Google Git
Sign in
apache / incubator-milagro-crypto / d43ac938722c74a7f814b914ecfc67701f49562c / . / version3 / romgen.cpp
blob: 507ff1bcf5221e4bdc1dd91843357cbd79340f82 [file] [log] [blame]
/*
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
*/
/* ECGEN - Helper MIRACL program to generate ROM constants for curves
A bit rough-and-ready - the output might need minor syntactical corrections
(MINGW build)
g++ -O3 romgen.cpp big.cpp zzn.cpp ecn.cpp zzn2.cpp ecn2.cpp zzn4.cpp ecn4.cpp zzn8.cpp ecn8.cpp miracl.a -o romgen.exe
*/
#include <iostream>
#include "big.h"
#include "ecn.h"
#include "zzn2.h"
#include "ecn2.h"
#include "ecn4.h"
#include "ecn8.h"
using namespace std;
Miracl precision(100,0);
char open,close,term,el=0;
Big output(int chunk,int w,Big t,Big m)
{
Big last,y=t;
cout << open;
for (int i=0;i<w;i++)
{
last=y%m;
cout << "0x" << last;
y/=m;
if (i==w-1) break;
if (el!=0) cout << el << ",";
else cout << ",";
}
if (el!=0) cout << el << close;
else cout << close;
return last;
}
#define NOT_SPECIAL 0
#define PSEUDO_MERSENNE 1
#define GENERALISED_MERSENNE 2
#define MONTGOMERY_FRIENDLY 3
#define WEIERSTRASS 0
#define EDWARDS 1
#define MONTGOMERY 2
// set Frobenius constant - depends on embedding degree
void set_frobenius_constant(ZZn2 &X, int ed)
{
Big p=get_modulus();
switch (get_mip()->pmod8)
{
case 5:
X.set((Big)0,(Big)1); // = (sqrt(-2)^(p-1)/2
break;
case 3: // = (1+sqrt(-1))^(p-1)/2
X.set((Big)1,(Big)1);
break;
case 7:
X.set((Big)2,(Big)1); // = (2+sqrt(-1))^(p-1)/2
default: break;
}
if (ed==12) X=pow(X,(p-1)/6);
if (ed==24) X=pow(X,(p-7)/12);
if (ed==48) X=pow(X,(p-19)/24);
}
void q_power_frobenius(ECn2 &A,ZZn2 &F)
{
// Fast multiplication of A by q (for Trace-Zero group members only)
ZZn2 x,y,z,w,r;
A.get(x,y);
w=F*F;
r=F;
if (get_mip()->TWIST==MR_SEXTIC_M) r=inverse(F); // could be precalculated
if (get_mip()->TWIST==MR_SEXTIC_D) r=F;
w=r*r;
x=w*conj(x);
y=r*w*conj(y);
A.set(x,y);
}
//
// Faster Hashing to G2 - Fuentes-Castaneda, Knapp and Rodriguez-Henriquez
//
void cofactor(ECn2& S,ZZn2 &F,Big& x)
{
ECn2 T,K;
T=S;
T*=(-x);
T.norm();
K=(T+T)+T;
K.norm();
q_power_frobenius(K,F);
q_power_frobenius(S,F); q_power_frobenius(S,F); q_power_frobenius(S,F);
S+=T; S+=K;
q_power_frobenius(T,F); q_power_frobenius(T,F);
S+=T;
S.norm();
}
void help()
{
printf("Elliptic Curves\n");
printf("1. ED25519\n");
printf("2. C25519\n");
printf("3. NIST256\n");
printf("4. BRAINPOOL\n");
printf("5. ANSSI\n");
printf("6. HIFIVE\n");
printf("7. GOLDILOCKS\n");
printf("8. NIST384\n");
printf("9. C41417\n");
printf("10. NIST521\n");
printf("11. NUMS256W\n");
printf("12. NUMS256E\n");
printf("13. NUMS384W\n");
printf("14. NUMS384E\n");
printf("15. NUMS512W\n");
printf("16. NUMS512E\n");
printf("17. SECP256K1\n\n");
printf("18. BN254\n");
printf("19. BN254CX\n");
printf("20. BLS383\n");
printf("21. BLS381\n");
printf("22. FP256BN\n");
printf("23. FP512BN\n");
printf("24. BLS461\n");
printf("25. BLS24\n");
printf("26. BLS48\n");
printf("\nromgen curve wordlength basebits language\n");
printf("where wordlength is 16, 32 or 64\n");
printf("basebits is less than wordlength\n\n");
printf("Use check utility to determine best choice for basebits\n");
printf("language is c, cpp, java, javascript, go, rust or swift\n\n");
}
char* toupperit(char *s,int lang)
{
int i;
static char t[50];
if (lang!=5) return s;
for (i=0;;i++)
{
t[i]=s[i];
if (t[i]==0) break;
t[i]=toupper(t[i]);
}
return t;
}
int main(int argc, char **argv)
{
miracl *mip=&precision;
Big p,R,B,mc,curve_b,cru,cof,tau[9];
Big m,x,y,w,t,c,n,r,a,b,gx,gy,r2modp;
Big np,PP,TT,FF;
int i,A,curve,bb,chunk,words,mbits,bytes,ip=0;
int modtype,curvetype,curve_a,curve_b_i,cof_i,lang=0;
ZZn2 X;
ECn P;
ECn2 Q;
ECn4 QQ;
ECn8 Q8;
ZZn4 XA,YA,AA,BB;
ZZn8 X8,Y8;
ZZn2 Aa,Ab,Ba,Bb;
ZZn2 Xa,Ya;
ZZn zcru;
char pre0[50],pre1[50],pre2[50],pre3[50],pre4[50],pre5[50],pre6[50];
char post0[50],post1[50],post2[50],post3[50],post4[50],post5[50],post6[50];
char pre7[50],post7[50],lg[50];
char xxx[20],yyy[20],zzz[20];
char curvename[30],fieldname[30];
argv++; argc--;
if (argc<4)
{
help();
return 0;
}
strcpy(curvename,argv[0]);
// curve=atoi(argv[ip++]);
for (i=0;;i++)
{
if (curvename[i]==0) break;
curvename[i]=toupper(curvename[i]);
}
//cout << "curvename= " << curvename << " " << strlen(curvename) << endl;
curve=0; ip++;
chunk=atoi(argv[ip++]);
bb=atoi(argv[ip++]);
strcpy(lg,argv[ip]);
if (chunk !=16 && chunk!=32 && chunk!=64) {help(); return 0;}
if (bb<0 || bb>=chunk) {help(); return 0;}
// Specify curve constants
if (strcmp(curvename,"ED25519")==0)
{ // ED25519
curve=1;
printf("Curve= ED25519\n");
strcpy(fieldname,"25519");
mbits=255; // bits in modulus
words=(1+((mbits-1)/bb)); // words per Big
curvetype=EDWARDS;
modtype=PSEUDO_MERSENNE;
curve_a=-1; // Curve A parameter
cof=8;
p=pow((Big)2,mbits)-19; // Modulus
r=pow((Big)2,252)+(char *)"27742317777372353535851937790883648493"; // group order
mip->IOBASE=16;
curve_b=(char *)"52036CEE2B6FFE738CC740797779E89800700A4D4141D8AB75EB4DCA135978A3"; // curve B parameter
gx=(char *)"216936D3CD6E53FEC0A4E231FDD6DC5C692CC7609525A7B2C9562D608F25D51A"; // generator point
gy=(char *)"6666666666666666666666666666666666666666666666666666666666666658";
}
if (strcmp(curvename,"C25519")==0)
{
curve=2;
printf("Curve= C25519\n");
strcpy(fieldname,"25519");
mbits=255;
words=(1+((mbits-1)/bb));
curvetype=MONTGOMERY;
modtype=PSEUDO_MERSENNE;
curve_a=486662;
cof=8;
p=pow((Big)2,mbits)-19;
r=pow((Big)2,252)+(char *)"27742317777372353535851937790883648493";
curve_b=0;
mip->IOBASE=16;
gx=(char *)"9";
gy=0;
}
if (strcmp(curvename,"NIST256")==0)
{
curve=3;
printf("Curve= NIST256\n");
strcpy(fieldname,curvename);
mbits=256;
words=(1+((mbits-1)/bb));
curvetype=WEIERSTRASS;
modtype=NOT_SPECIAL;
curve_a=-3;
cof=1;
p=(char *)"115792089210356248762697446949407573530086143415290314195533631308867097853951";
r=(char *)"115792089210356248762697446949407573529996955224135760342422259061068512044369";
mip->IOBASE=16;
curve_b=(char *)"5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b";
gx=(char *)"6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296";
gy=(char *)"4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5";
}
if (strcmp(curvename,"BRAINPOOL")==0)
{
curve=4;
printf("Curve= BRAINPOOL\n");
strcpy(fieldname,curvename);
mbits=256;
words=(1+((mbits-1)/bb));
curvetype=WEIERSTRASS;
modtype=NOT_SPECIAL;
curve_a=-3;
cof=1;
p=(char *)"76884956397045344220809746629001649093037950200943055203735601445031516197751";
mip->IOBASE=16;
r=(char *)"A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7";
mip->IOBASE=10;
curve_b=(char *)"46214326585032579593829631435610129746736367449296220983687490401182983727876";
mip->IOBASE=16;
gx=(char *)"a3e8eb3cc1cfe7b7732213b23a656149afa142c47aafbc2b79a191562e1305f4";
gy=(char *)"2d996c823439c56d7f7b22e14644417e69bcb6de39d027001dabe8f35b25c9be";
}
if (strcmp(curvename,"ANSSI")==0)
{
curve=5;
printf("Curve= ANSSI\n");
strcpy(fieldname,curvename);
mbits=256;
words=(1+((mbits-1)/bb));
curvetype=WEIERSTRASS;
modtype=NOT_SPECIAL;
curve_a=-3;
cof=1;
p=(char *)"109454571331697278617670725030735128145969349647868738157201323556196022393859";
mip->IOBASE=16;
r=(char *)"F1FD178C0B3AD58F10126DE8CE42435B53DC67E140D2BF941FFDD459C6D655E1";
mip->IOBASE=10;
curve_b=(char *)"107744541122042688792155207242782455150382764043089114141096634497567301547839";
mip->IOBASE=16;
gx=(char *)"b6b3d4c356c139eb31183d4749d423958c27d2dcaf98b70164c97a2dd98f5cff";
gy=(char *)"6142e0f7c8b204911f9271f0f3ecef8c2701c307e8e4c9e183115a1554062cfb";
}
if (strcmp(curvename,"HIFIVE")==0)
{
curve=6;
printf("Curve= HIFIVE\n");
strcpy(fieldname,curvename);
mbits=336;
words=(1+((mbits-1)/bb));
curvetype=EDWARDS;
modtype=PSEUDO_MERSENNE;
curve_a=1;
cof=8;
p=pow((Big)2,336)-3;
mip->IOBASE=16;
r=(char *)"200000000000000000000000000000000000000000071415FA9850C0BD6B87F93BAA7B2F95973E9FA805";
mip->IOBASE=10;
curve_b=(char *)"11111";
mip->IOBASE=16;
gx=(char *)"C";
gy=(char *)"C0DC616B56502E18E1C161D007853D1B14B46C3811C7EF435B6DB5D5650CA0365DB12BEC68505FE8632";
}
if (strcmp(curvename,"GOLDILOCKS")==0)
{
curve=7;
printf("Curve= GOLDILOCKS\n");
strcpy(fieldname,curvename);
mbits=448;
words=(1+((mbits-1)/bb));
curvetype=EDWARDS;
modtype=GENERALISED_MERSENNE;
curve_a=1;
cof=4;
p=pow((Big)2,448)-pow((Big)2,224)-1;
r=(p+1-(char *)"28312320572429821613362531907042076847709625476988141958474579766324")/4;
mip->IOBASE=10;
curve_b=p-39081;
mip->IOBASE=16;
gx=(char *)"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa955555555555555555555555555555555555555555555555555555555";
gy=(char *)"ae05e9634ad7048db359d6205086c2b0036ed7a035884dd7b7e36d728ad8c4b80d6565833a2a3098bbbcb2bed1cda06bdaeafbcdea9386ed";
}
if (strcmp(curvename,"NIST384")==0)
{
curve=8;
printf("Curve= NIST384\n");
strcpy(fieldname,curvename);
mbits=384;
words=(1+((mbits-1)/bb));
curvetype=WEIERSTRASS;
modtype=NOT_SPECIAL;
curve_a=-3;
cof=1;
p=(char *)"39402006196394479212279040100143613805079739270465446667948293404245721771496870329047266088258938001861606973112319";
r=p+1-(char *)"1388124618062372383606759648309780106643088307173319169677";
curve_b=(char *)"27580193559959705877849011840389048093056905856361568521428707301988689241309860865136260764883745107765439761230575";
mip->IOBASE=16;
gx=(char *)"aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7";
gy=(char *)"3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f";
}
if (strcmp(curvename,"C41417")==0)
{
curve=9;
printf("Curve= C41417\n");
strcpy(fieldname,curvename);
mbits=414;
words=(1+((mbits-1)/bb));
curvetype=EDWARDS;
modtype=PSEUDO_MERSENNE;
curve_a=1;
p=pow((Big)2,mbits)-17;
cof=8;
r=pow((Big)2,411)-(char *)"33364140863755142520810177694098385178984727200411208589594759"; // Group Order
curve_b=(char *)"3617";
mip->IOBASE=16;
gx=(char *)"1a334905141443300218c0631c326e5fcd46369f44c03ec7f57ff35498a4ab4d6d6ba111301a73faa8537c64c4fd3812f3cbc595";
gy=(char *)"22";
}
if (strcmp(curvename,"NIST521")==0)
{
curve=10;
printf("Curve= NIST521\n");
strcpy(fieldname,curvename);
mbits=521;
words=(1+((mbits-1)/bb));
curvetype=WEIERSTRASS;
modtype=NOT_SPECIAL;
curve_a=-3;
cof=1;
p=pow((Big)2,mbits)-1;
mip->IOBASE=16;
r=(char *)"1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409"; // Group Order
curve_b=(char *)"51953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00";
gx=(char *)"C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66";
gy=(char *)"11839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650";
}
if (strcmp(curvename,"NUMS256W")==0)
{
curve=11;
printf("Curve= NUMS256W\n");
strcpy(fieldname,"256PMW");
mbits=256;
words=(1+((mbits-1)/bb));
curvetype=WEIERSTRASS;
modtype=PSEUDO_MERSENNE;
curve_a=-3;
cof=1;
p=pow((Big)2,mbits)-189;
mip->IOBASE=16;
r=(char *)"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE43C8275EA265C6020AB20294751A825"; // Group Order
curve_b=(char *)"25581";
gx=(char *)"BC9ED6B65AAADB61297A95A04F42CB0983579B0903D4C73ABC52EE1EB21AACB1";
gy=(char *)"D08FC0F13399B6A673448BF77E04E035C955C3D115310FBB80B5B9CB2184DE9F";
}
if (strcmp(curvename,"NUMS256E")==0)
{
curve=12;
printf("Curve= NUMS256E\n");
strcpy(fieldname,"256PME");
mbits=256;
words=(1+((mbits-1)/bb));
curvetype=EDWARDS;
modtype=PSEUDO_MERSENNE;
curve_a=1;
cof=4;
p=pow((Big)2,mbits)-189;
mip->IOBASE=16;
r=(char *)"4000000000000000000000000000000041955AA52F59439B1A47B190EEDD4AF5"; // Group Order
curve_b=(char *)"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC355";
gx=(char *)"8A7514FB6AEA237DCD1E3D5F69209BD60C398A0EE3083586A0DEC0902EED13DA";
gy=(char *)"44D53E9FD9D925C7CE9665D9A64B8010715F61D810856ED32FA616E7798A89E6";
}
if (strcmp(curvename,"NUMS384W")==0)
{
curve=13;
printf("Curve= NUMS384W\n");
strcpy(fieldname,"384PM");
mbits=384;
words=(1+((mbits-1)/bb));
curvetype=WEIERSTRASS;
modtype=PSEUDO_MERSENNE;
curve_a=-3;
cof=1;
p=pow((Big)2,mbits)-317;
mip->IOBASE=16;
r=(char *)"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD61EAF1EEB5D6881BEDA9D3D4C37E27A604D81F67B0E61B9"; // Group Order
curve_b=(char *)"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF77BB";
gx=(char *)"757956F0B16F181C4880CA224105F1A60225C1CDFB81F9F4F3BD291B2A6CC742522EED100F61C47BEB9CBA042098152A";
gy=(char *)"ACDEE368E19B8E38D7E33D300584CF7EB0046977F87F739CB920837D121A837EBCD6B4DBBFF4AD265C74B8EC66180716";
}
if (strcmp(curvename,"NUMS384E")==0)
{
curve=14;
printf("Curve= NUMS384E\n");
strcpy(fieldname,"384PM");
mbits=384;
words=(1+((mbits-1)/bb));
curvetype=EDWARDS;
modtype=PSEUDO_MERSENNE;
curve_a=1;
cof=4;
p=pow((Big)2,mbits)-317;
mip->IOBASE=16;
r=(char *)"3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE2471A1CB46BE1CF61E4555AAB35C87920B9DCC4E6A3897D"; // Group Order
curve_b=(char *)"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD19F";
gx=(char *)"61B111FB45A9266CC0B6A2129AE55DB5B30BF446E5BE4C005763FFA8F33163406FF292B16545941350D540E46C206BDE";
gy=(char *)"82983E67B9A6EEB08738B1A423B10DD716AD8274F1425F56830F98F7F645964B0072B0F946EC48DC9D8D03E1F0729392";
}
if (strcmp(curvename,"NUMS512W")==0)
{
curve=15;
printf("Curve= NUMS512W\n");
strcpy(fieldname,"512PM");
mbits=512;
words=(1+((mbits-1)/bb));
curvetype=WEIERSTRASS;
modtype=PSEUDO_MERSENNE;
curve_a=-3;
cof=1;
p=pow((Big)2,mbits)-569;
mip->IOBASE=16;
r=(char *)"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5B3CA4FB94E7831B4FC258ED97D0BDC63B568B36607CD243CE153F390433555D"; // Group Order
curve_b=(char *)"1D99B";
gx=(char *)"3AC03447141D0A93DA2B7002A03D3B5298CAD83BB501F6854506E0C25306D9F95021A151076B359E93794286255615831D5D60137D6F5DE2DC8287958CABAE57";
gy=(char *)"943A54CA29AD56B3CE0EEEDC63EBB1004B97DBDEABBCBB8C8F4B260C7BD14F14A28415DA8B0EEDE9C121A840B25A5602CF2B5C1E4CFD0FE923A08760383527A6";
}
if (strcmp(curvename,"NUMS512E")==0)
{
curve=16;
printf("Curve= NUMS512E\n");
strcpy(fieldname,"512PM");
mbits=512;
words=(1+((mbits-1)/bb));
curvetype=EDWARDS;
modtype=PSEUDO_MERSENNE;
curve_a=1;
cof=4;
p=pow((Big)2,mbits)-569;
mip->IOBASE=16;
r=(char *)"3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFB4F0636D2FCF91BA9E3FD8C970B686F52A4605786DEFECFF67468CF51BEED46D"; // Group Order
curve_b=(char *)"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFECBEF";
gx=(char *)"DF8E316D128DB69C7A18CB7888D3C5332FD1E79F4DC4A38227A17EBE273B81474621C14EEE46730F78BDC992568904AD0FE525427CC4F015C5B9AB2999EC57FE";
gy=(char *)"6D09BFF39D49CA7198B0F577A82A256EE476F726D8259D22A92B6B95909E834120CA53F2E9963562601A06862AECC1FD0266D38A9BF1D01F326DDEC0C1E2F5E1";
}
if (strcmp(curvename,"SECP256K1")==0)
{ // SECP256K1
curve=17;
printf("Curve= SECP256K1\n");
strcpy(fieldname,"SECP256K1");
mbits=256; // bits in modulus
words=(1+((mbits-1)/bb)); // words per Big
curvetype=WEIERSTRASS;
/*if (chunk<64)*/ modtype=NOT_SPECIAL;
//modtype=PSEUDO_MERSENNE;
curve_a=0; // Curve A parameter
cof=1;
p=pow((Big)2,mbits)-pow((Big)2,32)-977; // Modulus
mip->IOBASE=16;
r=(char *)"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141"; // group order
curve_b=(char *)"7"; // curve B parameter
gx=(char *)"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798"; // generator point
gy=(char *)"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8";
}
if (strcmp(curvename,"BN254")==0)
{
curve=18;
printf("Curve= BN254\n");
strcpy(fieldname,curvename);
mbits=254;
words=(1+((mbits-1)/bb));
curvetype=WEIERSTRASS;
modtype=NOT_SPECIAL;
curve_a=0;
mip->IOBASE=16;
x=(char *)"4080000000000001"; // Fast but not GT_STRONG parameter
p=36*pow(x,4)-36*pow(x,3)+24*x*x-6*x+1; // Modulus
t=6*x*x+1;
r=p+1-t; // Group order
curve_b=2;
gx=p-1; // generator point in G1
gy=1;
cof=1;
ecurve((Big)0,curve_b,p,MR_AFFINE);
mip->TWIST=MR_SEXTIC_D; // twist type
Xa.set((ZZn)0,(ZZn)-1);
Ya.set((ZZn)1,ZZn(0));
Q.set(Xa,Ya);
Q=(p-1+t)*Q; // generator point in G2
cru=(18*pow(x,3)-18*x*x+9*x-2); // cube root of unity for GLV method
}
if (strcmp(curvename,"BN254CX")==0)
{
curve=19;
printf("Curve= BN254CX\n");
strcpy(fieldname,curvename);
mbits=254;
words=(1+((mbits-1)/bb));
curvetype=WEIERSTRASS;
modtype=NOT_SPECIAL;
curve_a=0;
mip->IOBASE=16;
x=(char *)"4000000003C012B1";
p=36*pow(x,4)-36*pow(x,3)+24*x*x-6*x+1;
t=6*x*x+1;
r=p+1-t;
curve_b=2;
gx=p-1;
gy=1;
cof=1;
ecurve((Big)0,curve_b,p,MR_AFFINE);
mip->TWIST=MR_SEXTIC_D;
Xa.set((ZZn)0,(ZZn)-1);
Ya.set((ZZn)1,ZZn(0));
Q.set(Xa,Ya);
Q=(p-1+t)*Q; // generator point in G2
cru=(18*pow(x,3)-18*x*x+9*x-2);
}
if (strcmp(curvename,"BLS383")==0)
{
curve=20;
printf("Curve= BLS383\n");
strcpy(fieldname,curvename);
mbits=383;
words=(1+((mbits-1)/bb));
curvetype=WEIERSTRASS;
modtype=NOT_SPECIAL;
curve_a=0;
mip->IOBASE=16;
// x=(char *)"11000001000000040";
x=(char *)"10008000001001200"; // SIGN_OF_X is POSITIVE
p=(pow(x,6)-2*pow(x,5)+2*pow(x,3)+x+1)/3;
t=x+1;
r=pow(x,4)-x*x+1;
cof=(p+1-t)/r;
// gx=-2; gy=-1;
// curve_b=9;
gx=1; gy=4;
curve_b=15;
ecurve((Big)0,curve_b,p,MR_AFFINE);
// mip->TWIST=MR_SEXTIC_D;
mip->TWIST=MR_SEXTIC_M;
P.set(gx,gy);
P*=cof;
P.get(gx,gy);
//cout << "gx= " << gx << endl;
//cout << "gy= " << gy << endl;
//cout << "y^2= " << (gy*gy)%p << endl;
//cout << "x^3+b= " << (gx*gx*gx+15)%p << endl;
//while (!Q.set(randn2())) ; // probably not best way to choose this
Xa=1;
while (!Q.set(Xa))
{
Xa=Xa+(ZZn2)1;
}
TT=t*t-2*p;
PP=p*p;
FF=sqrt((4*PP-TT*TT)/3);
np=PP+1-(-3*FF+TT)/2; // 2 possibilities...
Q=(np/r)*Q;
zcru=pow((ZZn)2,(p-1)/3);
// zcru*=zcru; // right cube root of unity
cru=(Big)zcru;
}
if (strcmp(curvename,"BLS381")==0)
{
curve=21;
printf("Curve= BLS381\n");
strcpy(fieldname,curvename);
mbits=381;
words=(1+((mbits-1)/bb));
curvetype=WEIERSTRASS;
modtype=NOT_SPECIAL;
curve_a=0;
mip->IOBASE=16;
x=(char *)"d201000000010000"; // SIGN_OF_X is NEGATIVE
p=(pow(x,6)+2*pow(x,5)-2*pow(x,3)-x+1)/3;
t=-x+1;
r=pow(x,4)-x*x+1;
cof=(p+1-t)/r;
curve_b=4;
ecurve((Big)0,curve_b,p,MR_AFFINE);
mip->TWIST=MR_SEXTIC_M;
gx=1;
while (!P.set(gx))
{
gx=gx+1;
}
P*=cof;
P.get(gx,gy);
Xa=1;
while (!Q.set(Xa))
{
Xa=Xa+(ZZn2)1;
}
Q.get(Xa,Ya);
Ya=-Ya;
Q.set(Xa,Ya);
TT=t*t-2*p;
PP=p*p;
FF=sqrt((4*PP-TT*TT)/3);
np=PP+1-(-3*FF+TT)/2; // 2 possibilities...
Q=(np/r)*Q;
zcru=pow((ZZn)2,(p-1)/3);
//zcru*=zcru; // right cube root of unity ?? if x>0 do this??
cru=(Big)zcru;
}
if (strcmp(curvename,"BLS461")==0)
{
curve=24;
printf("Curve= BLS461\n");
strcpy(fieldname,curvename);
mbits=461;
words=(1+((mbits-1)/bb));
curvetype=WEIERSTRASS;
modtype=NOT_SPECIAL;
curve_a=0;
mip->IOBASE=16;
x=(char *)"1FFFFFFBFFFE00000000"; // SIGN_OF_X is NEGATIVE
p=(pow(x,6)+2*pow(x,5)-2*pow(x,3)-x+1)/3;
t=-x+1;
r=pow(x,4)-x*x+1;
cof=(p+1-t)/r;
gx=-2; gy=-1;
curve_b=9;
ecurve((Big)0,curve_b,p,MR_AFFINE);
mip->TWIST=MR_SEXTIC_M;
P.set(gx,gy);
P*=cof;
P.get(gx,gy);
while (!Q.set(randn2())) ; // probably not best way to choose this
TT=t*t-2*p;
PP=p*p;
FF=sqrt((4*PP-TT*TT)/3);
np=PP+1-(-3*FF+TT)/2; // 2 possibilities...
Q=(np/r)*Q;
zcru=pow((ZZn)2,(p-1)/3);
//zcru*=zcru; // right cube root of unity
cru=(Big)zcru;
}
if (strcmp(curvename,"FP256BN")==0)
{
curve=22;
printf("Curve= FP256BN\n");
strcpy(fieldname,curvename);
mbits=256;
words=(1+((mbits-1)/bb));
curvetype=WEIERSTRASS;
modtype=NOT_SPECIAL;
curve_a=0;
mip->IOBASE=16;
x=(char *)"6882F5C030B0A801"; // Slow!
p=36*pow(x,4)-36*pow(x,3)+24*x*x-6*x+1;
t=6*x*x+1;
r=p+1-t;
curve_b=3;
gx=1;
gy=2;
cof=1;
ecurve((Big)0,curve_b,p,MR_AFFINE);
mip->TWIST=MR_SEXTIC_M;
Q.set((ZZn2)1);
//while (!Q.set(randn2())) ;
Q=(p-1+t)*Q;
cru=(18*pow(x,3)-18*x*x+9*x-2);
cout << pre1 << toupperit((char *)"CURVE_Cru",lang) << post1; output(chunk,words,cru,m); cout << term << endl;
}
if (strcmp(curvename,"FP512BN")==0)
{
curve=23;
printf("Curve= FP512BN\n");
strcpy(fieldname,curvename);
mbits=512;
words=(1+((mbits-1)/bb));
curvetype=WEIERSTRASS;
modtype=NOT_SPECIAL;
curve_a=0;
mip->IOBASE=16;
x=(char *)"6882F5C030B0F7F010B306BB5E1BD80F"; // Slow!
p=36*pow(x,4)+36*pow(x,3)+24*x*x+6*x+1;
t=6*x*x+1;
r=p+1-t;
curve_b=3;
gx=1;
gy=2;
cof=1;
ecurve((Big)0,curve_b,p,MR_AFFINE);
mip->TWIST=MR_SEXTIC_M;
Q.set((ZZn2)1);
//while (!Q.set(randn2())) ;
Q=(p-1+t)*Q;
cru=p-(18*pow(x,3)+18*x*x+9*x+2);
}
if (strcmp(curvename,"BLS24")==0)
{
curve=25;
printf("Curve= BLS24\n");
strcpy(fieldname,curvename);
mbits=479;
words=(1+((mbits-1)/bb));
curvetype=WEIERSTRASS;
modtype=NOT_SPECIAL;
curve_a=0;
mip->IOBASE=16;
// Note - this is GT-Strong curve
x=(char *)"100020011FF80"; // SIGN_OF_X is POSITIVE
//x=-x;
p=(1+x+x*x-pow(x,4)+2*pow(x,5)-pow(x,6)+pow(x,8)-2*pow(x,9)+pow(x,10))/3;
t=x+1;
r=pow(x,8)-pow(x,4)+1;
cof=(p+1-t)/r;
//x=-x;
gx=5; gy=12;
curve_b=19;
ecurve((Big)0,curve_b,p,MR_AFFINE);
mip->TWIST=MR_SEXTIC_M;
P.set(gx,gy);
P*=cof;
P.get(gx,gy);
Big x0=0;
forever
{
ZZn4 X;
ZZn2 t;
x0+=1;
t.set((ZZn)0,(ZZn)x0);
X.set(t,(ZZn2)0);
if (!QQ.set(X)) continue;
break;
}
TT=t*t*t*t-4*p*t*t+2*p*p;
PP=pow(p,4);
FF=sqrt((4*PP-TT*TT)/3);
np=PP+1-(3*FF+TT)/2;
QQ=(np/r)*QQ;
//cout << "QQ= " << QQ << endl;
//cout << "2*QQ= " << QQ+QQ << endl;
//cout << "3*QQ= " << (QQ+QQ)+QQ << endl;
zcru=pow((ZZn)2,(p-1)/3);
//zcru*=zcru; // right cube root of unity - not for M-TYPE
cru=(Big)zcru;
}
if (strcmp(curvename,"BLS48")==0)
{
curve=26;
printf("Curve= BLS48\n");
strcpy(fieldname,curvename);
mbits=556;
words=(1+((mbits-1)/bb));
curvetype=WEIERSTRASS;
modtype=NOT_SPECIAL;
curve_a=0;
mip->IOBASE=16;
// Note - this is GT-Strong curve
x=(char *)"7DE40020"; // SIGN_OF_X is POSITIVE
r=pow(x,16)-pow(x,8)+1;
p=r*(((x-1)*(x-1))/3)+x;
t=x+1;
cof=(p+1-t)/r;
// p=19 mod 24
gx=2; gy=5;
curve_b=17;
ecurve((Big)0,curve_b,p,MR_AFFINE);
mip->TWIST=MR_SEXTIC_M;
P.set(gx,gy);
P*=cof;
P.get(gx,gy);
Big x0=0;
forever
{
ZZn8 XX;
ZZn4 X;
ZZn2 t;
x0+=1;
t.set((ZZn)0,(ZZn)x0);
X.set(t,(ZZn2)0);
XX.set(X,(ZZn4)0);
if (!Q8.set(X)) continue;
break;
}
tau[0]=2; // count points on twist over extension p^8
tau[1]=t;
for (int jj=1;jj<8;jj++ ) tau[jj+1]=t*tau[jj]-p*tau[jj-1];
TT=tau[8];
PP=pow(p,8);
FF=sqrt((4*PP-TT*TT)/3);
np=PP+1-(3*FF+TT)/2; //?
Q8=(np/r)*Q8;
//cout << "Q8= " << Q8 << endl;
//cout << "r*Q8= " << r*Q8 << endl;
//cout << "2*QQ= " << QQ+QQ << endl;
//cout << "3*QQ= " << (QQ+QQ)+QQ << endl;
zcru=pow((ZZn)2,(p-1)/3);
//zcru*=zcru; // right cube root of unity - not for M-TYPE
cru=(Big)zcru;
}
if (curve==0) {help(); return 0;}
bytes=mbits/8;
if (mbits%8!=0) bytes++;
bytes*=8;
lang=0;
if (strcmp(lg,"c")==0)
{
open='{';
close='}';
term=';';
lang=1;
if (chunk==64) el='L';
sprintf(xxx,"_%d_%d ",bytes,bb);
sprintf(pre0,"const int ");
sprintf(pre1,"const BIG%s",xxx);
sprintf(pre2,"const chunk ");
sprintf(pre3,"const BIG%s",xxx);
sprintf(pre4,"const BIG%s",xxx);
sprintf(pre5,"const BIG%s",xxx);
sprintf(pre6,"const BIG%s",xxx);
sprintf(pre7,"const BIG%s",xxx);
sprintf(zzz,"_%s",curvename);
sprintf(yyy,"_%s",fieldname);
sprintf(post0,"%s= ",zzz);
sprintf(post1,"%s= ",zzz);
sprintf(post2,"%s= ",yyy);
sprintf(post3,"%s[2]= ",zzz);
sprintf(post4,"%s[2][2]= ",zzz);
sprintf(post5,"%s[4]= ",zzz);
sprintf(post6,"%s[4][4]= ",zzz);
sprintf(post7,"%s= ",yyy);
}
if (strcmp(lg,"cpp")==0)
{
open='{';
close='}';
term=';';
lang=7;
if (chunk==64) el='L';
strcpy(pre0,"const int ");
strcpy(pre1,"const BIG ");
strcpy(pre2,"const chunk ");
strcpy(pre3,"const BIG ");
strcpy(pre4,"const BIG ");
strcpy(pre5,"const BIG ");
strcpy(pre6,"const BIG ");
strcpy(pre7,"const BIG ");
strcpy(post0,"= ");
strcpy(post1,"= ");
strcpy(post2,"= ");
strcpy(post3,"[2]= ");
strcpy(post4,"[2][2]= ");
strcpy(post5,"[4]= ");
strcpy(post6,"[4][4]= ");
strcpy(post7,"= ");
}
if (strcmp(lg,"java")==0)
{
open='{';
close='}';
term=';';
lang=2;
if (chunk==64)
{
el='L';
strcpy(pre0,"public static final int ");
strcpy(pre1,"public static final long[] ");
strcpy(pre2,"public static final long ");
strcpy(pre3,"public static final long[][] ");
strcpy(pre4,"public static final long[][][] ");
strcpy(pre5,"public static final long[][] ");
strcpy(pre6,"public static final long[][][] ");
strcpy(pre7,"public static final long[] ");
}
else
{
strcpy(pre0,"public static final int ");
strcpy(pre1,"public static final int[] ");
strcpy(pre2,"public static final int ");
strcpy(pre3,"public static final int[][] ");
strcpy(pre4,"public static final int[][][] ");
strcpy(pre5,"public static final int[][] ");
strcpy(pre6,"public static final int[][][] ");
strcpy(pre7,"public static final int[] ");
}
strcpy(post0,"= ");
strcpy(post1,"= ");
strcpy(post2,"= ");
strcpy(post3,"= ");
strcpy(post4,"= ");
strcpy(post5,"= ");
strcpy(post6,"= ");
strcpy(post7,"= ");
}
if (strcmp(lg,"javascript")==0)
{
open='[';
close=']';
term=',';
lang=3;
strcpy(pre0,"");
strcpy(pre1,"");
strcpy(pre2,"");
strcpy(pre3,"");
strcpy(pre4,"");
strcpy(pre5,"");
strcpy(pre6,"");
strcpy(pre7,"");
strcpy(post0,": ");
strcpy(post1,": ");
strcpy(post2,": ");
strcpy(post3,": ");
strcpy(post4,": ");
strcpy(post5,": ");
strcpy(post6,": ");
strcpy(post7,": ");
}
if (strcmp(lg,"go")==0)
{
open='{';
close='}';
term=' ';
lang=4;
strcpy(pre0,"const ");
strcpy(pre1,"var ");
strcpy(pre2,"const ");
strcpy(pre3,"var ");
strcpy(pre4,"var ");
strcpy(pre5,"var ");
strcpy(pre6,"var ");
strcpy(pre7,"var ");
strcpy(post0," int= ");
strcpy(post1,"= [...]Chunk ");
strcpy(post2," Chunk=");
sprintf(post3,"=[2][%d]Chunk ",words);
sprintf(post4,"=[2][2][%d]Chunk ",words);
sprintf(post5,"=[4][%d]Chunk ",words);
sprintf(post6,"=[4][4][%d]Chunk ",words);
strcpy(post7,"= [...]Chunk ");
}
if (strcmp(lg,"rust")==0)
{
open='[';
close=']';
term=';';
lang=5;
strcpy(pre0,"pub const ");
strcpy(pre1,"pub const ");
strcpy(pre2,"pub const ");
strcpy(pre3,"pub const ");
strcpy(pre4,"pub const ");
strcpy(pre5,"pub const ");
strcpy(pre6,"pub const ");
strcpy(pre7,"pub const ");
strcpy(post0,":isize = ");
strcpy(post1,":[Chunk;NLEN]=");
strcpy(post2,":Chunk=");
strcpy(post3,":[[Chunk;NLEN];2]=");
strcpy(post4,":[[[Chunk;NLEN];2];2]=");
strcpy(post5,":[[Chunk;NLEN];4]=");
strcpy(post6,":[[[Chunk;NLEN];4];4]=");
strcpy(post7,":[Chunk;NLEN]=");
}
if (strcmp(lg,"swift")==0)
{
open='[';
close=']';
term=' ';
lang=6;
strcpy(pre0,"static let ");
strcpy(pre1,"static public let ");
strcpy(pre2,"static let ");
strcpy(pre3,"static let ");
strcpy(pre4,"static let ");
strcpy(pre5,"static let ");
strcpy(pre6,"static let ");
strcpy(pre7,"static let ");
strcpy(post0,":Int = ");
strcpy(post1,":[Chunk] = ");
strcpy(post2,":Chunk = ");
strcpy(post3,":[[Chunk]] = ");
strcpy(post4,":[[[Chunk]]] = ");
strcpy(post5,":[[Chunk]] = ");
strcpy(post6,":[[[Chunk]]] = ");
strcpy(post7,":[Chunk] = ");
}
if (lang==0) {help(); return 0;}
//cout << "\nMOD8 = " << p%8 << endl;
m=pow((Big)2,bb);
cout << "*** rom field parameters*****" << endl;
cout << "// Base Bits= " << bb << endl;
cout << pre7 << toupperit((char *)"Modulus",lang) << post7; mc=output(chunk,words,p,m); cout << term << endl;
r2modp=pow((Big)2,2*words*bb)%p;
//cout << "\ngx*R2modp= " << r2modp*gx << endl;
//cout << "mod p = " << redc(r2modp*gx) << endl << endl;
cout << pre7 << toupperit((char *)"R2modp",lang) << post7; output(chunk,words,r2modp,m); cout << term << endl;
if (modtype==NOT_SPECIAL)
cout << pre2 << toupperit((char *)"MConst",lang) << post2 << "0x" << inverse(m-p%m,m);
if (modtype==MONTGOMERY_FRIENDLY)
cout << pre2 << toupperit((char *)"MConst",lang) << post2 << "0x" << mc+1;
if (modtype==PSEUDO_MERSENNE)
cout << pre2 << toupperit((char *)"MConst",lang) << post2 << "0x" << pow((Big)2,mbits)-p;
if (modtype==GENERALISED_MERSENNE)
cout << pre2 << toupperit((char *)"MConst",lang) << post2 << "0x1";
if (el!=0) cout << "L;" << endl;
else cout << term << endl;
if (curve>17)
{ // Frobenius constants - depend on embedding degree
if (curve<25)
set_frobenius_constant(X,12);
else
{
if (curve==25) set_frobenius_constant(X,24);
if (curve==26) set_frobenius_constant(X,48);
}
X.get(a,b);
cout << pre1 << toupperit((char *)"Fra",lang) << post7; output(chunk,words,a,m); cout << term << endl;
cout << pre1 << toupperit((char *)"Frb",lang) << post7; output(chunk,words,b,m); cout << term << endl;
}
cout << endl;
cout << "//*** rom curve parameters *****" << endl;
cout << "// Base Bits= " << bb << endl;
cout << "\n" << pre0 << "CURVE_A" << post0 << curve_a << term << endl;
curve_b_i=toint(curve_b);
if (curve_b_i==MR_TOOBIG)
{
curve_b_i=toint(p-curve_b);
if (curve_b_i==MR_TOOBIG)
curve_b_i=0;
else curve_b_i=-curve_b_i;
}
cof_i=toint(cof);
if (cof_i==MR_TOOBIG)
cof_i=0;
cout << pre0 << toupperit((char *)"CURVE_Cof_I",lang) << post0 << cof_i << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Cof",lang) << post1; output(chunk,words,cof,m); cout << term << endl;
cout << pre0 << "CURVE_B_I" << post0 << curve_b_i << term << endl;
cout << pre1 << "CURVE_B" << post1; output(chunk,words,curve_b,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Order",lang) << post1; output(chunk,words,r,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Gx",lang) << post1; output(chunk,words,gx,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Gy",lang) << post1; output(chunk,words,gy,m); cout << term << endl;
// BN curves
if (curve==18 || curve==19 || curve==22 || curve==23)
{
cout << endl;
cout << pre1 << toupperit((char *)"CURVE_Bnx",lang) << post1; output(chunk,words,x,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Cru",lang) << post1; output(chunk,words,cru,m); cout << term << endl;
Q.get(Xa,Ya);
Xa.get(a,b);
cout << pre1 << toupperit((char *)"CURVE_Pxa",lang) << post1; output(chunk,words,a,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Pxb",lang) << post1; output(chunk,words,b,m); cout << term << endl;
Ya.get(a,b);
cout << pre1 << toupperit((char *)"CURVE_Pya",lang) << post1; output(chunk,words,a,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Pyb",lang) << post1; output(chunk,words,b,m); cout << term << endl;
cout << pre3 << "CURVE_W" << post3 << open; output(chunk,words,6*x*x-4*x+1,m);cout << ","; output(chunk,words,(2*x-1),m); cout << close << term << endl;
cout << pre4 << "CURVE_SB" << post4 << open; cout << open; output(chunk,words,6*x*x-2*x,m); cout << ","; output(chunk,words,(2*x-1),m); cout << close;cout << ","; cout << open; output(chunk,words,(2*x-1),m); cout << ","; output(chunk,words,r-(6*x*x-4*x+1),m); cout << close; cout << close << term << endl;
cout << pre5 << "CURVE_WB" << post5 << open; output(chunk,words,2*x*x-3*x+1,m); cout << ","; output(chunk,words,12*x*x*x-8*x*x+x,m);
cout << ","; output(chunk,words,6*x*x*x-4*x*x+x,m); cout << ","; output(chunk,words,2*x*x-x,m); cout << close << term << endl;
cout << pre6 << "CURVE_BB" << post6 << open;
cout << open;
output(chunk,words,r-x+1,m);
cout << ","; output(chunk,words,r-x,m);
cout << ","; output(chunk,words,r-x,m);
cout << ","; output(chunk,words,2*x,m);
cout << close;
cout << ","; cout << open;output(chunk,words,2*x-1,m);
cout << ","; output(chunk,words,r-x,m);
cout << ","; output(chunk,words,r-x+1,m);
cout << ","; output(chunk,words,r-x,m);
cout << close;
cout << ","; cout << open; output(chunk,words,2*x,m);
cout << ","; output(chunk,words,2*x-1,m);
cout << ","; output(chunk,words,2*x-1,m);
cout << ","; output(chunk,words,2*x-1,m);
cout << close;
cout << ","; cout << open; output(chunk,words,x+1,m);
cout << ","; output(chunk,words,4*x-2,m);
cout << ","; output(chunk,words,r-2*x-1,m);
cout << ","; output(chunk,words,x+1,m);
cout << close;
cout << close << term << endl;
}
//BLS curves
if (curve==20 || curve==21 || curve==24)
{
cout << endl;
cout << pre1 << toupperit((char *)"CURVE_Bnx",lang) << post1 ; output(chunk,words,x,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Cru",lang) << post1; output(chunk,words,cru,m); cout << term << endl;
Q.get(Xa,Ya);
Xa.get(a,b);
cout << pre1 << toupperit((char *)"CURVE_Pxa",lang) << post1; output(chunk,words,a,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Pxb",lang) << post1; output(chunk,words,b,m); cout << term << endl;
Ya.get(a,b);
cout << pre1 << toupperit((char *)"CURVE_Pya",lang) << post1; output(chunk,words,a,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Pyb",lang) << post1; output(chunk,words,b,m); cout << term << endl;
Q*=r;
if (!Q.iszero())
{
cout << "**** Failed ****" << endl;
cout << "\nQ= " << Q << endl << endl;
}
cout << pre3 << "CURVE_W" << post3 << open; output(chunk,words,(Big)0,m);cout << ","; output(chunk,words,(Big)0,m); cout << close << term << endl;
cout << pre4 << "CURVE_SB" << post4 << open; cout << open; output(chunk,words,(Big)0,m); cout << ","; output(chunk,words,(Big)0,m); cout << close;cout << ","; cout << open; output(chunk,words,(Big)0,m); cout << ","; output(chunk,words,(Big)0,m); cout << close; cout << close << term << endl;
cout << pre5 << "CURVE_WB" << post5 << open; output(chunk,words,(Big)0,m); cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m); cout << ","; output(chunk,words,(Big)0,m); cout << close << term << endl;
cout << pre6 << "CURVE_BB" << post6 << open;
cout << open;
output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << close;
cout << ","; cout << open;output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << close;
cout << ","; cout << open; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << close;
cout << ","; cout << open; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << close;
cout << close << term << endl;
}
if (curve==25)
{
cout << endl;
cout << pre1 << toupperit((char *)"CURVE_Bnx",lang) << post1 ; output(chunk,words,x,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Cru",lang) << post1; output(chunk,words,cru,m); cout << term << endl;
QQ.get(XA,YA);
XA.get(Aa,Bb);
Aa.get(a,b);
cout << pre1 << toupperit((char *)"CURVE_Pxaa",lang) << post1; output(chunk,words,a,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Pxab",lang) << post1; output(chunk,words,b,m); cout << term << endl;
Bb.get(a,b);
cout << pre1 << toupperit((char *)"CURVE_Pxba",lang) << post1; output(chunk,words,a,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Pxbb",lang) << post1; output(chunk,words,b,m); cout << term << endl;
YA.get(Aa,Bb);
Aa.get(a,b);
cout << pre1 << toupperit((char *)"CURVE_Pyaa",lang) << post1; output(chunk,words,a,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Pyab",lang) << post1; output(chunk,words,b,m); cout << term << endl;
Bb.get(a,b);
cout << pre1 << toupperit((char *)"CURVE_Pyba",lang) << post1; output(chunk,words,a,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Pybb",lang) << post1; output(chunk,words,b,m); cout << term << endl;
QQ*=r;
if (!Q.iszero())
{
cout << "**** Failed ****" << endl;
cout << "\nQQ= " << QQ << endl << endl;
}
cout << pre3 << "CURVE_W" << post3 << open; output(chunk,words,(Big)0,m);cout << ","; output(chunk,words,(Big)0,m); cout << close << term << endl;
cout << pre4 << "CURVE_SB" << post4 << open; cout << open; output(chunk,words,(Big)0,m); cout << ","; output(chunk,words,(Big)0,m); cout << close;cout << ","; cout << open; output(chunk,words,(Big)0,m); cout << ","; output(chunk,words,(Big)0,m); cout << close; cout << close << term << endl;
cout << pre5 << "CURVE_WB" << post5 << open; output(chunk,words,(Big)0,m); cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m); cout << ","; output(chunk,words,(Big)0,m); cout << close << term << endl;
cout << pre6 << "CURVE_BB" << post6 << open;
cout << open;
output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << close;
cout << ","; cout << open;output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << close;
cout << ","; cout << open; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << close;
cout << ","; cout << open; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << close;
cout << close << term << endl;
}
if (curve==26)
{
cout << endl;
cout << pre1 << toupperit((char *)"CURVE_Bnx",lang) << post1 ; output(chunk,words,x,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Cru",lang) << post1; output(chunk,words,cru,m); cout << term << endl;
Q8.get(X8,Y8);
X8.get(AA,BB);
AA.get(Aa,Bb);
Aa.get(a,b);
cout << pre1 << toupperit((char *)"CURVE_Pxaaa",lang) << post1; output(chunk,words,a,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Pxaab",lang) << post1; output(chunk,words,b,m); cout << term << endl;
Bb.get(a,b);
cout << pre1 << toupperit((char *)"CURVE_Pxaba",lang) << post1; output(chunk,words,a,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Pxabb",lang) << post1; output(chunk,words,b,m); cout << term << endl;
BB.get(Aa,Bb);
Aa.get(a,b);
cout << pre1 << toupperit((char *)"CURVE_Pxbaa",lang) << post1; output(chunk,words,a,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Pxbab",lang) << post1; output(chunk,words,b,m); cout << term << endl;
Bb.get(a,b);
cout << pre1 << toupperit((char *)"CURVE_Pxbba",lang) << post1; output(chunk,words,a,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Pxbbb",lang) << post1; output(chunk,words,b,m); cout << term << endl;
Y8.get(AA,BB);
AA.get(Aa,Bb);
Aa.get(a,b);
cout << pre1 << toupperit((char *)"CURVE_Pyaaa",lang) << post1; output(chunk,words,a,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Pyaab",lang) << post1; output(chunk,words,b,m); cout << term << endl;
Bb.get(a,b);
cout << pre1 << toupperit((char *)"CURVE_Pyaba",lang) << post1; output(chunk,words,a,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Pyabb",lang) << post1; output(chunk,words,b,m); cout << term << endl;
BB.get(Aa,Bb);
Aa.get(a,b);
cout << pre1 << toupperit((char *)"CURVE_Pybaa",lang) << post1; output(chunk,words,a,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Pybab",lang) << post1; output(chunk,words,b,m); cout << term << endl;
Bb.get(a,b);
cout << pre1 << toupperit((char *)"CURVE_Pybba",lang) << post1; output(chunk,words,a,m); cout << term << endl;
cout << pre1 << toupperit((char *)"CURVE_Pybbb",lang) << post1; output(chunk,words,b,m); cout << term << endl;
Q8*=r;
if (!Q.iszero())
{
cout << "**** Failed ****" << endl;
cout << "\nQQ= " << QQ << endl << endl;
}
cout << pre3 << "CURVE_W" << post3 << open; output(chunk,words,(Big)0,m);cout << ","; output(chunk,words,(Big)0,m); cout << close << term << endl;
cout << pre4 << "CURVE_SB" << post4 << open; cout << open; output(chunk,words,(Big)0,m); cout << ","; output(chunk,words,(Big)0,m); cout << close;cout << ","; cout << open; output(chunk,words,(Big)0,m); cout << ","; output(chunk,words,(Big)0,m); cout << close; cout << close << term << endl;
cout << pre5 << "CURVE_WB" << post5 << open; output(chunk,words,(Big)0,m); cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m); cout << ","; output(chunk,words,(Big)0,m); cout << close << term << endl;
cout << pre6 << "CURVE_BB" << post6 << open;
cout << open;
output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << close;
cout << ","; cout << open;output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << close;
cout << ","; cout << open; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << close;
cout << ","; cout << open; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << ","; output(chunk,words,(Big)0,m);
cout << close;
cout << close << term << endl;
}
}