From 0ee81770791000ed0623219421ea176024ccf29e Mon Sep 17 00:00:00 2001
From: Sun Yimin <emmansun@users.noreply.github.com>
Date: Thu, 27 Jul 2023 15:59:52 +0800
Subject: [PATCH] sm9/bn256: gfp2MulU1

---
 sm9/bn256/g1_test.go         |  3 +++
 sm9/bn256/gfp12_test.go      |  1 +
 sm9/bn256/gfp2.go            |  7 +-----
 sm9/bn256/gfp2_g1_amd64.s    | 29 ++++++++++++++++++++++++
 sm9/bn256/gfp2_g1_arm64.s    | 23 +++++++++++++++++++
 sm9/bn256/gfp2_g1_decl.go    |  5 +++++
 sm9/bn256/gfp2_g1_generic.go |  9 ++++++++
 sm9/bn256/gfp2_test.go       | 43 ++++++++++++++++++++++++++++++++++++
 sm9/bn256/gfp4_test.go       |  3 ++-
 sm9/bn256/gfp_test.go        |  1 +
 10 files changed, 117 insertions(+), 7 deletions(-)

diff --git a/sm9/bn256/g1_test.go b/sm9/bn256/g1_test.go
index 1e7bb3e..770b88a 100644
--- a/sm9/bn256/g1_test.go
+++ b/sm9/bn256/g1_test.go
@@ -44,6 +44,7 @@ func TestCurvePointDouble(t *testing.T) {
 }
 
 func TestCurvePointDobuleComplete(t *testing.T) {
+	t.Parallel()
 	t.Run("normal case", func(t *testing.T) {
 		p2 := &curvePoint{}
 		p2.DoubleComplete(curveGen)
@@ -71,6 +72,7 @@ func TestCurvePointDobuleComplete(t *testing.T) {
 }
 
 func TestCurvePointAddComplete(t *testing.T) {
+	t.Parallel()
 	t.Run("normal case", func(t *testing.T) {
 		p1 := &curvePoint{}
 		curvePointDouble(p1, curveGen)
@@ -737,4 +739,5 @@ func BenchmarkDoublePoint(b *testing.B) {
 			curvePointDouble(p2, curveGen)
 		}
 	})
+	
 }
diff --git a/sm9/bn256/gfp12_test.go b/sm9/bn256/gfp12_test.go
index 8d4b4f2..543e7b8 100644
--- a/sm9/bn256/gfp12_test.go
+++ b/sm9/bn256/gfp12_test.go
@@ -28,6 +28,7 @@ func TestGfp12BasicOperations(t *testing.T) {
 		*(&gfP4{}).SetZero(),
 	}
 
+	t.Parallel()
 	t.Run("Add", func(t *testing.T) {
 		expectedAdd := "(((6a6225e56e1acd7c5ae45b0f1b63733de799936987c8f38dd16bcddc6b500bcf, 0db9e03175ebe2b21be74db56d03e143dbd835729d7291fa6694b22536746fa1), (4d8891878c3113b4665011d7b24f278d4c1b54a22ec093840a00c030b5c239f9, 21092bc181ec5d9c488aac3c5feef9b725f7568b42b4794f807e271f22e38494)), ((6a6225e56e1acd7c5ae45b0f1b63733de799936987c8f38dd16bcddc6b500bcf, 0db9e03175ebe2b21be74db56d03e143dbd835729d7291fa6694b22536746fa1), (4d8891878c3113b4665011d7b24f278d4c1b54a22ec093840a00c030b5c239f9, 21092bc181ec5d9c488aac3c5feef9b725f7568b42b4794f807e271f22e38494)), ((0000000000000000000000000000000000000000000000000000000000000000, 0000000000000000000000000000000000000000000000000000000000000000), (0000000000000000000000000000000000000000000000000000000000000000, 49bffffffd5c590e29fc54b00a7138bade0d6cb4e58511241a9064d81caeba83)))"
 		got := &gfP12{}
diff --git a/sm9/bn256/gfp2.go b/sm9/bn256/gfp2.go
index d029b51..abeee0b 100644
--- a/sm9/bn256/gfp2.go
+++ b/sm9/bn256/gfp2.go
@@ -135,12 +135,7 @@ func (e *gfP2) MulU(a, b *gfP2) *gfP2 {
 // c1 = a0
 // c0 = -2a1
 func (e *gfP2) MulU1(a *gfP2) *gfP2 {
-	t := &gfP{}
-	gfpDouble(t, &a.x)
-	gfpNeg(t, t)
-
-	gfpCopy(&e.x, &a.y)
-	gfpCopy(&e.y, t)
+	gfp2MulU1(e, a)
 	return e
 }
 
diff --git a/sm9/bn256/gfp2_g1_amd64.s b/sm9/bn256/gfp2_g1_amd64.s
index 3eb0819..42af570 100644
--- a/sm9/bn256/gfp2_g1_amd64.s
+++ b/sm9/bn256/gfp2_g1_amd64.s
@@ -1197,6 +1197,35 @@ TEXT ·gfp2MulU(SB),NOSPLIT,$256-24
 #undef cxout
 #undef rptr
 
+TEXT ·gfp2MulU1(SB),NOSPLIT,$0-16
+	// Move input to stack in order to free registers
+	MOVQ res+0(FP), mul1
+	MOVQ in1+8(FP), AX
+
+	//LDacc (axin)
+	MOVOU (16*2)(AX), X2
+	MOVOU (16*3)(AX), X3
+	MOVQ (16*0 + 8*0)(AX), acc4
+	MOVQ (16*0 + 8*1)(AX), acc5
+	MOVQ (16*0 + 8*2)(AX), acc6
+	MOVQ (16*0 + 8*3)(AX), acc7
+
+	gfpMulBy2Inline
+	XORQ acc4, acc4
+	XORQ acc5, acc5
+	XORQ acc6, acc6
+	XORQ acc7, acc7
+	CALL gfpSubInternal(SB)
+
+	MOVOU X2, (16*0)(mul1)
+	MOVOU X3, (16*1)(mul1)
+	MOVQ acc4, (16*2 + 8*0)(mul1)
+	MOVQ acc5, (16*2 + 8*1)(mul1)
+	MOVQ acc6, (16*2 + 8*2)(mul1)
+	MOVQ acc7, (16*2 + 8*3)(mul1)
+
+	RET
+
 #define axin(off) (32*0 + off)(SP)
 #define ayin(off) (32*1 + off)(SP)
 #define cxout(off) (32*2 + off)(SP)
diff --git a/sm9/bn256/gfp2_g1_arm64.s b/sm9/bn256/gfp2_g1_arm64.s
index d924f96..6429b33 100644
--- a/sm9/bn256/gfp2_g1_arm64.s
+++ b/sm9/bn256/gfp2_g1_arm64.s
@@ -619,6 +619,29 @@ TEXT ·gfp2MulU(SB),NOSPLIT,$104-24
 
 	RET
 
+// func gfp2MulU1(c, a *gfP2)
+TEXT ·gfp2MulU1(SB),NOSPLIT,$0-16
+	MOVD	res+0(FP), b_ptr
+	MOVD	in1+8(FP), a_ptr
+
+	LDP	·p2+0x00(SB), (const0, const1)
+	LDP	·p2+0x10(SB), (const2, const3)
+
+	LDy (x1in)
+	gfpMulBy2Inline
+	MOVD	$0, y0 
+	MOVD	$0, y1 
+	MOVD	$0, y2 
+	MOVD	$0, y3
+	CALL gfpSubInternal(SB)
+	
+	ADD $32, a_ptr, a_ptr
+	VLD1 32(a_ptr), [V0.B16, V1.B16]
+	VST1 [V0.B16, V1.B16], 32(b_ptr)
+	STx (y2in)
+
+	RET
+
 // func gfp2Square(c, a *gfP2)
 TEXT ·gfp2Square(SB),NOSPLIT,$72-16
 	MOVD	res+0(FP), b_ptr
diff --git a/sm9/bn256/gfp2_g1_decl.go b/sm9/bn256/gfp2_g1_decl.go
index 6e5078a..2fee40b 100644
--- a/sm9/bn256/gfp2_g1_decl.go
+++ b/sm9/bn256/gfp2_g1_decl.go
@@ -13,6 +13,11 @@ func gfp2Mul(c, a, b *gfP2)
 //go:noescape
 func gfp2MulU(c, a, b *gfP2)
 
+// gfP2 multiplication. c = a*u
+//
+//go:noescape
+func gfp2MulU1(c, a *gfP2)
+
 // gfP2 square.
 //
 //go:noescape
diff --git a/sm9/bn256/gfp2_g1_generic.go b/sm9/bn256/gfp2_g1_generic.go
index f665578..0335c01 100644
--- a/sm9/bn256/gfp2_g1_generic.go
+++ b/sm9/bn256/gfp2_g1_generic.go
@@ -48,6 +48,15 @@ func gfp2MulU(c, a, b *gfP2) {
 	gfp2Copy(c, tmp)
 }
 
+func gfp2MulU1(c, a *gfP2) {
+	t := &gfP{}
+	gfpDouble(t, &a.x)
+	gfpNeg(t, t)
+
+	gfpCopy(&c.x, &a.y)
+	gfpCopy(&c.y, t)
+}
+
 func gfp2Square(c, a *gfP2) {
 	tmp := &gfP2{}
 	tx := &tmp.x
diff --git a/sm9/bn256/gfp2_test.go b/sm9/bn256/gfp2_test.go
index 880e60e..d0a61c9 100644
--- a/sm9/bn256/gfp2_test.go
+++ b/sm9/bn256/gfp2_test.go
@@ -18,6 +18,8 @@ func TestGfp2BasicOperations(t *testing.T) {
 	expectedSub := "(0e6cca2ef0f4dce3fa4a249bb48a25d84dbf1f63ac843004e3b586d5dac6e8eb, 51785a37fb519603d4b026648151d768ebe9b9193a9c83c365c31316fb711845)"
 	expectedMul := "(7f98a04cf83164be0fdc4763a7c6f24c2901191f2917eb71037cd5221cf002bb, 75a09ee1aa1b04ccdb24e629529a18492f378aa3034f63d3cd1b8b9f0d338b3a)"
 	expectedMulU := "(75a09ee1aa1b04ccdb24e629529a18492f378aa3034f63d3cd1b8b9f0d338b3a, 6d4ebf6614e484678c4ec7d89b8fa9f1f1e2f457e2c606d5c3e58c0b8cc28584)"
+
+	t.Parallel()
 	t.Run("Add", func(t *testing.T) {
 		ret := &gfP2{}
 		ret.Add(x, y)
@@ -240,6 +242,34 @@ func BenchmarkGfP2Mul(b *testing.B) {
 	}
 }
 
+func BenchmarkGfP2MulScalar(b *testing.B) {
+	x := &gfP2{
+		*fromBigInt(bigFromHex("85AEF3D078640C98597B6027B441A01FF1DD2C190F5E93C454806C11D8806141")),
+		*fromBigInt(bigFromHex("3722755292130B08D2AAB97FD34EC120EE265948D19C17ABF9B7213BAF82D65B")),
+	}
+
+	t := &gfP2{}
+	b.ReportAllocs()
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		t.MulScalar(x, &x.x)
+	}
+}
+
+func BenchmarkGfP2MulU1(b *testing.B) {
+	x := &gfP2{
+		*fromBigInt(bigFromHex("85AEF3D078640C98597B6027B441A01FF1DD2C190F5E93C454806C11D8806141")),
+		*fromBigInt(bigFromHex("3722755292130B08D2AAB97FD34EC120EE265948D19C17ABF9B7213BAF82D65B")),
+	}
+
+	t := &gfP2{}
+	b.ReportAllocs()
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		t.MulU1(x)
+	}
+}
+
 func BenchmarkGfP2MulU(b *testing.B) {
 	x := &gfP2{
 		*fromBigInt(bigFromHex("85AEF3D078640C98597B6027B441A01FF1DD2C190F5E93C454806C11D8806141")),
@@ -282,6 +312,19 @@ func BenchmarkGfP2SquareU(b *testing.B) {
 	}
 }
 
+func BenchmarkGfP2Invert(b *testing.B) {
+	x := &gfP2{
+		*fromBigInt(bigFromHex("85AEF3D078640C98597B6027B441A01FF1DD2C190F5E93C454806C11D8806141")),
+		*fromBigInt(bigFromHex("3722755292130B08D2AAB97FD34EC120EE265948D19C17ABF9B7213BAF82D65B")),
+	}
+	t := &gfP2{}
+	b.ReportAllocs()
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		t.Invert(x)
+	}
+}
+
 func BenchmarkGfP2Neg(b *testing.B) {
 	x := &gfP2{
 		*fromBigInt(bigFromHex("85AEF3D078640C98597B6027B441A01FF1DD2C190F5E93C454806C11D8806141")),
diff --git a/sm9/bn256/gfp4_test.go b/sm9/bn256/gfp4_test.go
index 42dd10d..d118e23 100644
--- a/sm9/bn256/gfp4_test.go
+++ b/sm9/bn256/gfp4_test.go
@@ -25,6 +25,7 @@ func TestGfp4BasicOperations(t *testing.T) {
 	expectedMul := "((5f318c234b817377df2179ff82a0759c6b926330853e5abd919e45a6a93e658e, 3c9db0f3bbdb89a9a407dfec4f8f4d6b8ef35b2a3f05e7bcc9bb6a956876faf7), (3ef93f2e9fa8c29914fd823d04d243503646107711ec6068eb28c59946d24878, 2caf5e47bc5be242917002b1f89afaf5ff27ebafcb9a7bcdab917c82b6a4cb41))"
 	expectedMulV := "((3ef93f2e9fa8c29914fd823d04d243503646107711ec6068eb28c59946d24878, 2caf5e47bc5be242917002b1f89afaf5ff27ebafcb9a7bcdab917c82b6a4cb41), (3c9db0f3bbdb89a9a407dfec4f8f4d6b8ef35b2a3f05e7bcc9bb6a956876faf7, ae1ce7b96e4466f3edc462a0e5dca3516cc060352a79283ca7a2ab027425bfde))"
 
+	t.Parallel()
 	t.Run("Add", func(t *testing.T) {
 		got := &gfP4{}
 		got.Set(x)
@@ -306,10 +307,10 @@ func BenchmarkGfP4Mul(b *testing.B) {
 			*fromBigInt(bigFromHex("3722755292130B08D2AAB97FD34EC120EE265948D19C17ABF9B7213BAF82D65B")),
 		},
 	}
+	t := &gfP4{}
 	b.ReportAllocs()
 	b.ResetTimer()
 	for i := 0; i < b.N; i++ {
-		t := &gfP4{}
 		t.Mul(x, y)
 	}
 }
diff --git a/sm9/bn256/gfp_test.go b/sm9/bn256/gfp_test.go
index b438415..497b9b7 100644
--- a/sm9/bn256/gfp_test.go
+++ b/sm9/bn256/gfp_test.go
@@ -16,6 +16,7 @@ func TestGfpBasicOperations(t *testing.T) {
 	expectedMul := fromBigInt(bigFromHex("3d08bbad376584e4f74bd31f78f716372b96ba8c3f939c12b8d54e79b6489e76"))
 	expectedMul2 := fromBigInt(bigFromHex("1df94a9e05a559ff38e0ab50cece734dc058d33738ceacaa15986a67cbff1ef6"))
 
+	t.Parallel()
 	t.Run("add", func(t *testing.T) {
 		ret := &gfP{}
 		gfpAdd(ret, x, y)