diff --git a/blscurve/blst/blst_abi.nim b/blscurve/blst/blst_abi.nim index e7bd6e3..a2db2d0 100644 --- a/blscurve/blst/blst_abi.nim +++ b/blscurve/blst/blst_abi.nim @@ -18,9 +18,9 @@ type HashOrEncode* {.size: sizeof(cint).} = enum # Licensed under the Apache License, Version 2.0, see LICENSE for details. # SPDX-License-Identifier: Apache-2.0 # ------------------------------------------------------------------------------------------------ -# Generated @ 2020-07-11T15:22:46+02:00 +# Generated @ 2024-07-26T17:51:41+02:00 # Command line: -# /.../.nimble/pkgs/nimterop-0.6.2/nimterop/toast -n -p --prefix=_ --typemap=bool=int32 -G=@\bin\b=src -G=@\bout\b=dst -o=blst/blst_abi_candidate.nim vendor/blst/bindings/blst.h +# ~/.nimble/pkgs2/nimterop-0.6.13/nimterop/toast -n -p --prefix=_ --typemap=bool=int32 -G=@\bin\b=src -G=@\bout\b=dst -o=blscurve/blst/blst_abi_candidate.nim vendor/blst/bindings/blst.h # const 'bool' has unsupported value '_Bool' {.push hint[ConvFromXtoItselfNotNeeded]: off.} @@ -67,6 +67,8 @@ macro defineEnum(typ: untyped): untyped = proc `dlrop`*(x: `typ`): string {.borrow.} proc `notop`*(x: `typ`): `typ` {.borrow.} + +{.experimental: "codeReordering".} defineEnum(BLST_ERROR) const BLST_SUCCESS* = (0).BLST_ERROR @@ -75,6 +77,8 @@ const BLST_POINT_NOT_IN_GROUP* = (BLST_POINT_NOT_ON_CURVE + 1).BLST_ERROR BLST_AGGR_TYPE_MISMATCH* = (BLST_POINT_NOT_IN_GROUP + 1).BLST_ERROR BLST_VERIFY_FAIL* = (BLST_AGGR_TYPE_MISMATCH + 1).BLST_ERROR + BLST_PK_IS_INFINITY* = (BLST_VERIFY_FAIL + 1).BLST_ERROR + BLST_BAD_SCALAR* = (BLST_PK_IS_INFINITY + 1).BLST_ERROR # Do not importc the types that are fully defined # otherwise they are improperly copied, for example @@ -118,7 +122,6 @@ type x*: blst_fp2 y*: blst_fp2 - cblst_pairing* {.importc: "blst_pairing", blstheader.} = object cblst_scalar* {.importc: "blst_scalar", blstheader.} = object cblst_fr* {.importc: "blst_fr", blstheader.} = object cblst_fp* {.importc: "blst_fp", blstheader.} = object @@ -129,6 +132,7 @@ type cblst_p1_affine* {.importc: "blst_p1_affine", blstheader.} = object cblst_p2* {.importc: "blst_p2", blstheader.} = object cblst_p2_affine* {.importc: "blst_p2_affine", blstheader.} = object + cblst_pairing* {.importc: "blst_pairing", blstheader.} = object template toCV*(v: untyped, t: typedesc): untyped = cast[ptr t](addr v) @@ -149,9 +153,10 @@ type # Since the definition is private to aggregate.c # we have to rewrite it in Nim. # - #ifndef N_MAX - # define N_MAX 8 - #endif + # #ifndef N_MAX + # # define N_MAX 8 + # #endif + # typedef union { POINTonE1 e1; POINTonE2 e2; } AggregatedSignature; # typedef struct { # unsigned int ctrl; @@ -181,16 +186,27 @@ var {.push cdecl, importc, header: headerPath.} -proc blst_scalar_from_uint32*(ret: ptr cblst_scalar; a: array[8, uint32]) -proc blst_uint32_from_scalar*(ret: ptr array[8, uint32]; a: ptr cblst_scalar) -proc blst_scalar_from_uint64*(ret: ptr cblst_scalar; a: array[4, uint64]) -proc blst_uint64_from_scalar*(ret: var array[4, uint64]; a: ptr cblst_scalar) -proc blst_scalar_from_bendian*(ret: ptr cblst_scalar; a: array[32, byte]) -proc blst_bendian_from_scalar*(ret: var array[32, byte]; a: ptr cblst_scalar) -proc blst_scalar_from_lendian*(ret: ptr cblst_scalar; a: array[32, byte]) -proc blst_lendian_from_scalar*(ret: var array[32, byte]; a: ptr cblst_scalar) +proc blst_scalar_from_uint32*(dst: ptr cblst_scalar; a: array[8, uint32]) +proc blst_uint32_from_scalar*(dst: var array[8, uint32]; a: ptr cblst_scalar) +proc blst_scalar_from_uint64*(dst: ptr cblst_scalar; a: array[4, uint64]) +proc blst_uint64_from_scalar*(dst: var array[4, uint64]; a: ptr cblst_scalar) +proc blst_scalar_from_bendian*(dst: ptr cblst_scalar; a: array[32, byte]) +proc blst_bendian_from_scalar*(dst: var array[32, byte]; a: ptr cblst_scalar) +proc blst_scalar_from_lendian*(dst: ptr cblst_scalar; a: array[32, byte]) +proc blst_lendian_from_scalar*(dst: var array[32, byte]; a: ptr cblst_scalar) proc blst_scalar_fr_check*(a: ptr cblst_scalar): CTbool proc blst_sk_check*(a: ptr cblst_scalar): CTbool +proc blst_sk_add_n_check*(dst: ptr cblst_scalar; a: ptr cblst_scalar; + b: ptr cblst_scalar): CTbool +proc blst_sk_sub_n_check*(dst: ptr cblst_scalar; a: ptr cblst_scalar; + b: ptr cblst_scalar): CTbool +proc blst_sk_mul_n_check*(dst: ptr cblst_scalar; a: ptr cblst_scalar; + b: ptr cblst_scalar): CTbool +proc blst_sk_inverse*(dst: ptr cblst_scalar; a: ptr cblst_scalar) +proc blst_scalar_from_le_bytes*[T: byte|char](dst: ptr cblst_scalar; + src: openArray[T]): CTbool +proc blst_scalar_from_be_bytes*[T: byte|char](dst: ptr cblst_scalar; + src: openArray[T]): CTbool # BLS12-381-specific Fr operations (Modulo curve order) proc blst_fr_add*(ret: ptr cblst_fr; a: ptr cblst_fr; b: ptr cblst_fr) @@ -200,12 +216,13 @@ proc blst_fr_lshift*(ret: ptr cblst_fr; a: ptr cblst_fr; count: uint) proc blst_fr_rshift*(ret: ptr cblst_fr; a: ptr cblst_fr; count: uint) proc blst_fr_mul*(ret: ptr cblst_fr; a: ptr cblst_fr; b: ptr cblst_fr) proc blst_fr_sqr*(ret: ptr cblst_fr; a: ptr cblst_fr) -proc blst_fr_cneg*(ret: ptr cblst_fr; a: ptr cblst_fr; flag: uint) -proc blst_fr_eucl_inverse*(ret: ptr cblst_fr, a: ptr cblst_fr) -proc blst_fr_from_uint64*(ret: ptr cblst_fr, a: array[4, uint64]) -proc blst_uint64_from_fr*(ret: var array[4, uint64], a: ptr cblst_fr) +proc blst_fr_cneg*(ret: ptr cblst_fr; a: ptr cblst_fr; flag: bool) +proc blst_fr_eucl_inverse*(ret: ptr cblst_fr; a: ptr cblst_fr) +proc blst_fr_inverse*(ret: ptr cblst_fr; a: ptr cblst_fr) +proc blst_fr_from_uint64*(ret: ptr cblst_fr; a: array[4, uint64]) +proc blst_uint64_from_fr*(ret: var array[4, uint64]; a: ptr cblst_fr) proc blst_fr_from_scalar*(ret: ptr cblst_fr; a: ptr cblst_scalar) -proc blst_scalar_from_fr*(ret: ptr cblst_scalar, a: ptr cblst_fr) +proc blst_scalar_from_fr*(ret: ptr cblst_scalar; a: ptr cblst_fr) # BLS12-381-specific Fp operations (Modulo BLS12-381 prime) proc blst_fp_add*(ret: ptr cblst_fp; a: ptr cblst_fp; b: ptr cblst_fp) @@ -215,7 +232,7 @@ proc blst_fp_mul_by_8*(ret: ptr cblst_fp; a: ptr cblst_fp) proc blst_fp_lshift*(ret: ptr cblst_fp; a: ptr cblst_fp; count: uint) proc blst_fp_mul*(ret: ptr cblst_fp; a: ptr cblst_fp; b: ptr cblst_fp) proc blst_fp_sqr*(ret: ptr cblst_fp; a: ptr cblst_fp) -proc blst_fp_cneg*(ret: ptr cblst_fp; a: ptr cblst_fp; flag: uint) +proc blst_fp_cneg*(ret: ptr cblst_fp; a: ptr cblst_fp; flag: bool) proc blst_fp_eucl_inverse*(ret: ptr cblst_fp; a: ptr cblst_fp) proc blst_fp_inverse*(ret: ptr cblst_fp; a: ptr cblst_fp) proc blst_fp_sqrt*(ret: ptr cblst_fp; a: ptr cblst_fp): CTbool @@ -236,7 +253,7 @@ proc blst_fp2_mul_by_8*(ret: ptr cblst_fp2; a: ptr cblst_fp2) proc blst_fp2_lshift*(ret: ptr cblst_fp2; a: ptr cblst_fp2; count: uint) proc blst_fp2_mul*(ret: ptr cblst_fp2; a: ptr cblst_fp2; b: ptr cblst_fp2) proc blst_fp2_sqr*(ret: ptr cblst_fp2; a: ptr cblst_fp2) -proc blst_fp2_cneg*(ret: ptr cblst_fp2; a: ptr cblst_fp2; flag: uint) +proc blst_fp2_cneg*(ret: ptr cblst_fp2; a: ptr cblst_fp2; flag: bool) proc blst_fp2_eucl_inverse*(ret: ptr cblst_fp2; a: ptr cblst_fp2) proc blst_fp2_inverse*(ret: ptr cblst_fp2; a: ptr cblst_fp2) proc blst_fp2_sqrt*(ret: ptr cblst_fp2; a: ptr cblst_fp2): CTbool @@ -245,74 +262,122 @@ proc blst_fp2_sqrt*(ret: ptr cblst_fp2; a: ptr cblst_fp2): CTbool proc blst_fp12_sqr*(ret: ptr cblst_fp12; a: ptr cblst_fp12) proc blst_fp12_cyclotomic_sqr*(ret: ptr cblst_fp12; a: ptr cblst_fp12) proc blst_fp12_mul*(ret: ptr cblst_fp12; a: ptr cblst_fp12; b: ptr cblst_fp12) -proc blst_fp12_mul_by_xy00z0*(ret: ptr cblst_fp12; a: ptr cblst_fp12; xy00z0: ptr cblst_fp6) +proc blst_fp12_mul_by_xy00z0*(ret: ptr cblst_fp12; a: ptr cblst_fp12; + xy00z0: ptr cblst_fp6) proc blst_fp12_conjugate*(a: ptr cblst_fp12) proc blst_fp12_inverse*(ret: ptr cblst_fp12; a: ptr cblst_fp12) proc blst_fp12_frobenius_map*(ret: ptr cblst_fp12; a: ptr cblst_fp12; n: uint) ## caveat lector! |n| has to be non-zero and not more than 3! proc blst_fp12_is_equal*(a: ptr cblst_fp12; b: ptr cblst_fp12): CTbool proc blst_fp12_is_one*(a: ptr cblst_fp12): CTbool +proc blst_fp12_in_group*(a: ptr cblst_fp12): CTbool proc blst_fp12_one*(): ptr cblst_fp12 # BLS12-381-specific G1 operations. proc blst_p1_add*(dst: ptr cblst_p1; a: ptr cblst_p1; b: ptr cblst_p1) proc blst_p1_add_or_double*(dst: ptr cblst_p1; a: ptr cblst_p1; b: ptr cblst_p1) proc blst_p1_add_affine*(dst: ptr cblst_p1; a: ptr cblst_p1; b: ptr cblst_p1_affine) -proc blst_p1_add_or_double_affine*(dst: ptr cblst_p1; a: ptr cblst_p1; b: ptr cblst_p1_affine) +proc blst_p1_add_or_double_affine*(dst: ptr cblst_p1; a: ptr cblst_p1; + b: ptr cblst_p1_affine) proc blst_p1_double*(dst: ptr cblst_p1; a: ptr cblst_p1) -proc blst_p1_mult*(dst: ptr cblst_p1; p: ptr cblst_p1; scalar: ptr byte; nbits: uint) -proc blst_p1_cneg*(p: ptr cblst_p1; cbit: uint) +proc blst_p1_mult*(dst: ptr cblst_p1; p: ptr cblst_p1; + scalar: ptr byte; nbits: uint) +proc blst_p1_cneg*(p: ptr cblst_p1; cbit: bool) proc blst_p1_to_affine*(dst: ptr cblst_p1_affine; src: ptr cblst_p1) proc blst_p1_from_affine*(dst: ptr cblst_p1; src: ptr cblst_p1_affine) proc blst_p1_on_curve*(p: ptr cblst_p1): CTbool proc blst_p1_in_g1*(p: ptr cblst_p1): CTbool -proc blst_p1_is_equal*(a: ptr cblst_p1, b: ptr cblst_p1): CTbool +proc blst_p1_is_equal*(a: ptr cblst_p1; b: ptr cblst_p1): CTbool proc blst_p1_is_inf*(a: ptr cblst_p1): CTbool +proc blst_p1_generator*(): ptr cblst_p1 proc blst_p1_affine_on_curve*(p: ptr cblst_p1_affine): CTbool proc blst_p1_affine_in_g1*(p: ptr cblst_p1_affine): CTbool proc blst_p1_affine_is_equal*(a: ptr cblst_p1_affine; b: ptr cblst_p1_affine): CTbool proc blst_p1_affine_is_inf*(a: ptr cblst_p1_affine): CTbool -proc blst_p1_generator*(): ptr cblst_p1 +proc blst_p1_affine_generator*(): ptr cblst_p1_affine # BLS12-381-specific G2 operations. proc blst_p2_add*(dst: ptr cblst_p2; a: ptr cblst_p2; b: ptr cblst_p2) proc blst_p2_add_or_double*(dst: ptr cblst_p2; a: ptr cblst_p2; b: ptr cblst_p2) proc blst_p2_add_affine*(dst: ptr cblst_p2; a: ptr cblst_p2; b: ptr cblst_p2_affine) -proc blst_p2_add_or_double_affine*(dst: ptr cblst_p2; a: ptr cblst_p2; b: ptr cblst_p2_affine) +proc blst_p2_add_or_double_affine*(dst: ptr cblst_p2; a: ptr cblst_p2; + b: ptr cblst_p2_affine) proc blst_p2_double*(dst: ptr cblst_p2; a: ptr cblst_p2) -proc blst_p2_mult*(dst: ptr cblst_p2; p: ptr cblst_p2; scalar: ptr byte; nbits: uint) -proc blst_p2_cneg*(p: ptr cblst_p2; cbit: uint) +proc blst_p2_mult*(dst: ptr cblst_p2; p: ptr cblst_p2; + scalar: ptr byte; nbits: uint) +proc blst_p2_cneg*(p: ptr cblst_p2; cbit: bool) proc blst_p2_to_affine*(dst: ptr cblst_p2_affine; src: ptr cblst_p2) proc blst_p2_from_affine*(dst: ptr cblst_p2; src: ptr cblst_p2_affine) proc blst_p2_on_curve*(p: ptr cblst_p2): CTbool proc blst_p2_in_g2*(p: ptr cblst_p2): CTbool -proc blst_p2_is_equal*(a: ptr cblst_p2, b: ptr cblst_p2): CTbool +proc blst_p2_is_equal*(a: ptr cblst_p2; b: ptr cblst_p2): CTbool proc blst_p2_is_inf*(a: ptr cblst_p2): CTbool +proc blst_p2_generator*(): ptr cblst_p2 proc blst_p2_affine_on_curve*(p: ptr cblst_p2_affine): CTbool proc blst_p2_affine_in_g2*(p: ptr cblst_p2_affine): CTbool proc blst_p2_affine_is_equal*(a: ptr cblst_p2_affine; b: ptr cblst_p2_affine): CTbool proc blst_p2_affine_is_inf*(a: ptr cblst_p2_affine): CTbool -proc blst_p2_generator*(): ptr cblst_p2 +proc blst_p2_affine_generator*(): ptr cblst_p2_affine + +# Multi-scalar multiplications and other multi-point operations. +proc blst_p1s_to_affine*(dst: UncheckedArray[cblst_p1_affine]; points: cblst_p1; + npoints: uint) +proc blst_p1s_add*(ret: ptr cblst_p1; points: cblst_p1_affine; npoints: uint) +proc blst_p1s_mult_wbits_precompute_sizeof*(wbits: uint; npoints: uint): uint +proc blst_p1s_mult_wbits_precompute*(table: UncheckedArray[cblst_p1_affine]; + wbits: uint; points: cblst_p1_affine; + npoints: uint) +proc blst_p1s_mult_wbits_scratch_sizeof*(npoints: uint): uint +proc blst_p1s_mult_wbits*(ret: ptr cblst_p1; + table: UncheckedArray[cblst_p1_affine]; wbits: uint; + npoints: uint; scalars: byte; nbits: uint; + scratch: ptr limb_t) +proc blst_p1s_mult_pippenger_scratch_sizeof*(npoints: uint): uint +proc blst_p1s_mult_pippenger*(ret: ptr cblst_p1; points: cblst_p1_affine; + npoints: uint; scalars: byte; nbits: uint; + scratch: ptr limb_t) +proc blst_p1s_tile_pippenger*(ret: ptr cblst_p1; points: cblst_p1_affine; + npoints: uint; scalars: byte; nbits: uint; + scratch: ptr limb_t; bit0: uint; window: uint) +proc blst_p2s_to_affine*(dst: UncheckedArray[cblst_p2_affine]; points: cblst_p2; + npoints: uint) +proc blst_p2s_add*(ret: ptr cblst_p2; points: cblst_p2_affine; npoints: uint) +proc blst_p2s_mult_wbits_precompute_sizeof*(wbits: uint; npoints: uint): uint +proc blst_p2s_mult_wbits_precompute*(table: UncheckedArray[cblst_p2_affine]; + wbits: uint; points: cblst_p2_affine; + npoints: uint) +proc blst_p2s_mult_wbits_scratch_sizeof*(npoints: uint): uint +proc blst_p2s_mult_wbits*(ret: ptr cblst_p2; + table: UncheckedArray[cblst_p2_affine]; wbits: uint; + npoints: uint; scalars: byte; nbits: uint; + scratch: ptr limb_t) +proc blst_p2s_mult_pippenger_scratch_sizeof*(npoints: uint): uint +proc blst_p2s_mult_pippenger*(ret: ptr cblst_p2; points: cblst_p2_affine; + npoints: uint; scalars: byte; nbits: uint; + scratch: ptr limb_t) +proc blst_p2s_tile_pippenger*(ret: ptr cblst_p2; points: cblst_p2_affine; + npoints: uint; scalars: byte; nbits: uint; + scratch: ptr limb_t; bit0: uint; window: uint) # Hash-to-curve operations. proc blst_map_to_g1*(dst: ptr cblst_p1; u: ptr cblst_fp; v: ptr cblst_fp) proc blst_map_to_g2*(dst: ptr cblst_p2; u: ptr cblst_fp2; v: ptr cblst_fp2) proc blst_encode_to_g1*[T,U,V: byte|char](dst: ptr cblst_p1; - msg: openArray[T]; - domainSepTag: openArray[U]; - aug: openArray[V]) + msg: openArray[T]; + DST: openArray[U]; + aug: openArray[V]) proc blst_hash_to_g1*[T,U,V: byte|char](dst: ptr cblst_p1; - msg: openArray[T]; - domainSepTag: openArray[U]; - aug: openArray[V]) + msg: openArray[T]; + DST: openArray[U]; + aug: openArray[V]) proc blst_encode_to_g2*[T,U,V: byte|char](dst: ptr cblst_p2; - msg: openArray[T]; - domainSepTag: openArray[U]; - aug: openArray[V]) + msg: openArray[T]; + DST: openArray[U]; + aug: openArray[V]) proc blst_hash_to_g2*[T,U,V: byte|char](dst: ptr cblst_p2; - msg: openArray[T]; - domainSepTag: openArray[U]; - aug: openArray[V]) + msg: openArray[T]; + DST: openArray[U]; + aug: openArray[V]) # Zcash-compatible serialization/deserialization. proc blst_p1_serialize*(dst: var array[96, byte]; src: ptr cblst_p1) @@ -327,7 +392,6 @@ proc blst_p2_affine_serialize*(dst: var array[192, byte]; src: ptr cblst_p2_affi proc blst_p2_affine_compress*(dst: var array[96, byte]; src: ptr cblst_p2_affine) proc blst_p2_uncompress*(dst: ptr cblst_p2_affine; src: array[96, byte]): BLST_ERROR proc blst_p2_deserialize*(dst: ptr cblst_p2_affine; src: array[192, byte]): BLST_ERROR -proc blst_keygen*[T,U: byte|char](out_SK: ptr cblst_scalar; IKM: openArray[T]; info: openArray[U]) # Specification defines two variants, 'minimal-signature-size' and # 'minimal-pubkey-size'. To unify appearance we choose to distinguish @@ -338,12 +402,17 @@ proc blst_keygen*[T,U: byte|char](out_SK: ptr cblst_scalar; IKM: openArray[T]; i # turn a little odd. # Secret-key operations. +proc blst_keygen*[T,U: byte|char](out_SK: ptr cblst_scalar; + IKM: openArray[T]; + info: openArray[U]) proc blst_sk_to_pk_in_g1*(out_pk: ptr cblst_p1; SK: ptr cblst_scalar) -proc blst_sign_pk_in_g1*(out_sig: ptr cblst_p2; hash: ptr cblst_p2; SK: ptr cblst_scalar) +proc blst_sign_pk_in_g1*(out_sig: ptr cblst_p2; hash: ptr cblst_p2; + SK: ptr cblst_scalar) proc blst_sk_to_pk_in_g2*(out_pk: ptr cblst_p2; SK: ptr cblst_scalar) -proc blst_sign_pk_in_g2*(out_sig: ptr cblst_p1; hash: ptr cblst_p1; SK: ptr cblst_scalar) +proc blst_sign_pk_in_g2*(out_sig: ptr cblst_p1; hash: ptr cblst_p1; + SK: ptr cblst_scalar) -# Pairing interface +# Pairing interface. # # Usage pattern on single-processor system is # @@ -375,108 +444,88 @@ proc blst_sign_pk_in_g2*(out_sig: ptr cblst_p1; hash: ptr cblst_p1; SK: ptr cbls # ... # blst_pairing_finalverify(pk[0], gtsig); -proc blst_miller_loop*(ret: ptr cblst_fp12; Q: ptr cblst_p2_affine; P: ptr cblst_p1_affine) +proc blst_miller_loop*(ret: ptr cblst_fp12; Q: ptr cblst_p2_affine; + P: ptr cblst_p1_affine) +proc blst_miller_loop_n*(ret: ptr cblst_fp12; Qs: cblst_p2_affine; + Ps: cblst_p1_affine; n: uint) proc blst_final_exp*(ret: ptr cblst_fp12; f: ptr cblst_fp12) proc blst_precompute_lines*(Qlines: var array[68, cblst_fp6]; Q: ptr cblst_p2_affine) -proc blst_miller_loop_lines*(ret: ptr cblst_fp12; Qlines: array[68, cblst_fp6]; P: ptr cblst_p1_affine) +proc blst_miller_loop_lines*(ret: ptr cblst_fp12; Qlines: array[68, cblst_fp6]; + P: ptr cblst_p1_affine) +proc blst_fp12_finalverify*(gt1: ptr cblst_fp12; gt2: ptr cblst_fp12): CTbool proc blst_pairing_sizeof*(): uint -proc blst_pairing_init*[T: byte|char](new_ctx: ptr cblst_pairing, - hash_or_encode: HashOrEncode, - domainSepTag: openArray[T]) +proc blst_pairing_init*[T: byte|char](new_ctx: ptr cblst_pairing; + hash_or_encode: HashOrEncode; + DST: openArray[T]) proc blst_pairing_get_dst*(ctx: ptr cblst_pairing): ptr UncheckedArray[byte] proc blst_pairing_commit*(ctx: ptr cblst_pairing) -proc blst_pairing_aggregate_pk_in_g2*[T,U: byte|char]( - ctx: ptr cblst_pairing; - PK: ptr cblst_p2_affine; - signature: ptr cblst_p1_affine; - msg: openArray[T]; - aug: openArray[U]): BLST_ERROR -proc blst_pairing_chk_n_aggr_pk_in_g2*[T,U: byte|char]( - ctx: ptr cblst_pairing, - PK: ptr cblst_p2_affine, - pk_grpchk: bool, - signature: ptr cblst_p1_affine, - sig_grpchk: bool, - msg: openArray[T], - aug: openArray[U] - ): BLST_ERROR -proc blst_pairing_mul_n_aggregate_pk_in_g2*[T,U: byte|char]( - ctx: ptr cblst_pairing; - PK: ptr cblst_p2_affine; - sig: ptr cblst_p1_affine; - scalar: ptr cblst_scalar, nbits: uint, - msg: openArray[T]; - aug: openArray[U] - ): BLST_ERROR -proc blst_pairing_chk_n_mul_n_aggr_pk_in_g2*[T,U: byte|char]( - ctx: ptr cblst_pairing, - PK: ptr cblst_p2_affine, - pk_grpchk: bool, - signature: ptr cblst_p1_affine, - sig_grpchk: bool, - scalar: ptr cblst_scalar, nbits: uint, - msg: openArray[T]; - aug: openArray[U] - ): BLST_ERROR -proc blst_pairing_aggregate_pk_in_g1*[T,U: byte|char]( - ctx: ptr cblst_pairing; - PK: ptr cblst_p1_affine; - signature: ptr cblst_p2_affine; - msg: openArray[T]; - aug: openArray[U]): BLST_ERROR -proc blst_pairing_chk_n_aggr_pk_in_g1*[T,U: byte|char]( - ctx: ptr cblst_pairing, - PK: ptr cblst_p1_affine, - pk_grpchk: bool, - signature: ptr cblst_p2_affine, - sig_grpchk: bool, - msg: openArray[T], - aug: openArray[U] - ): BLST_ERROR -proc blst_pairing_mul_n_aggregate_pk_in_g1*[T,U: byte|char]( - ctx: ptr cblst_pairing; - PK: ptr cblst_p1_affine; - sig: ptr cblst_p2_affine; - hash: ptr cblst_p2_affine; - scalar: ptr cblst_scalar, nbits: uint, - msg: openArray[T]; - aug: openArray[U] - ): BLST_ERROR -proc blst_pairing_chk_n_mul_n_aggr_pk_in_g1*[T,U: byte|char]( - ctx: ptr cblst_pairing, - PK: ptr cblst_p1_affine, - pk_grpchk: bool, - signature: ptr cblst_p2_affine, - sig_grpchk: bool, - scalar: ptr byte, nbits: uint, - msg: openArray[T], - aug: openArray[U] - ): BLST_ERROR +proc blst_pairing_aggregate_pk_in_g2*[T,U: byte|char](ctx: ptr cblst_pairing; + PK: ptr cblst_p2_affine; + signature: ptr cblst_p1_affine; + msg: openArray[T]; + aug: openArray[U]): BLST_ERROR +proc blst_pairing_chk_n_aggr_pk_in_g2*[T,U: byte|char](ctx: ptr cblst_pairing; + PK: ptr cblst_p2_affine; + pk_grpchk: bool; + signature: ptr cblst_p1_affine; + sig_grpchk: bool; + msg: openArray[T]; + aug: openArray[U]): BLST_ERROR +proc blst_pairing_mul_n_aggregate_pk_in_g2*[T,U: byte|char](ctx: ptr cblst_pairing; + PK: ptr cblst_p2_affine; sig: ptr cblst_p1_affine; + scalar: ptr byte; nbits: uint; + msg: openArray[T]; aug: openArray[U]): BLST_ERROR +proc blst_pairing_chk_n_mul_n_aggr_pk_in_g2*[T,U: byte|char](ctx: ptr cblst_pairing; + PK: ptr cblst_p2_affine; pk_grpchk: bool; sig: ptr cblst_p1_affine; + sig_grpchk: bool; scalar: ptr byte; nbits: uint; + msg: openArray[T]; aug: openArray[U]): BLST_ERROR +proc blst_pairing_aggregate_pk_in_g1*[T,U: byte|char](ctx: ptr cblst_pairing; + PK: ptr cblst_p1_affine; + signature: ptr cblst_p2_affine; + msg: openArray[T]; + aug: openArray[U]): BLST_ERROR +proc blst_pairing_chk_n_aggr_pk_in_g1*[T,U: byte|char](ctx: ptr cblst_pairing; + PK: ptr cblst_p1_affine; + pk_grpchk: bool; + signature: ptr cblst_p2_affine; + sig_grpchk: bool; + msg: openArray[T]; + aug: openArray[U]): BLST_ERROR +proc blst_pairing_mul_n_aggregate_pk_in_g1*[T,U: byte|char](ctx: ptr cblst_pairing; + PK: ptr cblst_p1_affine; sig: ptr cblst_p2_affine; + scalar: ptr byte; nbits: uint; + msg: openArray[T]; aug: openArray[U]): BLST_ERROR +proc blst_pairing_chk_n_mul_n_aggr_pk_in_g1*[T,U: byte|char](ctx: ptr cblst_pairing; + PK: ptr cblst_p1_affine; pk_grpchk: bool; sig: ptr cblst_p2_affine; + sig_grpchk: bool; scalar: ptr byte; nbits: uint; + msg: openArray[T]; aug: openArray[U]): BLST_ERROR proc blst_pairing_merge*(ctx: ptr cblst_pairing; ctx1: ptr cblst_pairing): BLST_ERROR proc blst_pairing_finalverify*(ctx: ptr cblst_pairing; gtsig: ptr cblst_fp12): CTbool -# Customarily applications aggregate signatures separately. -# In which case application would have to pass NULLs for |signature| -# to blst_pairing_aggregate calls and pass aggregated signature -# collected with these calls to blst_pairing_finalverify. Inputs are -# Zcash-compatible "straight-from-wire" byte vectors, compressed or -# not. -proc blst_aggregate_in_g1*(dst: ptr cblst_p1; src: ptr cblst_p1; zwire: ptr byte): BLST_ERROR -proc blst_aggregate_in_g2*(dst: ptr cblst_p2; src: ptr cblst_p2; zwire: ptr byte): BLST_ERROR +# Customarily applications aggregate signatures separately. +# In which case application would have to pass NULLs for |signature| +# to blst_pairing_aggregate calls and pass aggregated signature +# collected with these calls to blst_pairing_finalverify. Inputs are +# Zcash-compatible "straight-from-wire" byte vectors, compressed or +# not. +proc blst_aggregate_in_g1*(dst: ptr cblst_p1; src: ptr cblst_p1; + zwire: ptr byte): BLST_ERROR +proc blst_aggregate_in_g2*(dst: ptr cblst_p2; src: ptr cblst_p2; + zwire: ptr byte): BLST_ERROR proc blst_aggregated_in_g1*(dst: ptr cblst_fp12; signature: ptr cblst_p1_affine) proc blst_aggregated_in_g2*(dst: ptr cblst_fp12; signature: ptr cblst_p2_affine) # "One-shot" CoreVerify entry points. proc blst_core_verify_pk_in_g1*[T,U,V: byte|char](pk: ptr cblst_p1_affine; - signature: ptr cblst_p2_affine; - hash_or_encode: HashOrEncode; - msg: openArray[T]; - domainSepTag: openArray[U]; - aug: openArray[V]): BLST_ERROR + signature: ptr cblst_p2_affine; + hash_or_encode: HashOrEncode; + msg: openArray[T]; + DST: openArray[U]; + aug: openArray[V]): BLST_ERROR proc blst_core_verify_pk_in_g2*[T,U,V: byte|char](pk: ptr cblst_p2_affine; - signature: ptr cblst_p1_affine; - hash_or_encode: HashOrEncode; - msg: openArray[T]; - domainSepTag: openArray[U]; - aug: openArray[V]): BLST_ERROR + signature: ptr cblst_p1_affine; + hash_or_encode: HashOrEncode; + msg: openArray[T]; + DST: openArray[U]; + aug: openArray[V]): BLST_ERROR {.pop.} diff --git a/blscurve/blst/blst_min_pubkey_sig_core.nim b/blscurve/blst/blst_min_pubkey_sig_core.nim index c6d1c9f..c5d9d6e 100644 --- a/blscurve/blst/blst_min_pubkey_sig_core.nim +++ b/blscurve/blst/blst_min_pubkey_sig_core.nim @@ -203,7 +203,7 @@ template genAggregatorProcedures( agg.aggregate(elems.toOpenArray(1, elems.high)) `blst _ p1_or_p2 _ cneg`( toCV(agg.point, `cblst _ p1_or_p2`), - cbit = 1 + cbit = true ) agg.aggregate(dst) dst.finish(agg) diff --git a/tests/t_batch_verifier.nim b/tests/t_batch_verifier.nim index f515e48..f54716d 100644 --- a/tests/t_batch_verifier.nim +++ b/tests/t_batch_verifier.nim @@ -178,7 +178,10 @@ proc genForgedPair(batch: var seq[SignatureSet], # 1. Create -S'. Note: if P has elliptic affine coordinates (x, y) then -P is (x, -y) var neg_sigp = sigp let neg_sigp_ptr = cast[ptr blst_p2_affine](neg_sigp.addr) - blst_fp2_cneg(toCV(neg_sigp_ptr[].y, cblst_fp2), toCC(neg_sigp_ptr[].y, cblst_fp2), 1) + blst_fp2_cneg( + toCV(neg_sigp_ptr[].y, cblst_fp2), + toCC(neg_sigp_ptr[].y, cblst_fp2), + flag = true) # 2. Forge signatures S1+S' and S2-S' var forgedSig1s, forgedSig2ns: Signature