;
+ if (option_echo) puts(currentline);
+ lexcp = currentline;
+ parseline();
+ free(currentline);
+ }
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/pbc/pairing_test.pbc b/moon-abe/pbc-0.5.14/pbc/pairing_test.pbc
new file mode 100644
index 00000000..c57189f7
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/pbc/pairing_test.pbc
@@ -0,0 +1,21 @@
+# Tests sample type A pairing.
+
+g := G1([2382389466570123849673299401984867521337122094157231907755149435707124249269394670242462497382963719723036281844079382411446883273020125104982896098602669, 2152768906589770702756591740710760107878949212304343787392475836859241438597588807103470081101790991563152395601123682809718038151417122294066319979967168]);
+
+h := G2([5832612417453786541700129157230442590988122495898645678468800815872828277169950107203266157735206975228912899931278160262081308603240860553459187732968543, 5825590786822892934138376868455818413990615826926356662470129700411774690868351658310187202553513693344017463065909279569624651155563430675084173630054336]);
+
+a := 171583727262251826931173602797951212789946235851;
+b := 233634857565210859330459959563397971304462340857;
+
+CHECK(pairing(g, h) == GT([1352478452661998164151215014828915385601138645645403926287105573769451214277485326392786454433874957123922454604362337349978217917242114505658729401276644, 2809858014072341042857607405424304552357466023841122154308055820747972163307396014445308786731013691659356362568425895483877936945589613445697089590886519]));
+
+CHECK(g^a == G1([3727290142167731134589933003026410141163353118002821914170365887139605219852868537686435214464927363733592858325260588072422405672197113236445369761687270, 8313413520789037477320458888316489483781506373846006723006557775349684878102042826049292521482530556981023752851151672326421296204733037418468523296005577]));
+
+CHECK(h^b == G2([302169045606583472168811217560382970305157511680176350745436990853463473855962841196184541109617397027480204774682450915021848512168573082843355648090809, 7428193877404140917518137438384425427600294220905786853638038223349096573857683866658575603565175187399696035468569929483731011292133989973187846752806084]));
+
+res := GT([5401677742232403160612802517983583823254857216272776607059355607024091426935935872461700304196658606704085604766577186374528948004140797833341187234647180, 4255900207739859478558185000995524505026245539159946661271849714832846423204570340979120001638894488614502770175520505048836617405342161594891740961421000]);
+
+CHECK(res == pairing(g^a, h^b));
+CHECK(res == pairing(g, h)^(Zr(a)*Zr(b)));
+CHECK(res == pairing(g^a, h)^b);
+CHECK(res == pairing(g, h^b)^a);
diff --git a/moon-abe/pbc-0.5.14/pbc/parser.lex b/moon-abe/pbc-0.5.14/pbc/parser.lex
new file mode 100644
index 00000000..1d0b9f23
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/pbc/parser.lex
@@ -0,0 +1,56 @@
+%{
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+
+#include "pbc_tree.h"
+#define YYSTYPE tree_ptr
+#include "parser.tab.h"
+
+extern int option_easy;
+
+%}
+
+%option nounput noinput
+
+%x COMMENT
+%%
+\/\* BEGIN(COMMENT); // Open C-style comment.
+<COMMENT>\*\/ BEGIN(0); // Close C-style comment.
+<COMMENT>. // Within a C-style comment.
+<COMMENT>\n // Within a C-style comment.
+#.*$ // Comment.
+[ \t\r]* // Whitespace.
+
+define return DEFINE;
+[0-9]+ yylval = tree_new_z(yytext); return NUM;
+[a-zA-Z_][a-zA-Z0-9_]* yylval = tree_new_id(yytext); return ID;
+:= return ASSIGN;
+== return EQ;
+!= return NE;
+\< return LT;
+\> return T_GT;
+\<= return LE;
+\>= return GE;
+\+ return PLUS;
+- return MINUS;
+\/ return DIVIDE;
+\* return TIMES;
+\^ return POW;
+; return TERMINATOR;
+\, return COMMA;
+\? return QUESTION;
+: return COLON;
+\( return LPAR;
+\) return RPAR;
+\[ return LSQU;
+\] return RSQU;
+\{ return LBRACE;
+\} return RBRACE;
+\n if (option_easy) return TERMINATOR;
+= return option_easy ? ASSIGN : UNKNOWN;
+. return UNKNOWN;
+%%
diff --git a/moon-abe/pbc-0.5.14/pbc/parser.y b/moon-abe/pbc-0.5.14/pbc/parser.y
new file mode 100644
index 00000000..d51cebcc
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/pbc/parser.y
@@ -0,0 +1,112 @@
+%{
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdint.h> // for intptr_t
+#include <gmp.h>
+#include "pbc_utils.h"
+#include "pbc_field.h"
+
+#include "pbc_tree.h"
+#define YYSTYPE tree_ptr
+void yyerror(const char *s);
+int yylex(void);
+
+#define YY_NO_INPUT
+#define YY_NO_UNPUT
+
+extern int option_easy;
+%}
+
+%error-verbose
+%token DEFINE
+%token TERMINATOR
+%token NUM ID
+%token LPAR RPAR LSQU RSQU LBRACE RBRACE COMMA
+%right QUESTION COLON
+%left EQ NE LT T_GT LE GE
+%right ASSIGN
+%left PLUS MINUS
+%left DIVIDE TIMES
+%right UMINUS
+%right POW
+%token UNKNOWN
+%token END 0 "end of file"
+%%
+input
+ : // Empty.
+ | input stmt { tree_eval_stmt($2); }
+ ;
+
+stmt
+ : expr TERMINATOR
+ | DEFINE ID LPAR parms RPAR LBRACE stmtlist RBRACE {
+ $$ = tree_new_define($2, $4, $7);
+ }
+ ;
+
+stmtlist
+ : { $$ = tree_new_empty_stmt_list(); } // Empty.
+ | stmtlist stmt { tree_append($1, $2); }
+ ;
+
+parms
+ : { $$ = tree_new_empty_parms(); } // Empty.
+ | parms1
+ ;
+
+parms1
+ : ID { $$ = tree_new_empty_parms(); tree_append($$, $1); }
+ | parms1 COMMA ID { tree_append($1, $3); }
+ ;
+
+expr
+ : multinomial
+ | ID ASSIGN expr { $$ = tree_new_assign($1, $3); }
+ | expr QUESTION expr COLON expr { $$ = tree_new_ternary($1, $3, $5); }
+ | molecule
+ | molecule LSQU expr RSQU { $$ = tree_new_item($1, $3); }
+ | expr EQ expr { $$ = tree_new_eq($1, $3); }
+ | expr NE expr { $$ = tree_new_ne($1, $3); }
+ | expr LE expr { $$ = tree_new_le($1, $3); }
+ | expr GE expr { $$ = tree_new_ge($1, $3); }
+ | expr LT expr { $$ = tree_new_lt($1, $3); }
+ | expr T_GT expr { $$ = tree_new_gt($1, $3); }
+ | expr PLUS expr { $$ = tree_new_add($1, $3); }
+ | expr MINUS expr { $$ = tree_new_sub($1, $3); }
+ | expr TIMES expr { $$ = tree_new_mul($1, $3); }
+ | expr DIVIDE expr { $$ = tree_new_div($1, $3); }
+ | expr POW expr { $$ = tree_new_pow($1, $3); }
+ | MINUS expr %prec UMINUS { $$ = tree_new_neg($2); }
+ ;
+
+// Not quite atoms.
+molecule
+ : molecule LPAR exprlist RPAR { $$ = $3; tree_set_fun($$, $1); }
+ | LPAR expr RPAR { $$ = $2; }
+ | ID
+ ;
+
+exprlist
+ : { $$ = tree_new_funcall(); } // Empty.
+ | nonemptyexprlist
+ ;
+
+nonemptyexprlist
+ : expr { tree_append($$ = tree_new_funcall(), $1); }
+ | nonemptyexprlist COMMA expr { tree_append($1, $3); }
+ ;
+
+multinomial
+ : NUM
+ | numlist
+ ;
+
+numlist
+ : LSQU sequence RSQU { $$ = $2; }
+ ;
+
+sequence
+ : expr { $$ = tree_new_list($1); }
+ | sequence COMMA expr { tree_append($1, $3); }
+ ;
+%%
diff --git a/moon-abe/pbc-0.5.14/pbc/pbc.c b/moon-abe/pbc-0.5.14/pbc/pbc.c
new file mode 100644
index 00000000..6fb76046
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/pbc/pbc.c
@@ -0,0 +1,953 @@
+// Pairing-Based Calculator.
+
+// TODO: Garbage collection.
+// TODO: Recursion (stack frames), anonymous functions.
+
+#include <unistd.h> // For getopt.
+
+#include "pbc.h"
+#include "pbc_fp.h"
+#include "pbc_z.h"
+#include "pbc_multiz.h"
+#include "pbc_poly.h"
+
+#include "misc/darray.h"
+#include "misc/symtab.h"
+
+#include "pbc_tree.h"
+
+#include "lex.yy.h"
+#include "parser.tab.h"
+
+int option_easy = 0;
+const char *option_prompt;
+
+char *pbc_getline(const char *prompt);
+
+void yyerror(char *s) { fprintf(stderr, "%s\n", s); }
+int yyparse(void);
+
+// Symbol table holding built-in functions and variables.
+static symtab_t reserved;
+// Symbol table holding user-defined variable and function names.
+static symtab_t tab;
+
+static field_t M;
+static field_t Z;
+static pairing_t pairing;
+
+struct val_s;
+typedef struct val_s *val_ptr;
+
+struct fun_s;
+typedef struct fun_s *fun_ptr;
+
+// Syntax tree node.
+struct tree_s {
+ // Evaluates this node.
+ val_ptr (*eval)(tree_ptr);
+ union {
+ const char *id;
+ element_ptr elem;
+ // Built-in function.
+ fun_ptr fun;
+ // Child nodes.
+ darray_ptr child;
+ };
+};
+
+enum {
+ ARITY_VARIABLE = -1,
+};
+
+// The interface of a val_ptr shared amongst many val_ptr objects.
+// Analog of C++ class.
+struct val_type_s {
+ // One of element, field, function, error.
+ char *name;
+ // Print out current value.
+ void (*out_str)(FILE *, val_ptr);
+ // Called when a variable is evaluated, e.g. "foo;".
+ val_ptr (*eval)(val_ptr);
+ // Called when a variable is used as a function, e.g. "foo();".
+ val_ptr (*funcall)(val_ptr, tree_ptr);
+};
+
+// Functions plus type checking data.
+struct fun_s {
+ const char *name;
+ val_ptr (*run)(val_ptr[]);
+ int arity;
+ const struct val_type_s **sig;
+};
+typedef struct fun_s fun_t[1];
+
+// When interpreting, each node of the syntax tree recursively evaluates
+// its children then returns a val_ptr.
+struct val_s {
+ struct val_type_s *type;
+ union {
+ element_ptr elem;
+ // User-defined function.
+ tree_ptr def;
+ // Built-in function.
+ fun_ptr fun;
+ field_ptr field;
+ const char *msg;
+ };
+};
+
+static val_ptr val_new_element(element_ptr e);
+static val_ptr val_new_field(field_ptr e);
+static val_ptr val_new_error(const char *msg, ...);
+
+// Evaluates syntax tree node.
+static val_ptr tree_eval(tree_ptr t) {
+ return t->eval(t);
+}
+
+static void v_elem_out(FILE* stream, val_ptr v) {
+ element_out_str(stream, 0, v->elem);
+}
+
+static val_ptr v_elem_eval(val_ptr v) {
+ element_ptr e = pbc_malloc(sizeof(*e));
+ element_init_same_as(e, v->elem);
+ element_set(e, v->elem);
+ return val_new_element(e);
+}
+
+static void v_builtin_out(FILE* stream, val_ptr v) {
+ // TODO: Print types of arguments.
+ fprintf(stream, "built-in function %s, arity %d",
+ v->fun->name, v->fun->arity);
+}
+
+static void v_define_out(FILE* stream, val_ptr v) {
+ fprintf(stream, "user-defined function %s",
+ ((tree_ptr) darray_at(v->def->child, 0))->id);
+}
+
+static val_ptr v_builtin(val_ptr v, tree_ptr t) {
+ fun_ptr fun = v->fun;
+ int n = fun->arity;
+ if (1 + n != darray_count(t->child)) {
+ return val_new_error("%s: wrong number of arguments", fun->name);
+ }
+ val_ptr arg[n];
+ int i;
+ for(i = 0; i < n; i++) {
+ arg[i] = tree_eval(darray_at(t->child, i));
+ if (fun->sig[i] && arg[i]->type != fun->sig[i]) {
+ return val_new_error("%s: argument %d type mismatch", fun->name, i + 1);
+ }
+ }
+ return fun->run(arg);
+}
+
+static void eval_stmt(void *ptr) {
+ tree_eval(ptr);
+}
+
+static val_ptr v_def_call(val_ptr v, tree_ptr t) {
+ int i;
+ const char* name = ((tree_ptr) darray_at(v->def->child, 0))->id;
+ darray_ptr parm = ((tree_ptr) darray_at(v->def->child, 1))->child;
+ int n = darray_count(parm);
+ if (1 + n != darray_count(t->child)) {
+ return val_new_error("%s: wrong number of arguments", name);
+ }
+ for(i = 0; i < n; i++) {
+ const char *id = ((tree_ptr) darray_at(parm, i))->id;
+ val_ptr v1 = tree_eval(darray_at(t->child, i));
+ // TODO: Stack frames for recursion.
+ symtab_put(tab, v1, id);
+ }
+ // Evaluate function body.
+ darray_ptr a = ((tree_ptr) darray_at(v->def->child, 2))->child;
+ darray_forall(a, eval_stmt);
+ return NULL;
+}
+
+static val_ptr v_field_cast(val_ptr v, tree_ptr t) {
+ // TODO: Check args, x is an element.
+ val_ptr x = tree_eval(darray_at(t->child, 0));
+ element_ptr e = x->elem;
+ if (e->field == M) {
+ if (v->field == M) return x;
+ element_ptr e2 = element_new(v->field);
+ if (element_is0(e)) // if 'set0' is not 'set1' in base field of GT, but we hope 'GT(0)' calls 'set1', we may directly call 'element_set0' here
+ element_set0(e2);
+ else if (element_is1(e)) // reason is same as above
+ element_set1(e2);
+ else
+ element_set_multiz(e2, e->data);
+ x->elem = e2;
+ return x;
+ }
+ if (v->field == M) {
+ // Map to/from integer. TODO: Map to/from multiz instead.
+ mpz_t z;
+ mpz_init(z);
+ element_to_mpz(z, e);
+ element_clear(e);
+ element_init(e, v->field);
+ element_set_mpz(e, z);
+ mpz_clear(z);
+ }
+ return x;
+}
+
+static void v_field_out(FILE* stream, val_ptr v) {
+ field_out_info(stream, v->field);
+}
+
+static val_ptr v_self(val_ptr v) {
+ return v;
+}
+
+static void v_err_out(FILE* stream, val_ptr v) {
+ fprintf(stream, "%s", v->msg);
+}
+
+static val_ptr v_errcall(val_ptr v, tree_ptr t) {
+ UNUSED_VAR(t);
+ return v;
+}
+
+static struct val_type_s
+ // TODO: Replace NULL with get_coeff.
+ v_elem[1] = {{ "element", v_elem_out, v_elem_eval, NULL }},
+ v_field[1] = {{ "field", v_field_out, v_self, v_field_cast }},
+ v_fun[1] = {{ "builtin", v_builtin_out, v_self, v_builtin }},
+ v_def[1] = {{ "function", v_define_out, v_self, v_def_call }},
+ v_error[1] = {{ "error", v_err_out, v_self, v_errcall }};
+
+// Function signature constants for type checking.
+const struct val_type_s *sig_field[] = { v_field };
+const struct val_type_s *sig_elem[] = { v_elem };
+const struct val_type_s *sig_any[] = { NULL };
+const struct val_type_s *sig_elem_elem[] = { v_elem, v_elem };
+const struct val_type_s *sig_field_elem[] = { v_field, v_elem };
+
+static val_ptr val_new_element(element_ptr e) {
+ val_ptr v = pbc_malloc(sizeof(*v));
+ v->type = v_elem;
+ v->elem = e;
+ return v;
+}
+
+static val_ptr val_new_field(field_ptr f) {
+ val_ptr v = pbc_malloc(sizeof(*v));
+ v->type = v_field;
+ v->field = f;
+ return v;
+}
+
+static val_ptr val_new_error(const char *msg, ...) {
+ va_list params;
+ char buf[80];
+
+ va_start(params, msg);
+ vsnprintf(buf, 80, msg, params);
+ va_end(params);
+
+ val_ptr v = pbc_malloc(sizeof(*v));
+ v->type = v_error;
+ v->msg = pbc_strdup(buf);
+ return v;
+}
+
+static val_ptr val_new_fun(fun_ptr fun) {
+ val_ptr v = pbc_malloc(sizeof(*v));
+ v->type = v_fun;
+ v->fun = fun;
+ return v;
+}
+
+static val_ptr fun_bin(
+ void (*binop)(element_ptr, element_ptr, element_ptr),
+ val_ptr v[]) {
+ binop(v[0]->elem, v[0]->elem, v[1]->elem);
+ return v[0];
+}
+
+static val_ptr run_add(val_ptr v[]) { return fun_bin(element_add, v); }
+static val_ptr run_sub(val_ptr v[]) { return fun_bin(element_sub, v); }
+static val_ptr run_mul(val_ptr v[]) { return fun_bin(element_mul, v); }
+static val_ptr run_div(val_ptr v[]) { return fun_bin(element_div, v); }
+static val_ptr run_pow(val_ptr v[]) { return fun_bin(element_pow_zn, v); }
+
+static fun_t fun_add = {{ "add", run_add, 2, sig_elem_elem }};
+static fun_t fun_sub = {{ "sub", run_sub, 2, sig_elem_elem }};
+static fun_t fun_mul = {{ "mul", run_mul, 2, sig_elem_elem }};
+static fun_t fun_div = {{ "div", run_div, 2, sig_elem_elem }};
+static fun_t fun_pow = {{ "pow", run_pow, 2, sig_elem_elem }};
+
+static val_ptr fun_cmp(val_ptr v[], int (*fun)(int)) {
+ int i = element_cmp(v[0]->elem, v[1]->elem);
+ element_ptr e = pbc_malloc(sizeof(*e));
+ element_init(e, M);
+ element_set_si(e, fun(i));
+ v[0]->elem = e;
+ return v[0];
+}
+
+static int is0(int i) {
+ return i == 0;
+}
+
+static int isnot0(int i) {
+ return i != 0;
+}
+
+static int isle(int i) {
+ return i <= 0;
+}
+
+static int isge(int i) {
+ return i >= 0;
+}
+
+static int islt(int i) {
+ return i < 0;
+}
+
+static int isgt(int i) {
+ return i > 0;
+}
+
+static val_ptr run_eq(val_ptr v[]) {
+ return fun_cmp(v, is0);
+}
+
+static val_ptr run_ne(val_ptr v[]) {
+ return fun_cmp(v, isnot0);
+}
+
+static val_ptr run_le(val_ptr v[]) {
+ return fun_cmp(v, isle);
+}
+
+static val_ptr run_ge(val_ptr v[]) {
+ return fun_cmp(v, isge);
+}
+static val_ptr run_lt(val_ptr v[]) {
+ return fun_cmp(v, islt);
+}
+static val_ptr run_gt(val_ptr v[]) {
+ return fun_cmp(v, isgt);
+}
+
+static fun_t fun_eq = {{ "==", run_eq, 2, sig_elem_elem }};
+static fun_t fun_ne = {{ "!=", run_ne, 2, sig_elem_elem }};
+static fun_t fun_le = {{ "<=", run_le, 2, sig_elem_elem }};
+static fun_t fun_ge = {{ ">=", run_ge, 2, sig_elem_elem }};
+static fun_t fun_lt = {{ "<", run_lt, 2, sig_elem_elem }};
+static fun_t fun_gt = {{ ">", run_gt, 2, sig_elem_elem }};
+
+static val_ptr eval_elem(tree_ptr t) {
+ // TODO: Write element_clone(), or at least element_new().
+ element_ptr e = pbc_malloc(sizeof(*e));
+ element_init_same_as(e, t->elem);
+ element_set(e, t->elem);
+ return val_new_element(e);
+}
+
+static val_ptr eval_list(tree_ptr t) {
+ element_ptr e = NULL;
+ int n = darray_count(t->child);
+ int i;
+ for(i = 0; i < n; i++) {
+ val_ptr x = tree_eval(darray_at(t->child, i));
+ // TODO: Also check x is a multiz.
+ if (v_error == x->type) {
+ return x;
+ }
+ if (v_elem != x->type) {
+ return val_new_error("element expected in list");
+ }
+ if (!i) e = multiz_new_list(x->elem);
+ else multiz_append(e, x->elem);
+ }
+ return val_new_element(e);
+}
+
+static val_ptr eval_ternary(tree_ptr t) {
+ val_ptr x = tree_eval(darray_at(t->child, 0));
+ if (v_error == x->type) {
+ return x;
+ }
+ if (x->type != v_elem) {
+ return val_new_error("element expected in ternary operator");
+ }
+ if (!element_is0(x->elem)) {
+ return tree_eval(darray_at(t->child, 1));
+ }
+ return tree_eval(darray_at(t->child, 2));
+}
+
+static val_ptr eval_id(tree_ptr t) {
+ val_ptr x = symtab_at(reserved, t->id);
+ if (!x) x = symtab_at(tab, t->id);
+ if (!x) {
+ return val_new_error("undefined variable %s", t->id);
+ }
+ return x->type->eval(x);
+}
+
+static val_ptr eval_funcall(tree_ptr t) {
+ val_ptr x = tree_eval(darray_last(t->child));
+ return x->type->funcall(x, t);
+}
+
+static val_ptr eval_fun(tree_ptr t) {
+ return val_new_fun(t->fun);
+}
+
+static val_ptr run_neg(val_ptr v[]) {
+ element_neg(v[0]->elem, v[0]->elem);
+ return v[0];
+}
+static fun_t fun_neg = {{ "neg", run_neg, 1, sig_elem }};
+
+static val_ptr eval_assign(tree_ptr t) {
+ tree_ptr tid = darray_at(t->child, 0);
+ val_ptr v = tree_eval(darray_at(t->child, 1));
+ if (symtab_at(reserved, tid->id)) {
+ return val_new_error("%s is reserved", tid->id);
+ }
+ symtab_put(tab, v, tid->id);
+ return v;
+}
+
+static void assign_field(field_ptr f, const char* s) {
+ symtab_put(tab, val_new_field(f), s);
+}
+
+tree_ptr tree_new(val_ptr (*eval)(tree_ptr)) {
+ tree_ptr res = pbc_malloc(sizeof(*res));
+ res->eval = eval;
+ return res;
+}
+
+tree_ptr tree_new_z(const char* s) {
+ element_ptr e = pbc_malloc(sizeof(*e));
+ element_init(e, M);
+ element_set_str(e, s, 0);
+ tree_ptr t = tree_new(eval_elem);
+ t->elem = e;
+ return t;
+}
+
+static val_ptr eval_err(tree_ptr t) {
+ UNUSED_VAR(t);
+ pbc_die("BUG: shouldn't reach here!");
+}
+
+tree_ptr tree_new_empty_stmt_list() {
+ tree_ptr t = tree_new(eval_err);
+ t->child = darray_new();
+ return t;
+}
+
+tree_ptr tree_new_empty_parms() {
+ tree_ptr t = tree_new(eval_err);
+ t->child = darray_new();
+ return t;
+}
+
+static val_ptr eval_define(tree_ptr t) {
+ val_ptr v = pbc_malloc(sizeof(*v));
+ v->type = v_def;
+ v->def = t;
+ symtab_put(tab, v, ((tree_ptr) darray_at(t->child, 0))->id);
+ return v;
+}
+
+tree_ptr tree_new_define(tree_ptr id, tree_ptr parm, tree_ptr body) {
+ tree_ptr t = tree_new(eval_define);
+ t->child = darray_new();
+ darray_append(t->child, id);
+ darray_append(t->child, parm);
+ darray_append(t->child, body);
+ return t;
+}
+
+tree_ptr tree_new_list(tree_ptr first) {
+ tree_ptr t = tree_new(eval_list);
+ t->child = darray_new();
+ darray_append(t->child, first);
+ return t;
+}
+
+tree_ptr tree_new_ternary(tree_ptr cond, tree_ptr t1, tree_ptr t2) {
+ tree_ptr t = tree_new(eval_ternary);
+ t->child = darray_new();
+ darray_append(t->child, cond);
+ darray_append(t->child, t1);
+ darray_append(t->child, t2);
+ return t;
+}
+
+tree_ptr tree_new_id(const char* s) {
+ tree_ptr t = tree_new(eval_id);
+ t->id = pbc_strdup(s);
+ return t;
+}
+
+tree_ptr tree_new_funcall(void) {
+ tree_ptr t = tree_new(eval_funcall);
+ t->child = darray_new();
+ return t;
+}
+
+static tree_ptr tree_new_fun(fun_ptr fun) {
+ tree_ptr t = tree_new(eval_fun);
+ t->fun = fun;
+ return t;
+}
+
+void tree_set_fun(tree_ptr f, tree_ptr src) {
+ darray_append(f->child, src);
+}
+
+void tree_append(tree_ptr f, tree_ptr p) {
+ darray_append(f->child, p);
+}
+
+tree_ptr tree_new_binary(fun_ptr fun, tree_ptr x, tree_ptr y) {
+ tree_ptr t = tree_new_funcall();
+ tree_append(t, x);
+ tree_append(t, y);
+ tree_set_fun(t, tree_new_fun(fun));
+ return t;
+}
+
+static tree_ptr tree_new_unary(fun_ptr fun, tree_ptr x) {
+ tree_ptr t = tree_new_funcall();
+ tree_append(t, x);
+ tree_set_fun(t, tree_new_fun(fun));
+ return t;
+}
+
+tree_ptr tree_new_neg(tree_ptr t) {
+ return tree_new_unary(fun_neg, t);
+}
+tree_ptr tree_new_add(tree_ptr x, tree_ptr y) {
+ return tree_new_binary(fun_add, x, y);
+}
+tree_ptr tree_new_sub(tree_ptr x, tree_ptr y) {
+ return tree_new_binary(fun_sub, x, y);
+}
+tree_ptr tree_new_mul(tree_ptr x, tree_ptr y) {
+ return tree_new_binary(fun_mul, x, y);
+}
+tree_ptr tree_new_div(tree_ptr x, tree_ptr y) {
+ return tree_new_binary(fun_div, x, y);
+}
+tree_ptr tree_new_pow(tree_ptr x, tree_ptr y) {
+ return tree_new_binary(fun_pow, x, y);
+}
+tree_ptr tree_new_eq(tree_ptr x, tree_ptr y) {
+ return tree_new_binary(fun_eq, x, y);
+}
+tree_ptr tree_new_ne(tree_ptr x, tree_ptr y) {
+ return tree_new_binary(fun_ne, x, y);
+}
+tree_ptr tree_new_le(tree_ptr x, tree_ptr y) {
+ return tree_new_binary(fun_le, x, y);
+}
+tree_ptr tree_new_ge(tree_ptr x, tree_ptr y) {
+ return tree_new_binary(fun_ge, x, y);
+}
+tree_ptr tree_new_lt(tree_ptr x, tree_ptr y) {
+ return tree_new_binary(fun_lt, x, y);
+}
+tree_ptr tree_new_gt(tree_ptr x, tree_ptr y) {
+ return tree_new_binary(fun_gt, x, y);
+}
+
+static val_ptr run_item(val_ptr v[]) {
+ mpz_t z;
+ mpz_init(z);
+ element_to_mpz(z, v[1]->elem);
+ int i = mpz_get_si(z);
+ mpz_clear(z);
+ element_ptr a = element_item(v[0]->elem, i);
+ element_ptr e = pbc_malloc(sizeof(*e));
+ element_init_same_as(e, a);
+ element_set(e, a);
+ return val_new_element(e);
+}
+static fun_t fun_item = {{ "item", run_item, 2, sig_elem_elem }};
+tree_ptr tree_new_item(tree_ptr x, tree_ptr y) {
+ return tree_new_binary(fun_item, x, y);
+}
+
+tree_ptr tree_new_assign(tree_ptr l, tree_ptr r) {
+ // TODO: Check l's type.
+ tree_ptr t = tree_new(eval_assign);
+ t->child = darray_new();
+ darray_append(t->child, l);
+ darray_append(t->child, r);
+ return t;
+}
+
+// Evaluate statement.
+void tree_eval_stmt(tree_ptr stmt) {
+ val_ptr v = tree_eval(stmt);
+ if (v && v_error == v->type) {
+ v->type->out_str(stdout, v);
+ putchar('\n');
+ } else if (stmt->eval != eval_assign && v) {
+ v->type->out_str(stdout, v);
+ putchar('\n');
+ }
+}
+
+static val_ptr run_nextprime(val_ptr v[]) {
+ element_ptr e = v[0]->elem;
+ mpz_t z;
+ mpz_init(z);
+ element_to_mpz(z, e);
+ mpz_nextprime(z, z);
+ element_set_mpz(e, z);
+ return v[0];
+}
+static fun_t fun_nextprime = {{ "nextprime", run_nextprime, 1, sig_elem }};
+
+static val_ptr run_order(val_ptr v[]) {
+ field_ptr f = v[0]->field;
+ element_ptr e = pbc_malloc(sizeof(*e));
+ element_init(e, M);
+ element_set_mpz(e, f->order);
+ return val_new_element(e);
+}
+static fun_t fun_ord = {{ "ord", run_order, 1, sig_field }};
+static fun_t fun_order = {{ "order", run_order, 1, sig_field }};
+
+static val_ptr run_random(val_ptr v[]) {
+ element_ptr e = pbc_malloc(sizeof(*e));
+ element_init(e, v[0]->field);
+ element_random(e);
+ return val_new_element(e);
+}
+static fun_t fun_rnd = {{ "rnd", run_random, 1, sig_field }};
+static fun_t fun_random = {{ "random", run_random, 1, sig_field }};
+
+static val_ptr run_sqrt(val_ptr v[]) {
+ // TODO: Check v[0] is square.
+ element_sqrt(v[0]->elem, v[0]->elem);
+ return v[0];
+}
+static fun_t fun_sqrt = {{ "sqrt", run_sqrt, 1, sig_elem }};
+
+static val_ptr run_invert(val_ptr v[]) {
+ // TODO: Check v[0] is invertible.
+ element_invert(v[0]->elem, v[0]->elem);
+ return v[0];
+}
+static fun_t fun_inv = {{ "inv", run_invert, 1, sig_elem }};
+
+static val_ptr run_type(val_ptr v[]) {
+ puts(v[0]->type->name);
+ return v[0];
+}
+static fun_t fun_type = {{ "type", run_type, 1, sig_any }};
+
+static val_ptr run_pairing(val_ptr v[]) {
+ element_ptr x = v[0]->elem;
+ element_ptr e = element_new(x->field->pairing->GT);
+ element_pairing(e, x, v[1]->elem);
+ return val_new_element(e);
+}
+static fun_t fun_pairing = {{ "pairing", run_pairing, 2, sig_elem_elem }};
+
+static val_ptr run_zmod(val_ptr v[]) {
+ element_ptr e = v[0]->elem;
+ mpz_t z;
+ mpz_init(z);
+ element_to_mpz(z, e);
+ field_ptr f = pbc_malloc(sizeof(*f));
+ field_init_fp(f, z);
+ mpz_clear(z);
+ return val_new_field(f);
+}
+static fun_t fun_zmod = {{ "zmod", run_zmod, 1, sig_elem }};
+
+static val_ptr run_poly(val_ptr v[]) {
+ field_ptr f = pbc_malloc(sizeof(*f));
+ field_init_poly(f, v[0]->field);
+ return val_new_field(f);
+}
+static fun_t fun_poly = {{ "poly", run_poly, 1, sig_field }};
+
+static val_ptr run_polymod(val_ptr v[]) {
+ // TODO: Check v[0] is a poly.
+ field_ptr f = pbc_malloc(sizeof(*f));
+ field_init_polymod(f, v[0]->elem);
+ return val_new_field(f);
+}
+static fun_t fun_polymod = {{ "polymod", run_polymod, 1, sig_elem }};
+
+static val_ptr run_extend(val_ptr v[]) {
+ // TODO: Check v[1] is multiz poly.
+ field_ptr fx = pbc_malloc(sizeof(*fx));
+ field_init_poly(fx, v[0]->field);
+ element_ptr poly = element_new(fx);
+ element_set_multiz(poly, v[1]->elem->data);
+ field_ptr f = pbc_malloc(sizeof(*f));
+ field_init_polymod(f, poly);
+ element_free(poly);
+ return val_new_field(f);
+}
+static fun_t fun_extend = {{ "extend", run_extend, 1, sig_field_elem }};
+
+static void init_pairing(const char *s) {
+ pairing_init_set_str(pairing, s);
+ assign_field(pairing->G1, "G1");
+ assign_field(pairing->G2, "G2");
+ assign_field(pairing->GT, "GT");
+ assign_field(pairing->Zr, "Zr");
+}
+
+static val_ptr run_exit(val_ptr v[]) {
+ mpz_t z;
+ mpz_init(z);
+ element_to_mpz(z, v[0]->elem);
+ exit(mpz_get_si(z));
+}
+static fun_t fun_exit = {{ "exit", run_exit, 1, sig_elem }};
+
+static val_ptr run_CHECK(val_ptr v[]) {
+ if (element_is0(v[0]->elem)) {
+ pbc_die("CHECK failed");
+ }
+ return v[0];
+}
+static fun_t fun_CHECK = {{ "CHECK", run_CHECK, 1, sig_elem }};
+
+static char *aparam =
+"type a\n"
+"q 8780710799663312522437781984754049815806883199414208211028653399266475630880222957078625179422662221423155858769582317459277713367317481324925129998224791\n"
+"h 12016012264891146079388821366740534204802954401251311822919615131047207289359704531102844802183906537786776\n"
+"r 730750818665451621361119245571504901405976559617\n"
+"exp2 159\n"
+"exp1 107\n"
+"sign1 1\n"
+"sign0 1\n";
+
+static char *dparam =
+"type d\n"
+"q 625852803282871856053922297323874661378036491717\n"
+"n 625852803282871856053923088432465995634661283063\n"
+"h 3\n"
+"r 208617601094290618684641029477488665211553761021\n"
+"a 581595782028432961150765424293919699975513269268\n"
+"b 517921465817243828776542439081147840953753552322\n"
+"k 6\n"
+"nk 60094290356408407130984161127310078516360031868417968262992864809623507269833854678414046779817844853757026858774966331434198257512457993293271849043664655146443229029069463392046837830267994222789160047337432075266619082657640364986415435746294498140589844832666082434658532589211525696\n"
+"hk 1380801711862212484403205699005242141541629761433899149236405232528956996854655261075303661691995273080620762287276051361446528504633283152278831183711301329765591450680250000592437612973269056\n"
+"coeff0 472731500571015189154958232321864199355792223347\n"
+"coeff1 352243926696145937581894994871017455453604730246\n"
+"coeff2 289113341693870057212775990719504267185772707305\n"
+"nqr 431211441436589568382088865288592347194866189652\n";
+
+static char *eparam =
+"type e\n"
+"q 7245986106510086080714203333362098431608853335867425877960916928496629182991629664903654100214900946450053872786629995869445693724001299041657434948257845644905153122838458864000479326695430719258600053239930483226650953770354174712511646273516974069245462534034085895319225452125649979474047163305307830001\n"
+"r 730750862221594424981965739670091261094297337857\n"
+"h 13569343110918781839835249021482970252603216587988030044836106948825516930173270978617489032334001006615524543925753725725046733884363846960470444404747241287743773746682188521738728797153760275116924829183670000\n"
+"a 7130970454025799000067946137594446075551569949583815943390108723282396973737794273397246892274981883807989525599540630855644968426794929215599380425269625872763801485968007136000471718335185787206876242871042697778608875139078711621836858237429403052273312335081163896980825048123655535355411494046493419999\n"
+"b 7169309004853894693616698536183663527570664411678352588247044791687141043489072737232715961588288238022010974661903752526911876859197052490952065266265699130144252031591491045333807587788600764557450846327338626261289568016170532652061787582791926724597362401398804563093625182790987016728290050466098223333\n"
+"exp2 159\n"
+"exp1 135\n"
+"sign1 1\n"
+"sign0 1\n";
+
+static char *fparam =
+"type f\n"
+"q 205523667896953300194896352429254920972540065223\n"
+"r 205523667896953300194895899082072403858390252929\n"
+"b 40218105156867728698573668525883168222119515413\n"
+"beta 115334401956802802075595682801335644058796914268\n"
+"alpha0 191079354656274778837764015557338301375963168470\n"
+"alpha1 71445317903696340296199556072836940741717506375\n";
+
+static char *gparam =
+"type g\n"
+"q 503189899097385532598615948567975432740967203\n"
+"n 503189899097385532598571084778608176410973351\n"
+"h 1\n"
+"r 503189899097385532598571084778608176410973351\n"
+"a 465197998498440909244782433627180757481058321\n"
+"b 463074517126110479409374670871346701448503064\n"
+"k 10\n"
+"nk 1040684643531490707494989587381629956832530311976146077888095795458709511789670022388326295177424065807612879371896982185473788988016190582073591316127396374860265835641044035656044524481121528846249501655527462202999638159773731830375673076317719519977183373353791119388388468745670818193868532404392452816602538968163226713846951514831917487400267590451867746120591750902040267826351982737642689423713163967384383105678367875981348397359466338807\n"
+"hk 4110127713690841149713310614420858884651261781185442551927080083178682965171097172366598236129731931693425629387502221804555636704708008882811353539555915064049685663790355716130262332064327767695339422323460458479884756000782939428852120522712008037615051139080628734566850259704397643028017435446110322024094259858170303605703280329322675124728639532674407\n"
+"coeff0 67343110967802947677845897216565803152319250\n"
+"coeff1 115936772834120270862756636148166314916823221\n"
+"coeff2 87387877425076080433559927080662339215696505\n"
+"coeff3 433223145899090928132052677121692683015058909\n"
+"coeff4 405367866213598664862417230702935310328613596\n"
+"nqr 22204504160560785687198080413579021865783099\n";
+
+static char *iparam =
+"type i\n"
+"m 97\n"
+"t 12\n"
+"n 2726865189058261010774960798134976187171462721\n"
+"n2 7\n";
+
+static val_ptr run_init_pairing_a(val_ptr v[]) {
+ UNUSED_VAR(v);
+ init_pairing(aparam);
+ return NULL;
+}
+static fun_t fun_init_pairing_a = {{
+ "init_pairing_a", run_init_pairing_a, 0, NULL
+ }};
+
+static val_ptr run_init_pairing_d(val_ptr v[]) {
+ UNUSED_VAR(v);
+ init_pairing(dparam);
+ return NULL;
+}
+static fun_t fun_init_pairing_d = {{
+ "init_pairing_d", run_init_pairing_d, 0, NULL
+ }};
+
+static val_ptr run_init_pairing_e(val_ptr v[]) {
+ UNUSED_VAR(v);
+ init_pairing(eparam);
+ return NULL;
+}
+static fun_t fun_init_pairing_e = {{
+ "init_pairing_e", run_init_pairing_e, 0, NULL
+ }};
+
+static val_ptr run_init_pairing_f(val_ptr v[]) {
+ UNUSED_VAR(v);
+ init_pairing(fparam);
+ return NULL;
+}
+static fun_t fun_init_pairing_f = {{
+ "init_pairing_f", run_init_pairing_f, 0, NULL
+ }};
+
+static val_ptr run_init_pairing_g(val_ptr v[]) {
+ UNUSED_VAR(v);
+ init_pairing(gparam);
+ return NULL;
+}
+static fun_t fun_init_pairing_g = {{
+ "init_pairing_g", run_init_pairing_g, 0, NULL
+ }};
+
+static val_ptr run_init_pairing_i(val_ptr v[]) {
+ UNUSED_VAR(v);
+ init_pairing(iparam);
+ return NULL;
+}
+static fun_t fun_init_pairing_i = {{
+ "init_pairing_i", run_init_pairing_i, 0, NULL
+ }};
+
+static void builtin(fun_ptr fun) {
+ symtab_put(reserved, val_new_fun(fun), fun->name);
+}
+
+int end_of_input;
+
+int yywrap_return1(void) { return 1; }
+
+int yywrap_readline(void) {
+ static char *currentline;
+ static YY_BUFFER_STATE st;
+ yy_delete_buffer(st);
+ free(currentline);
+ currentline = pbc_getline(option_prompt);
+ if (!currentline) {
+ end_of_input = 1;
+ return 1;
+ }
+ int n = strlen(currentline);
+ currentline = realloc(currentline, n + 2);
+ currentline[n] = '\n';
+ currentline[n + 1] = '\0';
+ st = yy_scan_string(currentline);
+ //if (option_echo) puts(currentline);
+ return 0;
+}
+
+static int (*yywrapfun)(void);
+int yywrap(void) {
+ return yywrapfun();
+}
+
+int main(int argc, char **argv) {
+ for (;;) {
+ int c = getopt(argc, argv, "y");
+ if (c == -1) break;
+ switch (c) {
+ case 'y':
+ option_easy = 1;
+ option_prompt = "> ";
+ break;
+ default:
+ fprintf(stderr, "unrecognized option: %c\n", c);
+ break;
+ }
+ }
+
+ field_init_z(Z);
+ field_init_multiz(M);
+ symtab_init(tab);
+
+ builtin(fun_rnd);
+ builtin(fun_random);
+ builtin(fun_ord);
+ builtin(fun_order);
+ builtin(fun_nextprime);
+ builtin(fun_sqrt);
+ builtin(fun_inv);
+ builtin(fun_type);
+ builtin(fun_pairing);
+ builtin(fun_zmod);
+ builtin(fun_poly);
+ builtin(fun_polymod);
+ builtin(fun_extend);
+ builtin(fun_exit);
+ builtin(fun_CHECK);
+ builtin(fun_init_pairing_a);
+ builtin(fun_init_pairing_d);
+ builtin(fun_init_pairing_e);
+ builtin(fun_init_pairing_f);
+ builtin(fun_init_pairing_g);
+ builtin(fun_init_pairing_i);
+ run_init_pairing_a(NULL);
+ symtab_put(reserved, val_new_field(M), "M");
+ symtab_put(reserved, val_new_field(Z), "Z");
+
+ if (argc > optind) {
+ FILE *fp = fopen(argv[optind], "r");
+ if (!fp) pbc_die("fopen failed on %s", argv[optind]);
+ YY_BUFFER_STATE st = yy_create_buffer(fp, YY_BUF_SIZE);
+ yy_switch_to_buffer(st);
+ yywrapfun = yywrap_return1;
+ yyparse();
+ yy_delete_buffer(st);
+ } else {
+ yywrapfun = yywrap_readline;
+ yywrap();
+ while (!end_of_input) {
+ if (2 == yyparse()) pbc_die("parser out of memory");
+ }
+ putchar('\n');
+ }
+
+ symtab_clear(tab);
+ field_clear(M);
+ return 0;
+}
diff --git a/moon-abe/pbc-0.5.14/pbc/pbc_getline.c b/moon-abe/pbc-0.5.14/pbc/pbc_getline.c
new file mode 100644
index 00000000..dc44cc40
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/pbc/pbc_getline.c
@@ -0,0 +1,17 @@
+#include <stdio.h>
+#include <string.h>
+
+#include "pbc_memory.h"
+
+char *pbc_getline(const char *prompt) {
+ char s[1024];
+ if (prompt) fputs(prompt, stdout);
+ if (!fgets(s, 1024, stdin)) return NULL;
+ if (feof(stdin)) return NULL;
+ /* use strdup rather than pbc_strdup. because
+ * 1. readline version of this function uses malloc.
+ * 2. pbc_malloc called by pbc_strdup may differ from malloc.
+ * here we keep consistency.
+ */
+ return strdup(s);
+}
diff --git a/moon-abe/pbc-0.5.14/pbc/pbc_getline.readline.c b/moon-abe/pbc-0.5.14/pbc/pbc_getline.readline.c
new file mode 100644
index 00000000..8d5e8f5a
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/pbc/pbc_getline.readline.c
@@ -0,0 +1,10 @@
+#include <stdio.h>
+#include <readline/readline.h>
+#include <readline/history.h>
+
+char *pbc_getline(const char *prompt)
+{
+ char *line = readline(prompt);
+ if (line && *line) add_history(line);
+ return line;
+}
diff --git a/moon-abe/pbc-0.5.14/pbc/pbc_tree.h b/moon-abe/pbc-0.5.14/pbc/pbc_tree.h
new file mode 100644
index 00000000..2526ab61
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/pbc/pbc_tree.h
@@ -0,0 +1,30 @@
+// Requires:
+// * field.h
+struct tree_s;
+typedef struct tree_s *tree_ptr;
+tree_ptr tree_new_z(const char* s);
+tree_ptr tree_new_empty_stmt_list(void);
+tree_ptr tree_new_empty_parms(void);
+tree_ptr tree_new_define(tree_ptr id, tree_ptr parm, tree_ptr body);
+tree_ptr tree_new_list(tree_ptr t);
+tree_ptr tree_new_id(const char* s);
+tree_ptr tree_new_assign(tree_ptr l, tree_ptr r);
+tree_ptr tree_new_funcall(void);
+void tree_append(tree_ptr f, tree_ptr p);
+void tree_set_fun(tree_ptr dst, tree_ptr src);
+void tree_eval_stmt(tree_ptr t);
+
+tree_ptr tree_new_neg(tree_ptr t);
+tree_ptr tree_new_add(tree_ptr x, tree_ptr y);
+tree_ptr tree_new_sub(tree_ptr x, tree_ptr y);
+tree_ptr tree_new_mul(tree_ptr x, tree_ptr y);
+tree_ptr tree_new_div(tree_ptr x, tree_ptr y);
+tree_ptr tree_new_pow(tree_ptr x, tree_ptr y);
+tree_ptr tree_new_eq(tree_ptr x, tree_ptr y);
+tree_ptr tree_new_ne(tree_ptr x, tree_ptr y);
+tree_ptr tree_new_le(tree_ptr x, tree_ptr y);
+tree_ptr tree_new_ge(tree_ptr x, tree_ptr y);
+tree_ptr tree_new_lt(tree_ptr x, tree_ptr y);
+tree_ptr tree_new_gt(tree_ptr x, tree_ptr y);
+tree_ptr tree_new_ternary(tree_ptr cond, tree_ptr t1, tree_ptr t2);
+tree_ptr tree_new_item(tree_ptr x, tree_ptr y);
diff --git a/moon-abe/pbc-0.5.14/release b/moon-abe/pbc-0.5.14/release
new file mode 100644
index 00000000..3c56f6b7
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/release
@@ -0,0 +1,96 @@
+#!/bin/bash
+# perform sanity checks, make packages
+VER=`grep AC_INIT configure.ac | sed 's/.*\[\([0-9]*\.[0-9]*\.[0-9]*\)\].*/\1/'`
+echo Preparing new release: pbc-$VER
+GREPVER=${VER//\./\\.}
+if [[ $1 == "test" ]]; then
+ echo test run
+ TESTRUN=1
+fi
+if [[ ! -z $(git diff) ]]; then
+ echo Uncommitted changes detected. Commit them first.
+ exit 1
+fi
+git log > ChangeLog
+cat ChangeLog | head -20 | grep pbc-$GREPVER > /dev/null || {
+ echo git log does not mention release
+ if [[ $TESTRUN ]]; then
+ echo test run: continuing anyway...
+ else
+ exit 1
+ fi
+}
+TMPDIR=`mktemp -d` || {
+ echo Error creating temp directory
+ exit 1
+}
+PBCDIR=$TMPDIR/pbc-$VER
+echo Running setup...
+git archive --format=tar --prefix=pbc-$VER/ HEAD | tar xvC $TMPDIR
+HERE=`pwd`
+make -f simple.make pbc/parser.tab.c pbc/lex.yy.c
+cp pbc/parser.tab.[ch] pbc/lex.yy.[ch] $PBCDIR/pbc
+cp ChangeLog $PBCDIR
+cd $PBCDIR
+grep $GREPVER NEWS > /dev/null || {
+ echo NEWS does not mention release
+ if [[ $TESTRUN ]]; then
+ echo test run: continuing anyway...
+ else
+ cd $HERE
+ rm -rf $TMPDIR
+ exit 1
+ fi
+}
+grep $GREPVER doc/preface.txt > /dev/null || {
+ echo Error: cannot find $GREPVER in doc/preface.txt.
+ if [[ $TESTRUN ]]; then
+ echo test run: continuing anyway...
+ else
+ cd $HERE
+ rm -rf $TMPDIR
+ exit 1
+ fi
+}
+./setup || {
+ echo ./setup error
+ rm -rf $TMPDIR
+ exit 1
+}
+cd $TMPDIR
+echo Creating tarball...
+rm -rf $PBCDIR/autom4te.cache
+if [[ $TESTRUN ]]; then
+ echo test run: not building tarball...
+else
+ tar cvfz $HERE/pbc-$VER.tar.gz pbc-$VER
+fi
+cd $PBCDIR
+./configure || {
+ echo ./configure error
+ rm -rf $TMPDIR
+ exit 1
+}
+echo Testing make...
+make || {
+ echo make error
+ rm -rf $TMPDIR
+ exit 1
+}
+make clean
+echo Cross compiling with simple.make...
+PLATFORM=win32 colormake -f simple.make || {
+ echo mingw cross compile error
+ rm -rf $TMPDIR
+ exit 1
+}
+if [[ $TESTRUN ]]; then
+ echo test run: not building zip...
+else
+ mkdir pbc-$VER
+ mv out/* param/* pbc-$VER
+ cp benchmark/REPORT.BAT pbc-$VER
+ zip -r $HERE/pbc-$VER-win32-bin.zip pbc-$VER
+fi
+rm -rf $TMPDIR
+echo 'Now run ./publish!'
diff --git a/moon-abe/pbc-0.5.14/setup b/moon-abe/pbc-0.5.14/setup
new file mode 100644
index 00000000..310b05f5
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/setup
@@ -0,0 +1,21 @@
+#!/bin/bash -ex
+
+# pbc lexer and parser appears before configure script
+[ x`which flex` == x ] && echo 'need flex' && exit 1
+[ x`which bison` == x ] && echo 'need bison' && exit 1
+if [ x`which libtoolize` != x ]; then
+ LT=libtoolize
+elif [ x`which glibtoolize` != x ]; then
+ LT=glibtoolize
+else
+ exit 1
+fi
+$LT --force --copy
+aclocal
+autoheader
+automake --add-missing --copy --gnu
+autoconf
+
+if test -f config.status; then
+ sh config.status
+fi
diff --git a/moon-abe/pbc-0.5.14/simple.make b/moon-abe/pbc-0.5.14/simple.make
new file mode 100644
index 00000000..988c231a
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/simple.make
@@ -0,0 +1,396 @@
+# I use this Makefile rather than the autotools for simplicity and speed.
+# Of course, it is less portable. Much of it is due to Hovav Shacham.
+
+.PHONY: target binaries test clean depend
+
+target: out libpbc.a binaries
+
+CC := gcc
+RANLIB := ranlib
+warnflags := -Wall -W -Wfloat-equal -Wendif-labels -Wshadow \
+ -Wpointer-arith -Wcast-align -Wstrict-prototypes \
+ -Wredundant-decls #-std=c99 -pedantic
+CPPFLAGS := -Iinclude -I.
+optflags := -O3 -pipe -ffast-math -fomit-frame-pointer
+LDLIBS := -lgmp -lm
+CFLAGS := $(optflags) $(warnflags)
+
+ifeq ($(PLATFORM),win32)
+ nonlinux := .win32
+ exe_suffix := .exe
+ CC := i586-mingw32msvc-gcc
+ AR := i586-mingw32msvc-ar
+ RANLIB := i586-mingw32msvc-ranlib
+ CPPFLAGS := $(CPPFLAGS) -I/home/blynn/cross/gmp/include
+ LDFLAGS := -L/home/blynn/cross/gmp/lib
+ pbc_getline_objs := pbc/pbc_getline.o
+else
+ # tcmalloc is faster than normal malloc.
+ LDLIBS := $(LDLIBS) -ltcmalloc
+ pbc_getline_objs := pbc/pbc_getline.readline.o
+ pbc_pbc_libs := -lreadline
+endif
+
+libpbc_srcs := \
+ $(addsuffix .c,$(addprefix arith/, \
+ field fp montfp naivefp fastfp fasterfp multiz z fieldquadratic poly \
+ ternary_extension_field random dlog)) \
+ $(addsuffix .c,$(addprefix ecc/, \
+ curve singular pairing param \
+ a_param d_param e_param f_param g_param eta_T_3 \
+ hilbert mnt mpc)) \
+ $(addsuffix .c,$(addprefix misc/, \
+ utils \
+ darray symtab \
+ extend_printf memory)) \
+ $(addsuffix $(nonlinux).c,misc/get_time arith/init_random)
+
+libpbc_objs := $(libpbc_srcs:.c=.o)
+
+bin_srcs := \
+ $(addsuffix .c,$(addprefix example/, \
+ bls hess joux paterson yuanli zhangkim zss)) \
+ $(addsuffix .c,$(addprefix gen/, \
+ gena1param genaparam gendparam geneparam genfparam gengparam \
+ hilbertpoly listmnt listfreeman)) \
+ benchmark/benchmark.c benchmark/timersa.c benchmark/ellnet.c \
+ benchmark/multipairing.c
+
+define demo_tmpl
+ examples += out/$(basename $(notdir $(1)))$(exe_suffix)
+ out/$(basename $(notdir $(1)))$(exe_suffix) : $(1) libpbc.a ; \
+ $(CC) -o $$@ $(LDFLAGS) $$^ $(LOADLIBES) $(LDLIBS)
+endef
+
+$(foreach x,$(bin_srcs:.c=.o),$(eval $(call demo_tmpl,$(x))))
+
+pbc/parser.tab.c pbc/parser.tab.h : pbc/parser.y
+ bison -d -b pbc/parser $^
+
+pbc/parser.tab.o : pbc/parser.tab.c pbc/parser.tab.h
+
+pbc/lex.yy.c : pbc/parser.lex
+ flex -o $@ --header-file=pbc/lex.yy.h $^
+
+pbc_objs := pbc/pbc.o $(pbc_getline_objs) pbc/parser.tab.o pbc/lex.yy.o libpbc.a
+
+pbc_bin := out/pbc$(exe_suffix)
+
+$(pbc_bin) : $(pbc_objs) libpbc.a
+ $(CC) -o $@ $(LDFLAGS) $^ $(LOADLIBES) $(LDLIBS) $(pbc_pbc_libs)
+
+binaries : $(examples) $(pbc_bin)
+
+test_srcs := \
+ $(addsuffix .c,$(addprefix guru/, \
+ fp_test quadratic_test poly_test exp_test prodpairing_test))
+
+tests := $(test_srcs:.c=)
+
+# Object files needed to test Fp.
+fp_objs := $(addsuffix .o, \
+ arith/field arith/fp arith/naivefp arith/fastfp arith/fasterfp arith/montfp arith/random arith/init_random misc/extend_printf misc/memory misc/utils \
+ arith/multiz misc/darray )
+
+guru/prodpairing_test: guru/prodpairing_test.o libpbc.a
+guru/exp_test: guru/exp_test.o libpbc.a
+guru/fp_test: guru/fp_test.o $(fp_objs)
+guru/poly_test: guru/poly_test.o $(fp_objs) arith/poly.o misc/darray.o
+guru/quadratic_test: guru/quadratic_test.o $(fp_objs) arith/fieldquadratic.o
+
+test : $(tests)
+
+out: ; -mkdir out
+
+srcs := $(libpbc_srcs) $(bin_srcs) $(test_srcs)
+objs := $(srcs:.c=.o) $(pbc_objs)
+
+clean: ; -rm -r out $(objs) libpbc.a
+
+ifeq ($(PLATFORM),win32)
+
+# For Windows.
+out/pbc.def out/pbc.lib out/pbc.dll: $(libpbc_objs)
+ $(CC) -shared -o out/pbc.dll $^ -Wl,--output-def,out/pbc.def,--out-implib,out/pbc.lib $(LDFLAGS) $(LDLIBS)
+
+libpbc.a : out/pbc.lib
+ cp $^ $@
+
+else
+
+# File dependencies for library-making.
+# See GNU Make manual, sect. 11.2.
+libpbc.a: libpbc.a($(libpbc_objs))
+ $(RANLIB) $@
+endif
+
+depend:
+ makedepend -fsimple.make -Iinclude -Y -- $(CFLAGS) -- $(srcs) 2> /dev/null
+
+# DO NOT DELETE
+
+arith/field.o: include/pbc_utils.h include/pbc_field.h include/pbc_multiz.h
+arith/field.o: include/pbc_memory.h
+arith/fp.o: include/pbc_utils.h include/pbc_field.h include/pbc_fp.h
+arith/montfp.o: include/pbc_utils.h include/pbc_field.h include/pbc_random.h
+arith/montfp.o: include/pbc_fp.h include/pbc_memory.h
+arith/naivefp.o: include/pbc_utils.h include/pbc_field.h include/pbc_random.h
+arith/naivefp.o: include/pbc_fp.h include/pbc_memory.h
+arith/fastfp.o: include/pbc_utils.h include/pbc_field.h include/pbc_random.h
+arith/fastfp.o: include/pbc_fp.h include/pbc_memory.h
+arith/fasterfp.o: include/pbc_utils.h include/pbc_field.h
+arith/fasterfp.o: include/pbc_random.h include/pbc_fp.h include/pbc_memory.h
+arith/multiz.o: include/pbc_utils.h include/pbc_field.h include/pbc_multiz.h
+arith/multiz.o: include/pbc_random.h include/pbc_fp.h include/pbc_memory.h
+arith/multiz.o: misc/darray.h
+arith/z.o: include/pbc_utils.h include/pbc_field.h include/pbc_z.h
+arith/z.o: include/pbc_random.h include/pbc_fp.h include/pbc_memory.h
+arith/fieldquadratic.o: include/pbc_utils.h include/pbc_field.h
+arith/fieldquadratic.o: include/pbc_multiz.h include/pbc_fieldquadratic.h
+arith/fieldquadratic.o: include/pbc_memory.h
+arith/poly.o: include/pbc_utils.h include/pbc_field.h include/pbc_multiz.h
+arith/poly.o: include/pbc_poly.h include/pbc_memory.h misc/darray.h
+arith/ternary_extension_field.o: include/pbc_utils.h include/pbc_memory.h
+arith/ternary_extension_field.o: include/pbc_field.h
+arith/random.o: include/pbc_random.h include/pbc_utils.h include/pbc_memory.h
+arith/dlog.o: include/pbc_utils.h include/pbc_field.h include/pbc_memory.h
+arith/dlog.o: misc/darray.h
+ecc/curve.o: include/pbc_utils.h include/pbc_field.h include/pbc_multiz.h
+ecc/curve.o: include/pbc_poly.h include/pbc_curve.h include/pbc_memory.h
+ecc/curve.o: include/pbc_random.h misc/darray.h
+ecc/singular.o: include/pbc_utils.h include/pbc_field.h include/pbc_curve.h
+ecc/singular.o: include/pbc_param.h include/pbc_pairing.h include/pbc_fp.h
+ecc/singular.o: include/pbc_memory.h
+ecc/pairing.o: include/pbc_utils.h include/pbc_field.h include/pbc_poly.h
+ecc/pairing.o: include/pbc_curve.h include/pbc_param.h include/pbc_pairing.h
+ecc/pairing.o: include/pbc_memory.h
+ecc/param.o: include/pbc_utils.h include/pbc_memory.h include/pbc_param.h
+ecc/param.o: include/pbc_a_param.h include/pbc_mnt.h include/pbc_d_param.h
+ecc/param.o: include/pbc_e_param.h include/pbc_f_param.h
+ecc/param.o: include/pbc_a1_param.h include/pbc_g_param.h
+ecc/param.o: include/pbc_i_param.h misc/symtab.h misc/darray.h ecc/param.h
+ecc/a_param.o: include/pbc_utils.h include/pbc_field.h include/pbc_fp.h
+ecc/a_param.o: include/pbc_fieldquadratic.h include/pbc_param.h
+ecc/a_param.o: include/pbc_pairing.h include/pbc_curve.h include/pbc_random.h
+ecc/a_param.o: include/pbc_memory.h ecc/param.h include/pbc_a_param.h
+ecc/a_param.o: include/pbc_a1_param.h
+ecc/d_param.o: include/pbc_utils.h include/pbc_field.h include/pbc_poly.h
+ecc/d_param.o: include/pbc_hilbert.h include/pbc_fp.h
+ecc/d_param.o: include/pbc_fieldquadratic.h include/pbc_mnt.h
+ecc/d_param.o: include/pbc_curve.h include/pbc_param.h include/pbc_pairing.h
+ecc/d_param.o: include/pbc_memory.h include/pbc_d_param.h ecc/param.h
+ecc/e_param.o: include/pbc_utils.h include/pbc_field.h include/pbc_fp.h
+ecc/e_param.o: include/pbc_param.h include/pbc_pairing.h include/pbc_curve.h
+ecc/e_param.o: include/pbc_random.h include/pbc_memory.h
+ecc/e_param.o: include/pbc_e_param.h ecc/param.h
+ecc/f_param.o: include/pbc_utils.h include/pbc_field.h include/pbc_fp.h
+ecc/f_param.o: include/pbc_fieldquadratic.h include/pbc_param.h
+ecc/f_param.o: include/pbc_pairing.h include/pbc_poly.h include/pbc_curve.h
+ecc/f_param.o: include/pbc_memory.h include/pbc_f_param.h ecc/param.h
+ecc/g_param.o: include/pbc_utils.h include/pbc_field.h include/pbc_poly.h
+ecc/g_param.o: include/pbc_hilbert.h include/pbc_fp.h
+ecc/g_param.o: include/pbc_fieldquadratic.h include/pbc_mnt.h
+ecc/g_param.o: include/pbc_curve.h include/pbc_param.h include/pbc_pairing.h
+ecc/g_param.o: include/pbc_memory.h include/pbc_g_param.h ecc/param.h
+ecc/eta_T_3.o: include/pbc_utils.h include/pbc_field.h include/pbc_fp.h
+ecc/eta_T_3.o: include/pbc_memory.h include/pbc_param.h include/pbc_pairing.h
+ecc/eta_T_3.o: include/pbc_ternary_extension_field.h ecc/param.h
+ecc/hilbert.o: include/pbc_utils.h include/pbc_field.h include/pbc_poly.h
+ecc/hilbert.o: include/pbc_hilbert.h include/pbc_memory.h misc/darray.h
+ecc/hilbert.o: ecc/mpc.h
+ecc/mnt.o: include/pbc_mnt.h include/pbc_memory.h include/pbc_utils.h
+ecc/mnt.o: misc/darray.h
+ecc/mpc.o: ecc/mpc.h
+misc/utils.o: include/pbc_utils.h include/pbc_field.h
+misc/darray.o: include/pbc_memory.h misc/darray.h
+misc/symtab.o: include/pbc_memory.h misc/symtab.h misc/darray.h
+misc/extend_printf.o: include/pbc_utils.h include/pbc_field.h
+misc/extend_printf.o: include/pbc_memory.h
+misc/memory.o: include/pbc_utils.h include/pbc_memory.h
+arith/init_random.o: include/pbc_utils.h include/pbc_random.h
+example/bls.o: include/pbc.h include/pbc_utils.h include/pbc_field.h
+example/bls.o: include/pbc_param.h include/pbc_pairing.h include/pbc_curve.h
+example/bls.o: include/pbc_mnt.h include/pbc_a1_param.h include/pbc_a_param.h
+example/bls.o: include/pbc_d_param.h include/pbc_e_param.h
+example/bls.o: include/pbc_f_param.h include/pbc_g_param.h
+example/bls.o: include/pbc_i_param.h include/pbc_random.h
+example/bls.o: include/pbc_memory.h include/pbc_test.h
+example/hess.o: include/pbc.h include/pbc_utils.h include/pbc_field.h
+example/hess.o: include/pbc_param.h include/pbc_pairing.h include/pbc_curve.h
+example/hess.o: include/pbc_mnt.h include/pbc_a1_param.h
+example/hess.o: include/pbc_a_param.h include/pbc_d_param.h
+example/hess.o: include/pbc_e_param.h include/pbc_f_param.h
+example/hess.o: include/pbc_g_param.h include/pbc_i_param.h
+example/hess.o: include/pbc_random.h include/pbc_memory.h include/pbc_test.h
+example/joux.o: include/pbc.h include/pbc_utils.h include/pbc_field.h
+example/joux.o: include/pbc_param.h include/pbc_pairing.h include/pbc_curve.h
+example/joux.o: include/pbc_mnt.h include/pbc_a1_param.h
+example/joux.o: include/pbc_a_param.h include/pbc_d_param.h
+example/joux.o: include/pbc_e_param.h include/pbc_f_param.h
+example/joux.o: include/pbc_g_param.h include/pbc_i_param.h
+example/joux.o: include/pbc_random.h include/pbc_memory.h include/pbc_test.h
+example/paterson.o: include/pbc.h include/pbc_utils.h include/pbc_field.h
+example/paterson.o: include/pbc_param.h include/pbc_pairing.h
+example/paterson.o: include/pbc_curve.h include/pbc_mnt.h
+example/paterson.o: include/pbc_a1_param.h include/pbc_a_param.h
+example/paterson.o: include/pbc_d_param.h include/pbc_e_param.h
+example/paterson.o: include/pbc_f_param.h include/pbc_g_param.h
+example/paterson.o: include/pbc_i_param.h include/pbc_random.h
+example/paterson.o: include/pbc_memory.h include/pbc_test.h
+example/yuanli.o: include/pbc.h include/pbc_utils.h include/pbc_field.h
+example/yuanli.o: include/pbc_param.h include/pbc_pairing.h
+example/yuanli.o: include/pbc_curve.h include/pbc_mnt.h
+example/yuanli.o: include/pbc_a1_param.h include/pbc_a_param.h
+example/yuanli.o: include/pbc_d_param.h include/pbc_e_param.h
+example/yuanli.o: include/pbc_f_param.h include/pbc_g_param.h
+example/yuanli.o: include/pbc_i_param.h include/pbc_random.h
+example/yuanli.o: include/pbc_memory.h include/pbc_test.h
+example/zhangkim.o: include/pbc.h include/pbc_utils.h include/pbc_field.h
+example/zhangkim.o: include/pbc_param.h include/pbc_pairing.h
+example/zhangkim.o: include/pbc_curve.h include/pbc_mnt.h
+example/zhangkim.o: include/pbc_a1_param.h include/pbc_a_param.h
+example/zhangkim.o: include/pbc_d_param.h include/pbc_e_param.h
+example/zhangkim.o: include/pbc_f_param.h include/pbc_g_param.h
+example/zhangkim.o: include/pbc_i_param.h include/pbc_random.h
+example/zhangkim.o: include/pbc_memory.h include/pbc_test.h
+example/zss.o: include/pbc.h include/pbc_utils.h include/pbc_field.h
+example/zss.o: include/pbc_param.h include/pbc_pairing.h include/pbc_curve.h
+example/zss.o: include/pbc_mnt.h include/pbc_a1_param.h include/pbc_a_param.h
+example/zss.o: include/pbc_d_param.h include/pbc_e_param.h
+example/zss.o: include/pbc_f_param.h include/pbc_g_param.h
+example/zss.o: include/pbc_i_param.h include/pbc_random.h
+example/zss.o: include/pbc_memory.h include/pbc_test.h
+gen/gena1param.o: include/pbc.h include/pbc_utils.h include/pbc_field.h
+gen/gena1param.o: include/pbc_param.h include/pbc_pairing.h
+gen/gena1param.o: include/pbc_curve.h include/pbc_mnt.h
+gen/gena1param.o: include/pbc_a1_param.h include/pbc_a_param.h
+gen/gena1param.o: include/pbc_d_param.h include/pbc_e_param.h
+gen/gena1param.o: include/pbc_f_param.h include/pbc_g_param.h
+gen/gena1param.o: include/pbc_i_param.h include/pbc_random.h
+gen/gena1param.o: include/pbc_memory.h
+gen/genaparam.o: include/pbc.h include/pbc_utils.h include/pbc_field.h
+gen/genaparam.o: include/pbc_param.h include/pbc_pairing.h
+gen/genaparam.o: include/pbc_curve.h include/pbc_mnt.h include/pbc_a1_param.h
+gen/genaparam.o: include/pbc_a_param.h include/pbc_d_param.h
+gen/genaparam.o: include/pbc_e_param.h include/pbc_f_param.h
+gen/genaparam.o: include/pbc_g_param.h include/pbc_i_param.h
+gen/genaparam.o: include/pbc_random.h include/pbc_memory.h
+gen/gendparam.o: include/pbc.h include/pbc_utils.h include/pbc_field.h
+gen/gendparam.o: include/pbc_param.h include/pbc_pairing.h
+gen/gendparam.o: include/pbc_curve.h include/pbc_mnt.h include/pbc_a1_param.h
+gen/gendparam.o: include/pbc_a_param.h include/pbc_d_param.h
+gen/gendparam.o: include/pbc_e_param.h include/pbc_f_param.h
+gen/gendparam.o: include/pbc_g_param.h include/pbc_i_param.h
+gen/gendparam.o: include/pbc_random.h include/pbc_memory.h
+gen/geneparam.o: include/pbc.h include/pbc_utils.h include/pbc_field.h
+gen/geneparam.o: include/pbc_param.h include/pbc_pairing.h
+gen/geneparam.o: include/pbc_curve.h include/pbc_mnt.h include/pbc_a1_param.h
+gen/geneparam.o: include/pbc_a_param.h include/pbc_d_param.h
+gen/geneparam.o: include/pbc_e_param.h include/pbc_f_param.h
+gen/geneparam.o: include/pbc_g_param.h include/pbc_i_param.h
+gen/geneparam.o: include/pbc_random.h include/pbc_memory.h
+gen/genfparam.o: include/pbc.h include/pbc_utils.h include/pbc_field.h
+gen/genfparam.o: include/pbc_param.h include/pbc_pairing.h
+gen/genfparam.o: include/pbc_curve.h include/pbc_mnt.h include/pbc_a1_param.h
+gen/genfparam.o: include/pbc_a_param.h include/pbc_d_param.h
+gen/genfparam.o: include/pbc_e_param.h include/pbc_f_param.h
+gen/genfparam.o: include/pbc_g_param.h include/pbc_i_param.h
+gen/genfparam.o: include/pbc_random.h include/pbc_memory.h
+gen/gengparam.o: include/pbc.h include/pbc_utils.h include/pbc_field.h
+gen/gengparam.o: include/pbc_param.h include/pbc_pairing.h
+gen/gengparam.o: include/pbc_curve.h include/pbc_mnt.h include/pbc_a1_param.h
+gen/gengparam.o: include/pbc_a_param.h include/pbc_d_param.h
+gen/gengparam.o: include/pbc_e_param.h include/pbc_f_param.h
+gen/gengparam.o: include/pbc_g_param.h include/pbc_i_param.h
+gen/gengparam.o: include/pbc_random.h include/pbc_memory.h
+gen/hilbertpoly.o: include/pbc_utils.h include/pbc_hilbert.h
+gen/listmnt.o: include/pbc.h include/pbc_utils.h include/pbc_field.h
+gen/listmnt.o: include/pbc_param.h include/pbc_pairing.h include/pbc_curve.h
+gen/listmnt.o: include/pbc_mnt.h include/pbc_a1_param.h include/pbc_a_param.h
+gen/listmnt.o: include/pbc_d_param.h include/pbc_e_param.h
+gen/listmnt.o: include/pbc_f_param.h include/pbc_g_param.h
+gen/listmnt.o: include/pbc_i_param.h include/pbc_random.h
+gen/listmnt.o: include/pbc_memory.h
+gen/listfreeman.o: include/pbc.h include/pbc_utils.h include/pbc_field.h
+gen/listfreeman.o: include/pbc_param.h include/pbc_pairing.h
+gen/listfreeman.o: include/pbc_curve.h include/pbc_mnt.h
+gen/listfreeman.o: include/pbc_a1_param.h include/pbc_a_param.h
+gen/listfreeman.o: include/pbc_d_param.h include/pbc_e_param.h
+gen/listfreeman.o: include/pbc_f_param.h include/pbc_g_param.h
+gen/listfreeman.o: include/pbc_i_param.h include/pbc_random.h
+gen/listfreeman.o: include/pbc_memory.h
+benchmark/benchmark.o: include/pbc.h include/pbc_utils.h include/pbc_field.h
+benchmark/benchmark.o: include/pbc_param.h include/pbc_pairing.h
+benchmark/benchmark.o: include/pbc_curve.h include/pbc_mnt.h
+benchmark/benchmark.o: include/pbc_a1_param.h include/pbc_a_param.h
+benchmark/benchmark.o: include/pbc_d_param.h include/pbc_e_param.h
+benchmark/benchmark.o: include/pbc_f_param.h include/pbc_g_param.h
+benchmark/benchmark.o: include/pbc_i_param.h include/pbc_random.h
+benchmark/benchmark.o: include/pbc_memory.h include/pbc_test.h
+benchmark/timersa.o: include/pbc.h include/pbc_utils.h include/pbc_field.h
+benchmark/timersa.o: include/pbc_param.h include/pbc_pairing.h
+benchmark/timersa.o: include/pbc_curve.h include/pbc_mnt.h
+benchmark/timersa.o: include/pbc_a1_param.h include/pbc_a_param.h
+benchmark/timersa.o: include/pbc_d_param.h include/pbc_e_param.h
+benchmark/timersa.o: include/pbc_f_param.h include/pbc_g_param.h
+benchmark/timersa.o: include/pbc_i_param.h include/pbc_random.h
+benchmark/timersa.o: include/pbc_memory.h include/pbc_fp.h include/pbc_test.h
+benchmark/ellnet.o: include/pbc.h include/pbc_utils.h include/pbc_field.h
+benchmark/ellnet.o: include/pbc_param.h include/pbc_pairing.h
+benchmark/ellnet.o: include/pbc_curve.h include/pbc_mnt.h
+benchmark/ellnet.o: include/pbc_a1_param.h include/pbc_a_param.h
+benchmark/ellnet.o: include/pbc_d_param.h include/pbc_e_param.h
+benchmark/ellnet.o: include/pbc_f_param.h include/pbc_g_param.h
+benchmark/ellnet.o: include/pbc_i_param.h include/pbc_random.h
+benchmark/ellnet.o: include/pbc_memory.h include/pbc_test.h
+benchmark/multipairing.o: include/pbc.h include/pbc_utils.h
+benchmark/multipairing.o: include/pbc_field.h include/pbc_param.h
+benchmark/multipairing.o: include/pbc_pairing.h include/pbc_curve.h
+benchmark/multipairing.o: include/pbc_mnt.h include/pbc_a1_param.h
+benchmark/multipairing.o: include/pbc_a_param.h include/pbc_d_param.h
+benchmark/multipairing.o: include/pbc_e_param.h include/pbc_f_param.h
+benchmark/multipairing.o: include/pbc_g_param.h include/pbc_i_param.h
+benchmark/multipairing.o: include/pbc_random.h include/pbc_memory.h
+benchmark/multipairing.o: include/pbc_test.h
+guru/fp_test.o: include/pbc.h include/pbc_utils.h include/pbc_field.h
+guru/fp_test.o: include/pbc_param.h include/pbc_pairing.h include/pbc_curve.h
+guru/fp_test.o: include/pbc_mnt.h include/pbc_a1_param.h
+guru/fp_test.o: include/pbc_a_param.h include/pbc_d_param.h
+guru/fp_test.o: include/pbc_e_param.h include/pbc_f_param.h
+guru/fp_test.o: include/pbc_g_param.h include/pbc_i_param.h
+guru/fp_test.o: include/pbc_random.h include/pbc_memory.h include/pbc_fp.h
+guru/fp_test.o: include/pbc_test.h
+guru/quadratic_test.o: include/pbc.h include/pbc_utils.h include/pbc_field.h
+guru/quadratic_test.o: include/pbc_param.h include/pbc_pairing.h
+guru/quadratic_test.o: include/pbc_curve.h include/pbc_mnt.h
+guru/quadratic_test.o: include/pbc_a1_param.h include/pbc_a_param.h
+guru/quadratic_test.o: include/pbc_d_param.h include/pbc_e_param.h
+guru/quadratic_test.o: include/pbc_f_param.h include/pbc_g_param.h
+guru/quadratic_test.o: include/pbc_i_param.h include/pbc_random.h
+guru/quadratic_test.o: include/pbc_memory.h include/pbc_fp.h
+guru/quadratic_test.o: include/pbc_fieldquadratic.h include/pbc_test.h
+guru/poly_test.o: include/pbc.h include/pbc_utils.h include/pbc_field.h
+guru/poly_test.o: include/pbc_param.h include/pbc_pairing.h
+guru/poly_test.o: include/pbc_curve.h include/pbc_mnt.h
+guru/poly_test.o: include/pbc_a1_param.h include/pbc_a_param.h
+guru/poly_test.o: include/pbc_d_param.h include/pbc_e_param.h
+guru/poly_test.o: include/pbc_f_param.h include/pbc_g_param.h
+guru/poly_test.o: include/pbc_i_param.h include/pbc_random.h
+guru/poly_test.o: include/pbc_memory.h include/pbc_fp.h include/pbc_poly.h
+guru/poly_test.o: include/pbc_test.h misc/darray.h
+guru/exp_test.o: include/pbc.h include/pbc_utils.h include/pbc_field.h
+guru/exp_test.o: include/pbc_param.h include/pbc_pairing.h
+guru/exp_test.o: include/pbc_curve.h include/pbc_mnt.h include/pbc_a1_param.h
+guru/exp_test.o: include/pbc_a_param.h include/pbc_d_param.h
+guru/exp_test.o: include/pbc_e_param.h include/pbc_f_param.h
+guru/exp_test.o: include/pbc_g_param.h include/pbc_i_param.h
+guru/exp_test.o: include/pbc_random.h include/pbc_memory.h include/pbc_test.h
+guru/prodpairing_test.o: include/pbc.h include/pbc_utils.h
+guru/prodpairing_test.o: include/pbc_field.h include/pbc_param.h
+guru/prodpairing_test.o: include/pbc_pairing.h include/pbc_curve.h
+guru/prodpairing_test.o: include/pbc_mnt.h include/pbc_a1_param.h
+guru/prodpairing_test.o: include/pbc_a_param.h include/pbc_d_param.h
+guru/prodpairing_test.o: include/pbc_e_param.h include/pbc_f_param.h
+guru/prodpairing_test.o: include/pbc_g_param.h include/pbc_i_param.h
+guru/prodpairing_test.o: include/pbc_random.h include/pbc_memory.h
+guru/prodpairing_test.o: include/pbc_test.h
diff --git a/moon-abe/pbc-0.5.14/test b/moon-abe/pbc-0.5.14/test
new file mode 100644
index 00000000..96cb1a09
--- /dev/null
+++ b/moon-abe/pbc-0.5.14/test
@@ -0,0 +1,24 @@
+#!/bin/bash
+
+function show_result() {
+ red=$'\e'"[31m"
+ green=$'\e'"[32;1m"
+ normal=$'\e'"[0m"
+ if [[ $1 != 0 ]]; then
+ echo $red"[FAILED]"$normal $t
+ else
+ echo $green"[PASSED]"$normal $t
+ fi
+}
+
+make test
+make pbc/pbc
+for t in pbc/pairing_test.pbc pbc/g2_test.pbc pbc/bilinear.test ; do
+ pbc/pbc $t > /dev/null
+ show_result $?
+done
+
+for t in guru/fp_test guru/quadratic_test guru/poly_test guru/prodpairing_test guru/ternary_extension_field_test guru/eta_T_3_test ; do
+ $t > /dev/null
+ show_result $?
+done