sm9/bn256: update document

sm9/README.md

@@ -7,52 +7,26 @@
 
 ## SM9 current performance:
 
-**SM9 Sign Benchmark**
+**SM9 Sign/Verify/Enc/Dec Benchmark**
 
     goos: windows
     goarch: amd64
     pkg: github.com/emmansun/gmsm/sm9
-    cpu: Intel(R) Core(TM) i5-9500 CPU @ 3.00GHz
-    BenchmarkSign-6   	    1344	    871597 ns/op	   35870 B/op	    1013 allocs/op
+    cpu: Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz
+    BenchmarkSign-8          	    3492	    319540 ns/op	   19752 B/op	     545 allocs/op
+    BenchmarkVerify-8        	     806	   1475192 ns/op	  161320 B/op	    3894 allocs/op
+    BenchmarkEncrypt-8       	    3351	    357549 ns/op	   20971 B/op	     551 allocs/op
+    BenchmarkDecrypt-8       	    1052	   1135588 ns/op	  142868 B/op	    3356 allocs/op
+    BenchmarkDecryptASN1-8   	    1063	   1129712 ns/op	  142888 B/op	    3358 allocs/op
 
-**SM9 Verify Benchmark**
+
+**SM9 Generate User Sign/Encrypt Private Key Benchmark**
 
     goos: windows
     goarch: amd64
     pkg: github.com/emmansun/gmsm/sm9
-    cpu: Intel(R) Core(TM) i5-9500 CPU @ 3.00GHz
-    BenchmarkVerify-6   	     352	   3331673 ns/op	  237676 B/op	    6283 allocs/op
-
-**SM9 Encrypt(XOR) Benchmark**
-
-    goos: windows
-    goarch: amd64
-    pkg: github.com/emmansun/gmsm/sm9
-    cpu: Intel(R) Core(TM) i5-9500 CPU @ 3.00GHz
-    BenchmarkEncrypt-6   	    1120	    971188 ns/op	   38125 B/op	    1036 allocs/op
-
-**SM9 Decrypt(XOR) Benchmark**
-
-    goos: windows
-    goarch: amd64
-    pkg: github.com/emmansun/gmsm/sm9
-    cpu: Intel(R) Core(TM) i5-9500 CPU @ 3.00GHz
-    BenchmarkDecrypt-6   	     507	   2345492 ns/op	  202360 B/op	    5228 allocs/op
-
-**SM9 Generate User Sign Private Key Benchmark**
-
-    goos: windows
-    goarch: amd64
-    pkg: github.com/emmansun/gmsm/sm9
-    cpu: Intel(R) Core(TM) i5-9500 CPU @ 3.00GHz
-    BenchmarkGenerateSignPrivKey-6   	    8078	    147638 ns/op	    3176 B/op	      47 allocs/op
-
-**SM9 Generate User Encrypt Private Key Benchmark**
-
-    goos: windows
-    goarch: amd64
-    pkg: github.com/emmansun/gmsm/sm9
-    cpu: Intel(R) Core(TM) i5-9500 CPU @ 3.00GHz
-    BenchmarkGenerateEncryptPrivKey-6   	    3445	    326796 ns/op	    3433 B/op	      47 allocs/op
+    cpu: Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz
+    BenchmarkGenerateSignPrivKey-8      	   18608	     65422 ns/op	     944 B/op	      14 allocs/op
+    BenchmarkGenerateEncryptPrivKey-8   	    8486	    151201 ns/op	    1072 B/op	      14 allocs/op
 
 To further improve `Verify()/Decrypt()` performance, need to improve `Pair()` method performance.

sm9/bn256/README.md

@@ -1,6 +1,6 @@
 This part codes mainly refer two projects:
 
-1. [bn256](https://github.com/cloudflare/bn256), 主要是基域运算。这个项目的主要问题在于测试太少。
+1. [bn256](https://github.com/cloudflare/bn256), 主要是基域运算。这个项目的主要问题在于测试太少。后续进行了大量改进：增加测试、减少乘法、常量时间运行的ScalarMult实现、优化的Invert/Sqrt实现、直至替换基础域计算实现。
 2. [gmssl sm9](https://github.com/guanzhi/GmSSL/blob/develop/src/sm9_alg.c)，主要是2-4-12塔式扩域（现在实现了1-2-4-12扩域以及1-2-6-12扩域，以及相互转换），以及r-ate等。这个项目的主要问题在于性能没有怎么优化。基于性能考虑，后续r-rate还是参考了bn256的op-ate，并结合sm9的特殊性做了适应性改造。
 3. [SM9 precompute pairing per master public key level](https://github.com/emmansun/gmsm/discussions/60)。
 4. G1, G2曲线倍点运算预计算。

sm9/bn256/gfp_decl.go

@@ -12,15 +12,23 @@ import (
 
 var hasBMI2 = cpu.X86.HasBMI2
 
+// Set c = p - a, if c == p, then c = 0
+//
 // go:noescape
 func gfpNeg(c, a *gfP)
 
+// Set c = a + b, if c >= p, then c = c - p
+//
 //go:noescape
 func gfpAdd(c, a, b *gfP)
 
+// Set c = a - b, if c is negative, then c = c + p
+//
 //go:noescape
 func gfpSub(c, a, b *gfP)
 
+// Montgomery multiplication. Sets res = in1 * in2 * R⁻¹ mod p.
+//
 //go:noescape
 func gfpMul(c, a, b *gfP)