BLS signature supports BLS12-381

5 files changed, 45 insertions, 37 deletions

diff --git a/go/bls/bls_test.go b/go/bls/bls_test.go
index 5d5d432..400f90d 100644
--- a/go/bls/bls_test.go
+++ b/go/bls/bls_test.go
@@ -292,6 +292,9 @@ func testOrder(t *testing.T, c int) {
 	} else if c == CurveFp382_2 {
 		curve = "5541245505022739011583672869577435255026888277144126952448297309161979278754528049907713682488818304329661351460877"
 		field = "5541245505022739011583672869577435255026888277144126952450651294188487038640194767986566260919128250811286032482323"
+	} else if c == BLS12_381 {
+		curve = "52435875175126190479447740508185965837690552500527637822603658699938581184513"
+		field = "4002409555221667393417789825735904156556882819939007885332058136124031650490837864442687629129015664037894272559787"
 	} else {
 		t.Fatal("bad c", c)
 	}
@@ -343,8 +346,8 @@ func TestMain(t *testing.T) {
 	if GetMaxOpUnitSize() == 6 {
 		t.Log("CurveFp382_1")
 		test(t, CurveFp382_1)
-		t.Log("CurveFp382_2")
-		test(t, CurveFp382_2)
+		t.Log("BLS12_381")
+		test(t, BLS12_381)
 	}
 }
 
diff --git a/go/bls/mcl.go b/go/bls/mcl.go
index 504fc7c..00feebc 100644
--- a/go/bls/mcl.go
+++ b/go/bls/mcl.go
@@ -3,7 +3,6 @@ package bls
 /*
 #cgo CFLAGS:-DMCLBN_FP_UNIT_SIZE=6
 #include <mcl/bn.h>
-#include <bls/bls.h>
 */
 import "C"
 import "fmt"
@@ -18,6 +17,9 @@ const CurveFp382_1 = C.mclBn_CurveFp382_1
 // CurveFp382_2 -- 382 bit curve 2
 const CurveFp382_2 = C.mclBn_CurveFp382_2
 
+// BLS12_381
+const BLS12_381 = C.MCL_BLS12_381
+
 // GetMaxOpUnitSize --
 func GetMaxOpUnitSize() int {
 	return int(C.MCLBN_FP_UNIT_SIZE)
diff --git a/src/bls.cpp b/src/bls.cpp
index cc67186..71bcb3b 100644
--- a/src/bls.cpp
+++ b/src/bls.cpp
@@ -156,17 +156,17 @@ std::ostream& writeAsHex(std::ostream& os, const T& t)
 void init(int curve, int maxUnitSize)
 {
 	if (maxUnitSize != MCLBN_FP_UNIT_SIZE) throw cybozu::Exception("bls:init:bad maxUnitSize") << maxUnitSize << MCLBN_FP_UNIT_SIZE;
-	mcl::bn::CurveParam cp;
+	mcl::CurveParam cp;
 	switch (curve) {
-	case mclBn_CurveFp254BNb:
-		cp = mcl::bn::CurveFp254BNb;
+	case MCL_BN254:
+		cp = mcl::BN254;
 		break;
 #if MCLBN_FP_UNIT_SIZE == 6
-	case mclBn_CurveFp382_1:
-		cp = mcl::bn::CurveFp382_1;
+	case MCL_BN381_1:
+		cp = mcl::BN381_1;
 		break;
-	case mclBn_CurveFp382_2:
-		cp = mcl::bn::CurveFp382_2;
+	case MCL_BLS12_381:
+		cp = mcl::BLS12_381;
 		break;
 #endif
 	default:
diff --git a/test/bls_c384_test.cpp b/test/bls_c384_test.cpp
index 744a1ca..428fff7 100644
--- a/test/bls_c384_test.cpp
+++ b/test/bls_c384_test.cpp
@@ -24,21 +24,22 @@ void blsDataTest()
 {
 	const char *msg = "test test";
 	const size_t msgSize = strlen(msg);
-	const size_t fpSize = blsGetOpUnitSize() * sizeof(uint64_t);
+	const size_t FrSize = mclBn_getFrByteSize();
+	const size_t FpSize = mclBn_getG1ByteSize();
 	blsSecretKey sec1, sec2;
 	blsSecretKeySetByCSPRNG(&sec1);
 	char buf[1024];
 	size_t n;
 	int ret;
 	n = blsSecretKeyGetHexStr(buf, sizeof(buf), &sec1);
-	CYBOZU_TEST_ASSERT(0 < n && n <= fpSize * 2);
+	CYBOZU_TEST_ASSERT(0 < n && n <= FrSize * 2);
 	ret = blsSecretKeySetHexStr(&sec2, buf, n);
 	CYBOZU_TEST_EQUAL(ret, 0);
 	CYBOZU_TEST_ASSERT(blsSecretKeyIsEqual(&sec1, &sec2));
 
 	memset(&sec2, 0, sizeof(sec2));
 	n = blsSecretKeySerialize(buf, sizeof(buf), &sec1);
-	CYBOZU_TEST_EQUAL(n, fpSize);
+	CYBOZU_TEST_EQUAL(n, FrSize);
 	ret = blsSecretKeyDeserialize(&sec2, buf, n);
 	CYBOZU_TEST_EQUAL(ret, n);
 	CYBOZU_TEST_ASSERT(blsSecretKeyIsEqual(&sec1, &sec2));
@@ -46,14 +47,14 @@ void blsDataTest()
 	blsPublicKey pub1, pub2;
 	blsGetPublicKey(&pub1, &sec1);
 	n = blsPublicKeySerialize(buf, sizeof(buf), &pub1);
-	CYBOZU_TEST_EQUAL(n, fpSize * 2);
+	CYBOZU_TEST_EQUAL(n, FpSize * 2);
 	ret = blsPublicKeyDeserialize(&pub2, buf, n);
 	CYBOZU_TEST_EQUAL(ret, n);
 	CYBOZU_TEST_ASSERT(blsPublicKeyIsEqual(&pub1, &pub2));
 	blsSignature sig1, sig2;
 	blsSign(&sig1, &sec1, msg, msgSize);
 	n = blsSignatureSerialize(buf, sizeof(buf), &sig1);
-	CYBOZU_TEST_EQUAL(n, fpSize);
+	CYBOZU_TEST_EQUAL(n, FpSize);
 	ret = blsSignatureDeserialize(&sig2, buf, n);
 	CYBOZU_TEST_EQUAL(ret, n);
 	CYBOZU_TEST_ASSERT(blsSignatureIsEqual(&sig1, &sig2));
@@ -95,7 +96,7 @@ CYBOZU_TEST_AUTO(multipleInit)
 	{
 		std::vector<Thread> vt(n);
 		for (size_t i = 0; i < n; i++) {
-			vt[i].run(blsInit, mclBn_CurveFp254BNb, MCLBN_FP_UNIT_SIZE);
+			vt[i].run(blsInit, MCL_BN254, MCLBN_FP_UNIT_SIZE);
 		}
 	}
 	CYBOZU_TEST_EQUAL(blsGetOpUnitSize(), 4u);
@@ -103,7 +104,7 @@ CYBOZU_TEST_AUTO(multipleInit)
 	{
 		std::vector<Thread> vt(n);
 		for (size_t i = 0; i < n; i++) {
-			vt[i].run(blsInit, mclBn_CurveFp382_1, MCLBN_FP_UNIT_SIZE);
+			vt[i].run(blsInit, MCL_BLS12_381, MCLBN_FP_UNIT_SIZE);
 		}
 	}
 	CYBOZU_TEST_EQUAL(blsGetOpUnitSize(), 6u);
@@ -113,8 +114,9 @@ CYBOZU_TEST_AUTO(multipleInit)
 
 void blsSerializeTest()
 {
-	const size_t opUnitSize = mclBn_getOpUnitSize();
-	printf("opUnitSize=%d\n", (int)opUnitSize);
+	const size_t FrSize = mclBn_getFrByteSize();
+	const size_t FpSize = mclBn_getG1ByteSize();
+	printf("FrSize=%d, FpSize=%d\n", (int)FrSize, (int)FpSize);
 	blsId id1, id2;
 	blsSecretKey sec1, sec2;
 	blsPublicKey pub1, pub2;
@@ -126,7 +128,7 @@ void blsSerializeTest()
 	const char dummyChar = '1';
 
 	// Id
-	expectSize = opUnitSize * 8;
+	expectSize = FrSize;
 	blsIdSetInt(&id1, -1);
 	n = blsIdSerialize(buf, sizeof(buf), &id1);
 	CYBOZU_TEST_EQUAL(n, expectSize);
@@ -148,7 +150,7 @@ void blsSerializeTest()
 	CYBOZU_TEST_EQUAL(n, expectSize);
 
 	// SecretKey
-	expectSize = opUnitSize * 8;
+	expectSize = FrSize;
 	blsSecretKeySetDecStr(&sec1, "-1", 2);
 	n = blsSecretKeySerialize(buf, sizeof(buf), &sec1);
 	CYBOZU_TEST_EQUAL(n, expectSize);
@@ -170,7 +172,7 @@ void blsSerializeTest()
 	CYBOZU_TEST_EQUAL(n, expectSize);
 
 	// PublicKey
-	expectSize = opUnitSize * 8 * 2;
+	expectSize = FpSize * 2;
 	blsGetPublicKey(&pub1, &sec1);
 	n = blsPublicKeySerialize(buf, sizeof(buf), &pub1);
 	CYBOZU_TEST_EQUAL(n, expectSize);
@@ -192,7 +194,7 @@ void blsSerializeTest()
 	CYBOZU_TEST_EQUAL(n, expectSize);
 
 	// Signature
-	expectSize = opUnitSize * 8;
+	expectSize = FpSize;
 	blsSign(&sig1, &sec1, "abc", 3);
 	n = blsSignatureSerialize(buf, sizeof(buf), &sig1);
 	CYBOZU_TEST_EQUAL(n, expectSize);
@@ -217,21 +219,21 @@ void blsSerializeTest()
 CYBOZU_TEST_AUTO(all)
 {
 	const int tbl[] = {
-		mclBn_CurveFp254BNb,
+		MCL_BN254,
 #if MCLBN_FP_UNIT_SIZE == 6
-		mclBn_CurveFp382_1,
-		mclBn_CurveFp382_2
+		MCL_BN381_1,
+		MCL_BLS12_381,
 #endif
 	};
 	const char *curveOrderTbl[] = {
 		"16798108731015832284940804142231733909759579603404752749028378864165570215949",
 		"5540996953667913971058039301942914304734176495422447785042938606876043190415948413757785063597439175372845535461389",
-		"5541245505022739011583672869577435255026888277144126952448297309161979278754528049907713682488818304329661351460877",
+		"52435875175126190479447740508185965837690552500527637822603658699938581184513",
 	};
 	const char *fieldOrderTbl[] = {
 		"16798108731015832284940804142231733909889187121439069848933715426072753864723",
 		"5540996953667913971058039301942914304734176495422447785045292539108217242186829586959562222833658991069414454984723",
-		"5541245505022739011583672869577435255026888277144126952450651294188487038640194767986566260919128250811286032482323",
+		"4002409555221667393417789825735904156556882819939007885332058136124031650490837864442687629129015664037894272559787",
 	};
 	for (size_t i = 0; i < sizeof(tbl) / sizeof(tbl[0]); i++) {
 		printf("i=%d\n", (int)i);
diff --git a/test/bls_test.cpp b/test/bls_test.cpp
index c81a41a..f97d9a7 100644
--- a/test/bls_test.cpp
+++ b/test/bls_test.cpp
@@ -66,7 +66,7 @@ void SecretKeyTestBN256()
 
 CYBOZU_TEST_AUTO(bn256)
 {
-	bls::init(mclBn_CurveFp254BNb);
+	bls::init(MCL_BN254);
 	IdTestBN256();
 	SecretKeyTestBN256();
 	CYBOZU_TEST_EQUAL(bls::getOpUnitSize(), 4);
@@ -367,13 +367,14 @@ void aggregateTest()
 
 void dataTest()
 {
-	const size_t size = bls::getOpUnitSize() * sizeof(uint64_t);
+	const size_t FrSize = mclBn_getFrByteSize();
+	const size_t FpSize = mclBn_getG1ByteSize();
 	bls::SecretKey sec;
 	sec.init();
 	std::string str;
 	sec.getStr(str, bls::IoFixedByteSeq);
 	{
-		CYBOZU_TEST_EQUAL(str.size(), size);
+		CYBOZU_TEST_EQUAL(str.size(), FrSize);
 		bls::SecretKey sec2;
 		sec2.setStr(str, bls::IoFixedByteSeq);
 		CYBOZU_TEST_EQUAL(sec, sec2);
@@ -382,7 +383,7 @@ void dataTest()
 	sec.getPublicKey(pub);
 	pub.getStr(str, bls::IoFixedByteSeq);
 	{
-		CYBOZU_TEST_EQUAL(str.size(), size * 2);
+		CYBOZU_TEST_EQUAL(str.size(), FpSize * 2);
 		bls::PublicKey pub2;
 		pub2.setStr(str, bls::IoFixedByteSeq);
 		CYBOZU_TEST_EQUAL(pub, pub2);
@@ -392,7 +393,7 @@ void dataTest()
 	sec.sign(sign, m);
 	sign.getStr(str, bls::IoFixedByteSeq);
 	{
-		CYBOZU_TEST_EQUAL(str.size(), size);
+		CYBOZU_TEST_EQUAL(str.size(), FpSize);
 		bls::Signature sign2;
 		sign2.setStr(str, bls::IoFixedByteSeq);
 		CYBOZU_TEST_EQUAL(sign, sign2);
@@ -402,7 +403,7 @@ void dataTest()
 	id.set(v);
 	id.getStr(str, bls::IoFixedByteSeq);
 	{
-		CYBOZU_TEST_EQUAL(str.size(), size);
+		CYBOZU_TEST_EQUAL(str.size(), FrSize);
 		bls::Id id2;
 		id2.setStr(str, bls::IoFixedByteSeq);
 		CYBOZU_TEST_EQUAL(id, id2);
@@ -424,10 +425,10 @@ CYBOZU_TEST_AUTO(all)
 		int type;
 		const char *name;
 	} tbl[] = {
-		{ mclBn_CurveFp254BNb, "Fp254" },
+		{ MCL_BN254, "BN254" },
 #if MCLBN_FP_UNIT_SIZE == 6
-		{ mclBn_CurveFp382_1, "Fp382_1" },
-		{ mclBn_CurveFp382_2, "Fp382_2" },
+		{ MCL_BN381_1, "BN381_1" },
+		{ MCL_BLS12_381, "BLS12_381" },
 #endif
 	};
 	for (size_t i = 0; i < CYBOZU_NUM_OF_ARRAY(tbl); i++) {