gmsm/sm9/generate.go

//go:build ignore
// +build ignore

package main

import (
	"bytes"
	"go/format"
	"io"
	"log"
	"os"
	"os/exec"
)

// Running this generator requires addchain v0.4.0, which can be installed with
//
//   go install github.com/mmcloughlin/addchain/cmd/addchain@v0.4.0
//

func main() {
	tmplAddchainFile, err := os.CreateTemp("", "addchain-template")
	if err != nil {
		log.Fatal(err)
	}
	defer os.Remove(tmplAddchainFile.Name())
	if _, err := io.WriteString(tmplAddchainFile, tmplAddchain); err != nil {
		log.Fatal(err)
	}
	if err := tmplAddchainFile.Close(); err != nil {
		log.Fatal(err)
	}
	log.Printf("Generating gfp_sqrt.go...")
	f, err := os.CreateTemp("", "addchain-gfp")
	if err != nil {
		log.Fatal(err)
	}
	defer os.Remove(f.Name())
	cmd := exec.Command("addchain", "search", "0x16c80000005474de3ac07569feb1d8e8a43e5269634f5ddb7cadf364fc6a28af")
	cmd.Stderr = os.Stderr
	cmd.Stdout = f
	if err := cmd.Run(); err != nil {
		log.Fatal(err)
	}
	if err := f.Close(); err != nil {
		log.Fatal(err)
	}
	cmd = exec.Command("addchain", "gen", "-tmpl", tmplAddchainFile.Name(), f.Name())
	cmd.Stderr = os.Stderr
	out, err := cmd.Output()
	if err != nil {
		log.Fatal(err)
	}
	out = bytes.Replace(out, []byte("Element"), []byte("gfP"), -1)
	out, err = format.Source(out)
	if err != nil {
		log.Fatal(err)
	}
	if err := os.WriteFile("gfp_sqrt.go", out, 0644); err != nil {
		log.Fatal(err)
	}
}

const tmplAddchain = `// Code generated by {{ .Meta.Name }}. DO NOT EDIT.
package bn256

// Sqrt sets e to a square root of x. If x is not a square, Sqrt returns
// false and e is unchanged. e and x can overlap.
func Sqrt(e, x *Element) (isSquare bool) {
	candidate, b, i := &gfP{}, &gfP{}, &gfP{}
	sqrtCandidate(candidate, x)
	gfpMul(b, twoExpPMinus5Over8, candidate) // b=ta1
	gfpMul(candidate, x, b)                  // a1=fb
	gfpMul(i, two, candidate)                // i=2(fb)
	gfpMul(i, i, b)                   // i=2(fb)b
	gfpSub(i, i, one)                 // i=2(fb)b-1
	gfpMul(i, candidate, i)                  // i=(fb)(2(fb)b-1)
	square := new(Element).Square(i)
	if square.Equal(x) != 1 {
		return false
	}
	e.Set(i)
	return true
}

// sqrtCandidate sets z to a square root candidate for x. z and x must not overlap.
func sqrtCandidate(z, x *Element) {
	// Since p = 8k+5, exponentiation by (p - 5) / 8 yields a square root candidate.
	//
	// The sequence of {{ .Ops.Adds }} multiplications and {{ .Ops.Doubles }} squarings is derived from the
	// following addition chain generated with {{ .Meta.Module }} {{ .Meta.ReleaseTag }}.
	//
	{{- range lines (format .Script) }}
	//	{{ . }}
	{{- end }}
	//
	{{- range .Program.Temporaries }}
	var {{ . }} = new(Element)
	{{- end }}
	{{ range $i := .Program.Instructions -}}
	{{- with add $i.Op }}
	{{ $i.Output }}.Mul({{ .X }}, {{ .Y }})
	{{- end -}}
	{{- with double $i.Op }}
	{{ $i.Output }}.Square({{ .X }})
	{{- end -}}
	{{- with shift $i.Op -}}
	{{- $first := 0 -}}
	{{- if ne $i.Output.Identifier .X.Identifier }}
	{{ $i.Output }}.Square({{ .X }})
	{{- $first = 1 -}}
	{{- end }}
	for s := {{ $first }}; s < {{ .S }}; s++ {
		{{ $i.Output }}.Square({{ $i.Output }})
	}
	{{- end -}}
	{{- end }}
}
`
sm9: improve gfP invert & sqrt performance 2023-04-29 10:30:57 +08:00			`//go:build ignore`
			`// +build ignore`

			`package main`

			`import (`
			`"bytes"`
			`"go/format"`
			`"io"`
			`"log"`
			`"os"`
			`"os/exec"`
			`)`

			`// Running this generator requires addchain v0.4.0, which can be installed with`
			`//`
			`// go install github.com/mmcloughlin/addchain/cmd/addchain@v0.4.0`
			`//`

			`func main() {`
			`tmplAddchainFile, err := os.CreateTemp("", "addchain-template")`
			`if err != nil {`
			`log.Fatal(err)`
			`}`
			`defer os.Remove(tmplAddchainFile.Name())`
			`if _, err := io.WriteString(tmplAddchainFile, tmplAddchain); err != nil {`
			`log.Fatal(err)`
			`}`
			`if err := tmplAddchainFile.Close(); err != nil {`
			`log.Fatal(err)`
			`}`
			`log.Printf("Generating gfp_sqrt.go...")`
			`f, err := os.CreateTemp("", "addchain-gfp")`
			`if err != nil {`
			`log.Fatal(err)`
			`}`
			`defer os.Remove(f.Name())`
			`cmd := exec.Command("addchain", "search", "0x16c80000005474de3ac07569feb1d8e8a43e5269634f5ddb7cadf364fc6a28af")`
			`cmd.Stderr = os.Stderr`
			`cmd.Stdout = f`
			`if err := cmd.Run(); err != nil {`
			`log.Fatal(err)`
			`}`
			`if err := f.Close(); err != nil {`
			`log.Fatal(err)`
			`}`
			`cmd = exec.Command("addchain", "gen", "-tmpl", tmplAddchainFile.Name(), f.Name())`
			`cmd.Stderr = os.Stderr`
			`out, err := cmd.Output()`
			`if err != nil {`
			`log.Fatal(err)`
			`}`
			`out = bytes.Replace(out, []byte("Element"), []byte("gfP"), -1)`
			`out, err = format.Source(out)`
			`if err != nil {`
			`log.Fatal(err)`
			`}`
			`if err := os.WriteFile("gfp_sqrt.go", out, 0644); err != nil {`
			`log.Fatal(err)`
			`}`
			`}`

			const tmplAddchain = `// Code generated by {{ .Meta.Name }}. DO NOT EDIT.
			`package bn256`

			`// Sqrt sets e to a square root of x. If x is not a square, Sqrt returns`
			`// false and e is unchanged. e and x can overlap.`
			`func Sqrt(e, x *Element) (isSquare bool) {`
			`candidate, b, i := &gfP{}, &gfP{}, &gfP{}`
			`sqrtCandidate(candidate, x)`
			`gfpMul(b, twoExpPMinus5Over8, candidate) // b=ta1`
			`gfpMul(candidate, x, b) // a1=fb`
			`gfpMul(i, two, candidate) // i=2(fb)`
			`gfpMul(i, i, b) // i=2(fb)b`
			`gfpSub(i, i, one) // i=2(fb)b-1`
			`gfpMul(i, candidate, i) // i=(fb)(2(fb)b-1)`
			`square := new(Element).Square(i)`
			`if square.Equal(x) != 1 {`
			`return false`
			`}`
			`e.Set(i)`
			`return true`
			`}`

			`// sqrtCandidate sets z to a square root candidate for x. z and x must not overlap.`
			`func sqrtCandidate(z, x *Element) {`
			`// Since p = 8k+5, exponentiation by (p - 5) / 8 yields a square root candidate.`
			`//`
			`// The sequence of {{ .Ops.Adds }} multiplications and {{ .Ops.Doubles }} squarings is derived from the`
			`// following addition chain generated with {{ .Meta.Module }} {{ .Meta.ReleaseTag }}.`
			`//`
			`{{- range lines (format .Script) }}`
			`// {{ . }}`
			`{{- end }}`
			`//`
			`{{- range .Program.Temporaries }}`
			`var {{ . }} = new(Element)`
			`{{- end }}`
			`{{ range $i := .Program.Instructions -}}`
			`{{- with add $i.Op }}`
			`{{ $i.Output }}.Mul({{ .X }}, {{ .Y }})`
			`{{- end -}}`
			`{{- with double $i.Op }}`
			`{{ $i.Output }}.Square({{ .X }})`
			`{{- end -}}`
			`{{- with shift $i.Op -}}`
			`{{- $first := 0 -}}`
			`{{- if ne $i.Output.Identifier .X.Identifier }}`
			`{{ $i.Output }}.Square({{ .X }})`
			`{{- $first = 1 -}}`
			`{{- end }}`
			`for s := {{ $first }}; s < {{ .S }}; s++ {`
			`{{ $i.Output }}.Square({{ $i.Output }})`
			`}`
			`{{- end -}}`
			`{{- end }}`
			`}`
			`