diff --git a/.gitignore b/.gitignore index 6abe2ea0612c28..9442c85448939c 100644 --- a/.gitignore +++ b/.gitignore @@ -23,11 +23,11 @@ main .o obj/ src/*.o -contrib/relic/CTestTestfile.cmake -contrib/relic/bench/CTestTestfile.cmake -contrib/relic/bin -contrib/relic/include/relic_conf.h -contrib/relic/test/CTestTestfile.cmake +depends/relic/CTestTestfile.cmake +depends/relic/bench/CTestTestfile.cmake +depends/relic/bin +depends/relic/include/relic_conf.h +depends/relic/test/CTestTestfile.cmake contrib/gmp-6.1.2/ .idea diff --git a/CMakeLists.txt b/CMakeLists.txt index 79226528bb044d..818df0c1fc56ab 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -41,21 +41,6 @@ set(SODIUM_DISABLE_TESTS "on" CACHE STRING "") set(SODIUM_CHIA_MINIMAL "on" CACHE STRING "") FetchContent_MakeAvailable(Sodium) -if (DEFINED ENV{RELIC_MAIN}) - set(RELIC_GIT_TAG "origin/main") -else () - # This is currently anchored to upstream aecdcae7956f542fbee2392c1f0feb0a8ac41dc5 - set(RELIC_GIT_TAG "215c69966cb78b255995f0ee9c86bbbb41c3c42b") -endif () - -message(STATUS "Relic will be built from: ${RELIC_GIT_TAG}") - -FetchContent_Declare( - relic - GIT_REPOSITORY https://github.com/Chia-Network/relic.git - GIT_TAG ${RELIC_GIT_TAG} -) - # Relic related options set(STBIN "off" CACHE STRING "Relic - Build static binaries") @@ -128,8 +113,7 @@ set(QUIET "on" CACHE STRING "Relic - Build with printing disabled") set(PP_EXT "LAZYR" CACHE STRING "") set(PP_METHD "LAZYR;OATEP" CACHE STRING "") -FetchContent_MakeAvailable(relic) - +add_subdirectory(depends/relic) add_subdirectory(src) if(EMSCRIPTEN) diff --git a/README.md b/README.md index 26f854aa23b33a..8460ac818ea7e1 100644 --- a/README.md +++ b/README.md @@ -204,7 +204,7 @@ On a 3.5 GHz i7 Mac, verification takes about 1.1ms per signature, and signing t ### Link the library to use it ```bash -g++ -Wl,-no_pie -std=c++11 -Ibls-signatures/build/_deps/relic-src/include -Ibls-signatures/build/_deps/relic-build/include -Ibls-signatures/src -L./bls-signatures/build/ -l bls yourapp.cpp +g++ -Wl,-no_pie -std=c++11 -Ibls-signatures/depends/relic/include -Ibls-signatures/build/depends/relic/include -Ibls-signatures/src -L./bls-signatures/build/ -l bls yourapp.cpp ``` ## Notes on dependencies diff --git a/depends/relic/.editorconfig b/depends/relic/.editorconfig new file mode 100644 index 00000000000000..bdc049fe5f2858 --- /dev/null +++ b/depends/relic/.editorconfig @@ -0,0 +1,7 @@ +# top-most EditorConfig file +root = true + +# 4 space indentation +[*.{cmake,c,h}] +indent_style = tab +indent_size = 4 diff --git a/depends/relic/.github/workflows/16bit.yml b/depends/relic/.github/workflows/16bit.yml new file mode 100644 index 00000000000000..8633cd32267207 --- /dev/null +++ b/depends/relic/.github/workflows/16bit.yml @@ -0,0 +1,48 @@ +name: Basic configuration (16 bits) + +on: + push: + branches: + - '**' # all branches + pull_request: + branches: + - '**' # all branches + +jobs: + build: + name: ${{ matrix.config.name }} + runs-on: ${{ matrix.config.os }} + strategy: + fail-fast: false + matrix: + config: + - { + name: "Ubuntu Latest - GCC", + artifact: "linux-gcc.tar.xz", + os: ubuntu-latest, + cc: "gcc", + } + - { + name: "Ubuntu Latest - Clang", + artifact: "linux-clang.tar.xz", + os: ubuntu-latest, + cc: "clang", + } + steps: + - uses: actions/checkout@v2 + + - name: Run CMake (standard) + if: ${{ !(runner.os == 'Windows') }} + shell: bash + run: | + mkdir build + cd build + cmake -DCMAKE_C_COMPILER=${{ matrix.config.cc }} -DWSIZE=16 -DSEED= -DBENCH=0 -DTESTS=10 .. + + - name: CMake Build + run: cmake --build build + + - name: CMake Test + run: | + cd build + ctest --verbose . diff --git a/depends/relic/.github/workflows/32bit.yml b/depends/relic/.github/workflows/32bit.yml new file mode 100644 index 00000000000000..bb225ab8083c5f --- /dev/null +++ b/depends/relic/.github/workflows/32bit.yml @@ -0,0 +1,97 @@ +name: Basic configuration (32 bits) + +on: + push: + branches: + - '**' # all branches + pull_request: + branches: + - '**' # all branches + +jobs: + build: + name: ${{ matrix.config.name }} + runs-on: ${{ matrix.config.os }} + strategy: + fail-fast: false + matrix: + config: + - { + name: "Windows Latest - MSVC", + artifact: "windows-msvc.tar.xz", + os: windows-latest, + cc: "cl", + } + - { + name: "Windows Latest - MinGW", + artifact: "windows-mingw.tar.xz", + os: windows-latest, + cc: "gcc" + } + - { + name: "Ubuntu Latest - GCC", + artifact: "linux-gcc.tar.xz", + os: ubuntu-latest, + cc: "gcc", + } + - { + name: "Ubuntu Latest - Clang", + artifact: "linux-clang.tar.xz", + os: ubuntu-latest, + cc: "clang", + } + - { + name: "MacOS Latest", + os: macos-latest, + cc: "clang", + } + steps: + - uses: actions/checkout@v2 + + - name: Set Windows enviroment + if: ${{ (runner.os == 'Windows') && (matrix.config.cc == 'cl') }} + uses: ilammy/msvc-dev-cmd@v1 + + - name: Set MinGW enviroment + if: ${{ (runner.os == 'Windows') && (matrix.config.cc == 'gcc') }} + uses: msys2/setup-msys2@v2 + with: + msystem: MINGW64 + install: >- + git + base-devel + gcc + cmake + update: true + + - name: Run CMake (Win) + if: ${{ (runner.os == 'Windows') && (matrix.config.cc == 'cl') }} + shell: bash + run: | + mkdir build + cd build + cmake -DWSIZE=32 -DSEED= -DBENCH=0 -G "NMake Makefiles" .. + + - name: Run CMake (MingW) + if: ${{ (runner.os == 'Windows') && (matrix.config.cc == 'gcc') }} + shell: bash + run: | + mkdir build + cd build + cmake -DWSIZE=32 -DSEED= -DBENCH=0 -G "MinGW Makefiles" .. + + - name: Run CMake (standard) + if: ${{ !(runner.os == 'Windows') }} + shell: bash + run: | + mkdir build + cd build + cmake -DCMAKE_C_COMPILER=${{ matrix.config.cc }} -DWSIZE=32 -DSEED= -DBENCH=0 .. + + - name: CMake Build + run: cmake --build build + + - name: CMake Test + run: | + cd build + ctest --verbose . diff --git a/depends/relic/.github/workflows/8bit.yml b/depends/relic/.github/workflows/8bit.yml new file mode 100644 index 00000000000000..0765607ec9c753 --- /dev/null +++ b/depends/relic/.github/workflows/8bit.yml @@ -0,0 +1,48 @@ +name: Basic configuration (8 bits) + +on: + push: + branches: + - '**' # all branches + pull_request: + branches: + - '**' # all branches + +jobs: + build: + name: ${{ matrix.config.name }} + runs-on: ${{ matrix.config.os }} + strategy: + fail-fast: false + matrix: + config: + - { + name: "Ubuntu Latest - GCC", + artifact: "linux-gcc.tar.xz", + os: ubuntu-latest, + cc: "gcc", + } + - { + name: "Ubuntu Latest - Clang", + artifact: "linux-clang.tar.xz", + os: ubuntu-latest, + cc: "clang", + } + steps: + - uses: actions/checkout@v2 + + - name: Run CMake (standard) + if: ${{ !(runner.os == 'Windows') }} + shell: bash + run: | + mkdir build + cd build + cmake -DCMAKE_C_COMPILER=${{ matrix.config.cc }} -DWSIZE=8 -DSEED= -DBENCH=0 -DTESTS=10 .. + + - name: CMake Build + run: cmake --build build + + - name: CMake Test + run: | + cd build + ctest --verbose . diff --git a/depends/relic/.github/workflows/bls12-381.yml b/depends/relic/.github/workflows/bls12-381.yml new file mode 100644 index 00000000000000..dc518a02b94d50 --- /dev/null +++ b/depends/relic/.github/workflows/bls12-381.yml @@ -0,0 +1,91 @@ +name: BLS12-381 configuration (ASM) + +on: + push: + branches: + - '**' # all branches + pull_request: + branches: + - '**' # all branches + +jobs: + build: + name: ${{ matrix.config.name }} + runs-on: ${{ matrix.config.os }} + strategy: + fail-fast: false + matrix: + config: + #- { + #name: "Windows Latest - MinGW", + #artifact: "windows-mingw.tar.xz", + #os: windows-latest, + #cc: "gcc" + #} + - { + name: "Ubuntu Latest - GCC", + artifact: "linux-gcc.tar.xz", + os: ubuntu-latest, + cc: "gcc", + } + - { + name: "Ubuntu Latest - Clang", + artifact: "linux-clang.tar.xz", + os: ubuntu-latest, + cc: "clang", + } + - { + name: "MacOS Latest", + os: macos-latest, + cc: "clang", + } + steps: + - uses: actions/checkout@v2 + + - name: Install Linux Dependencies + if: runner.os == 'Linux' + run: sudo apt install libgmp-dev + + - name: Install MacOS Dependencies + if: runner.os == 'MacOS' + run: brew install gmp + + - name: Set MinGW enviroment + if: ${{ (runner.os == 'Windows') && (matrix.config.cc == 'gcc') }} + uses: msys2/setup-msys2@v2 + with: + msystem: MINGW64 + install: >- + git + base-devel + gcc + cmake + gmp + update: true + + - name: Run CMake (MingW) + if: ${{ (runner.os == 'Windows') && (matrix.config.cc == 'gcc') }} + shell: bash + run: | + mkdir build + cd build + cmake -G "MinGW Makefiles" .. + ../preset/x64-pbc-bls12-381.sh . + cmake -DSEED= -DBENCH=0 -DSTBIN=off -DRAND=HASHD . + + - name: Run CMake (standard) + if: ${{ !(runner.os == 'Windows') }} + shell: bash + run: | + mkdir build + cd build + ../preset/x64-pbc-bls12-381.sh ../ + cmake -DCMAKE_C_COMPILER=${{ matrix.config.cc }} -DSEED= -DBENCH=0 . + + - name: CMake Build + run: cmake --build build + + - name: CMake Test + run: | + cd build + ctest --verbose . diff --git a/depends/relic/.github/workflows/easy.yml b/depends/relic/.github/workflows/easy.yml new file mode 100644 index 00000000000000..761f07f33ca54b --- /dev/null +++ b/depends/relic/.github/workflows/easy.yml @@ -0,0 +1,97 @@ +name: Basic configuration + +on: + push: + branches: + - '**' # all branches + pull_request: + branches: + - '**' # all branches + +jobs: + build: + name: ${{ matrix.config.name }} + runs-on: ${{ matrix.config.os }} + strategy: + fail-fast: false + matrix: + config: + - { + name: "Windows Latest - MSVC", + artifact: "windows-msvc.tar.xz", + os: windows-latest, + cc: "cl", + } + - { + name: "Windows Latest - MinGW", + artifact: "windows-mingw.tar.xz", + os: windows-latest, + cc: "gcc" + } + - { + name: "Ubuntu Latest - GCC", + artifact: "linux-gcc.tar.xz", + os: ubuntu-latest, + cc: "gcc", + } + - { + name: "Ubuntu Latest - Clang", + artifact: "linux-clang.tar.xz", + os: ubuntu-latest, + cc: "clang", + } + - { + name: "MacOS Latest", + os: macos-latest, + cc: "clang", + } + steps: + - uses: actions/checkout@v2 + + - name: Set Windows enviroment + if: ${{ (runner.os == 'Windows') && (matrix.config.cc == 'cl') }} + uses: ilammy/msvc-dev-cmd@v1 + + - name: Set MinGW enviroment + if: ${{ (runner.os == 'Windows') && (matrix.config.cc == 'gcc') }} + uses: msys2/setup-msys2@v2 + with: + msystem: MINGW64 + install: >- + git + base-devel + gcc + cmake + update: true + + - name: Run CMake (Win) + if: ${{ (runner.os == 'Windows') && (matrix.config.cc == 'cl') }} + shell: bash + run: | + mkdir build + cd build + cmake -DSEED= -DBENCH=0 -G "NMake Makefiles" .. + + - name: Run CMake (MingW) + if: ${{ (runner.os == 'Windows') && (matrix.config.cc == 'gcc') }} + shell: bash + run: | + mkdir build + cd build + cmake -DSEED= -DBENCH=0 -G "MinGW Makefiles" .. + + - name: Run CMake (standard) + if: ${{ !(runner.os == 'Windows') }} + shell: bash + run: | + mkdir build + cd build + cmake -DCMAKE_C_COMPILER=${{ matrix.config.cc }} -DSEED= -DBENCH=0 .. + + - name: CMake Build + run: cmake --build build + + - name: CMake Test + run: | + cd build + ctest --verbose . diff --git a/depends/relic/.github/workflows/gmp-sec.yml b/depends/relic/.github/workflows/gmp-sec.yml new file mode 100644 index 00000000000000..2cd342099ab32b --- /dev/null +++ b/depends/relic/.github/workflows/gmp-sec.yml @@ -0,0 +1,88 @@ +name: Faster configuration (constant-time GMP) + +on: + push: + branches: + - '**' # all branches + pull_request: + branches: + - '**' # all branches + +jobs: + build: + name: ${{ matrix.config.name }} + runs-on: ${{ matrix.config.os }} + strategy: + fail-fast: false + matrix: + config: + - { + name: "Windows Latest - MinGW", + artifact: "windows-mingw.tar.xz", + os: windows-latest, + cc: "gcc" + } + - { + name: "Ubuntu Latest - GCC", + artifact: "linux-gcc.tar.xz", + os: ubuntu-latest, + cc: "gcc", + } + - { + name: "Ubuntu Latest - Clang", + artifact: "linux-clang.tar.xz", + os: ubuntu-latest, + cc: "clang", + } + - { + name: "MacOS Latest", + os: macos-latest, + cc: "clang", + } + steps: + - uses: actions/checkout@v2 + + - name: Install Linux Dependencies + if: runner.os == 'Linux' + run: sudo apt install libgmp-dev + + - name: Install MacOS Dependencies + if: runner.os == 'MacOS' + run: brew install gmp + + - name: Set MinGW enviroment + if: ${{ (runner.os == 'Windows') && (matrix.config.cc == 'gcc') }} + uses: msys2/setup-msys2@v2 + with: + msystem: MINGW64 + install: >- + git + base-devel + gcc + cmake + gmp + update: true + + - name: Run CMake (MingW) + if: ${{ (runner.os == 'Windows') && (matrix.config.cc == 'gcc') }} + shell: bash + run: | + mkdir build + cd build + cmake -DSEED= -DBENCH=0 -DARITH=gmp-sec -G "MinGW Makefiles" .. + + - name: Run CMake (standard) + if: ${{ !(runner.os == 'Windows') }} + shell: bash + run: | + mkdir build + cd build + cmake -DCMAKE_C_COMPILER=${{ matrix.config.cc }} -DSEED= -DBENCH=0 -DARITH=gmp-sec .. + + - name: CMake Build + run: cmake --build build + + - name: CMake Test + run: | + cd build + ctest --verbose . diff --git a/depends/relic/.github/workflows/gmp.yml b/depends/relic/.github/workflows/gmp.yml new file mode 100644 index 00000000000000..618e05da30783b --- /dev/null +++ b/depends/relic/.github/workflows/gmp.yml @@ -0,0 +1,88 @@ +name: Faster configuration (GMP) + +on: + push: + branches: + - '**' # all branches + pull_request: + branches: + - '**' # all branches + +jobs: + build: + name: ${{ matrix.config.name }} + runs-on: ${{ matrix.config.os }} + strategy: + fail-fast: false + matrix: + config: + - { + name: "Windows Latest - MinGW", + artifact: "windows-mingw.tar.xz", + os: windows-latest, + cc: "gcc" + } + - { + name: "Ubuntu Latest - GCC", + artifact: "linux-gcc.tar.xz", + os: ubuntu-latest, + cc: "gcc", + } + - { + name: "Ubuntu Latest - Clang", + artifact: "linux-clang.tar.xz", + os: ubuntu-latest, + cc: "clang", + } + - { + name: "MacOS Latest", + os: macos-latest, + cc: "clang", + } + steps: + - uses: actions/checkout@v2 + + - name: Install Linux Dependencies + if: runner.os == 'Linux' + run: sudo apt install libgmp-dev + + - name: Install MacOS Dependencies + if: runner.os == 'MacOS' + run: brew install gmp + + - name: Set MinGW enviroment + if: ${{ (runner.os == 'Windows') && (matrix.config.cc == 'gcc') }} + uses: msys2/setup-msys2@v2 + with: + msystem: MINGW64 + install: >- + git + base-devel + gcc + cmake + gmp + update: true + + - name: Run CMake (MingW) + if: ${{ (runner.os == 'Windows') && (matrix.config.cc == 'gcc') }} + shell: bash + run: | + mkdir build + cd build + cmake -DSEED= -DBENCH=0 -DARITH=gmp -G "MinGW Makefiles" .. + + - name: Run CMake (standard) + if: ${{ !(runner.os == 'Windows') }} + shell: bash + run: | + mkdir build + cd build + cmake -DCMAKE_C_COMPILER=${{ matrix.config.cc }} -DSEED= -DBENCH=0 -DARITH=gmp .. + + - name: CMake Build + run: cmake --build build + + - name: CMake Test + run: | + cd build + ctest --verbose . diff --git a/depends/relic/.gitignore b/depends/relic/.gitignore new file mode 100644 index 00000000000000..d73f86704276bb --- /dev/null +++ b/depends/relic/.gitignore @@ -0,0 +1,31 @@ +relic-all.c +target* +*.o + +*/x64/ +*.vcxproj* +.vs/ +*.sln +*.dir/ +x64/ + +*/win32/ +win32/ + +*/CMakeCache.txt +CMakeCache.txt + +*/Makefile +Makefile +*/CMakeFiles +CMakeFiles + +lib/ +bin/ + +CMakeSettings.json +Testing/ +include/relic_conf.h +install_manifest.txt + +src/low/fiat/*.c diff --git a/depends/relic/.indent.pro b/depends/relic/.indent.pro new file mode 100644 index 00000000000000..3fa50ae4f12676 --- /dev/null +++ b/depends/relic/.indent.pro @@ -0,0 +1,64 @@ +-nbap --no-blank-lines-after-procedures +-brf --braces-on-func-def-line +-br --braces-on-if-line +-brs --braces-on-struct-decl-line +-cd1 --declaration-comment-column1 +-ncdb --no-comment-delimiters-on-blank-lines +-ce --cuddle-else +-ci8 --continuation-indentation8 +-cli4 --case-indentation4 +-cp1 --else-endif-column1 +-di1 --declaration-indentation1 +-fc1 --format-first-column-comments +-hnl --honour-newlines +-i4 --indent-level4 +-ip0 --parameter-indentation0 +-l80 --line-length80 +-lc80 --comment-line-length80 +-lps --leave-preprocessor-space +-nbbo --break-after-boolean-operator +-nbad --no-blank-lines-after-declarations +-nbbo --break-after-boolean-operator +-ncs --no-space-after-casts +-npcs --no-space-after-function-call-names +-nprs --no-space-after-parentheses +-npsl --dont-break-procedure-type +-nlp --dont-line-up-parentheses +-pmt --preserve-mtime +-saf --space-after-for +-sai --space-after-if +-saw --space-after-while +-sc --start-left-side-of-comments +-ss --space-special-semicolon +-ut --use-tabs +-ts4 --tab-size4 +-T int8_t +-T uint8_t +-T FILE +-T bn_t +-T dv_t +-T dv2_t +-T dv3_t +-T dv6_t +-T ft_t +-T fb_t +-T fb2_t +-T fb4_t +-T fp_t +-T fp2_t +-T fp3_t +-T fp6_t +-T fp12_t +-T fp18_t +-T eb_t +-T ep_t +-T ep2_t +-T ep3_t +-T err_t +-T ctx_t +-T state_t +-T dig_t +-T dbl_t +-T dis_t +-T rsa_pub_t +-T rsa_prv_t diff --git a/depends/relic/.travis.yml b/depends/relic/.travis.yml new file mode 100644 index 00000000000000..330d9929917dfc --- /dev/null +++ b/depends/relic/.travis.yml @@ -0,0 +1,33 @@ +language: cpp + +addons: + apt: + packages: + - cmake + - cmake-data + +compiler: + - clang + - gcc + +env: + # Automatic allocation + - CONFIG="-DSEED= -DBENCH=0" TEST="" + # Dynamic allocation + - CONFIG="-DALLOC=DYNAMIC -DSEED= -DBENCH=0" TEST="" + # Jacobian coordinates + - CONFIG="-DSEED= -DBENCH=0 -DEP_METHD='JACOB;LWNAF;COMBS;INTER'" TEST="" + # Build for Edwards curves + - CONFIG="-DSEED= -DBENCH=0 -DFP_PRIME=255 -FP_QNRES=off -DEC_METHD=EDDIE -DED_METHD='PROJC;LWNAF;LWNAF;BASIC' -DWITH='BN;DV;MD;FP;ED,EC;CP'" TEST="-E test_fpx" + # Build Supersingular curves + - CONFIG="-DSEED= -DBENCH=0 -DBN_PRECI=1536 -DFP_PRIME=1536 -DFP_QNRES=on" TEST="-E test_fpx" + # Build BLS12-381 + - CONFIG="-DWSIZE=64 -DARITH=x64-asm-6l -DFP_PRIME=381 -DFP_PMERS=off -DFP_QNRES=on" + + # Build with Address Sanityzer + - CONFIG="-DAUSAN=on -DSEED= -DBENCH=0" TEST="" + +script: + - mkdir build && cd build + - cmake $CONFIG .. && make -j && ctest -V $TEST + - cd .. && rm -rf build diff --git a/depends/relic/CMakeLists.txt b/depends/relic/CMakeLists.txt new file mode 100644 index 00000000000000..db5a6250746808 --- /dev/null +++ b/depends/relic/CMakeLists.txt @@ -0,0 +1,341 @@ +cmake_minimum_required(VERSION 3.1) +if(NOT ${CMAKE_VERSION} VERSION_LESS "3.1") + cmake_policy(SET CMP0054 NEW) +endif() + +project(RELIC C CXX) +set(PROJECT_VERSION_MAJOR "0") +set(PROJECT_VERSION_MINOR "5") +set(PROJECT_VERSION_PATCH "0") +set(PROJECT_VERSION "${PROJECT_VERSION_MAJOR}.${PROJECT_VERSION_MINOR}.${PROJECT_VERSION_PATCH}") +set(VERSION ${PROJECT_VERSION}) + +set(INCLUDE ${CMAKE_CURRENT_BINARY_DIR}/include ${CMAKE_CURRENT_SOURCE_DIR}/include ${CMAKE_CURRENT_SOURCE_DIR}/include/low ${CMAKE_CURRENT_SOURCE_DIR}/src/tmpl) +include_directories(${INCLUDE}) + +set(LIBRARY_OUTPUT_PATH ${PROJECT_BINARY_DIR}/lib) +set(EXECUTABLE_OUTPUT_PATH ${PROJECT_BINARY_DIR}/bin) + +set(WFLAGS "-Wall") + +message("\n-- Configuring ${PROJECT_NAME} ${PROJECT_VERSION}...\n") + +message(STATUS "Available switches (default = CHECK, VERBS, DOCUM):\n") + +message(" DEBUG=[off|on] Build with debugging support.") +message(" PROFL=[off|on] Build with profiling support.") +message(" CHECK=[off|on] Build with error-checking support.") +message(" VERBS=[off|on] Build with detailed error messages.") +message(" OVERH=[off|on] Build with overhead estimation.") +message(" DOCUM=[off|on] Build documentation.") +message(" STRIP=[off|on] Build only selected algorithms.") +message(" QUIET=[off|on] Build with printing disabled.") +message(" COLOR=[off|on] Build with colored output.") +message(" BIGED=[off|on] Build with big-endian support.") +message(" SHLIB=[off|on] Build shared library.") +message(" STLIB=[off|on] Build static library.") +message(" STBIN=[off|on] Build static binaries.") +message(" AMALG=[off|on] Build amalgamation for better performance.") +message(" AUSAN=[off|on] Build with ASan and UBSan (gcc/clang only).\n") + +option(DEBUG "Build with debugging support" off) +option(PROFL "Build with profiling support" off) +option(CHECK "Build with error-checking support" on) +option(VERBS "Build with detailed error messages" on) +option(OVERH "Build with overhead estimation" off) +option(DOCUM "Build documentation" on) +option(STRIP "Build only the selected algorithms" off) +option(QUIET "Build with printing disabled" off) +option(COLOR "Build with colored output" on) +option(BIGED "Build with big-endian support" off) +option(SHLIB "Build shared library" on) +option(STLIB "Build static library" on) +option(STBIN "Build static binaries" off) +option(AMALG "Build amalgamation" off) +option(AUSAN "Build with ASan and UBSan (gcc/clang only)" off) + +message(STATUS "Number of times each test or benchmark is ran (default = 50, 1000):\n") + +message(" TESTS=n If n > 0, build automated tests and run them n times.") +message(" BENCH=n If n > 0, build automated benchmarks and run them n * n times.\n") + +message(STATUS "Number of available processor cores (default = 1):\n") + +message(" CORES=n If n > 1, enable multithreading support.\n") + +message(STATUS "Available modules (default = ALL)\n") + +message(" WITH=BN Multiple precision arithmetic.") +message(" WITH=DV Temporary double-precision digit vectors.") +message(" WITH=FP Prime field arithmetic.") +message(" WITH=FPX Prime extension field arithmetic.") +message(" WITH=FB Binary field arithmetic.") +message(" WITH=EP Elliptic curves over prime fields.") +message(" WITH=EPX Elliptic curves over quadratic extensions of prime fields.") +message(" WITH=EB Elliptic curves over binary fields.") +message(" WITH=ED Elliptic Edwards curves over prime fields.") +message(" WTTH=EC Elliptic curve cryptography.") +message(" WITH=PB Pairings over binary elliptic curves.") +message(" WITH=PP Pairings over prime elliptic curves.") +message(" WTTH=PC Pairing-based cryptography.") +message(" WITH=BC Block ciphers (symmetric encryption).") +message(" WITH=MD Message digests (hash functions).") +message(" WITH=CP Cryptographic protocols.") +message(" WITH=MPC Multi-party computation primitives.") +message(" WITH=ALL All of the above.") +message(" Note: the programmer is responsible for not using unselected modules.\n") + +message(STATUS "Available arithmetic backends (default = easy):\n") + +message(" ARITH=easy Easy-to-understand and portable, but slow backend.") +message(" ARITH=fiat Backend based on code generated from Fiat-Crypto.") +message(" ARITH=gmp Backend based on GNU Multiple Precision library.\n") +message(" ARITH=gmp-sec Same as above, but using constant-time code.\n") + +message(STATUS "Available memory-allocation policies (default = AUTO):\n") + +message(" ALLOC=AUTO All memory is automatically allocated.") +message(" ALLOC=DYNAMIC All memory is allocated dynamically on demand.\n") + +message(STATUS "Supported operating systems (default = LINUX):\n") + +message(" OPSYS= Undefined/No specific operating system.") +message(" OPSYS=LINUX GNU/Linux operating system.") +message(" OPSYS=FREEBSD FreeBSD operating system.") +message(" OPSYS=NETBSD NetBSD operating system.") +message(" OPSYS=MACOSX Mac OS X operating system.") +message(" OPSYS=WINDOWS Windows operating system.") +message(" OPSYS=DROID Android operating system.") +message(" OPSYS=DUINO Arduino platform.\n") + +message(STATUS "Supported multithreading APIs (default = UNDEF):\n") + +message(" MULTI= No multithreading support.") +message(" MULTI=OPENMP Open Multi-Processing.") +message(" MULTI=PTHREAD POSIX threads.\n") + +message(STATUS "Supported timers (default = HREAL):\n") + +message(" TIMER= No timer.") +message(" TIMER=HREAL GNU/Linux realtime high-resolution timer.") +message(" TIMER=HPROC GNU/Linux per-process high-resolution timer.") +message(" TIMER=HTHRD GNU/Linux per-thread high-resolution timer.") +message(" TIMER=ANSI ANSI-compatible timer.") +message(" TIMER=POSIX POSIX-compatible timer.") +message(" TIMER=CYCLE Cycle-counting timer. (architecture-dependant)") +message(" TIMER=PERF GNU/Linux performance monitoring framework.\n") + +message(STATUS "Prefix to identify this build of the library (default = \"\"):\n") + +message(" LABEL=relic\n") + +include(cmake/arch.cmake) +include(cmake/err.cmake) +include(cmake/bn.cmake) +include(cmake/fp.cmake) +include(cmake/fpx.cmake) +include(cmake/fb.cmake) +include(cmake/ep.cmake) +include(cmake/eb.cmake) +include(cmake/ed.cmake) +include(cmake/ec.cmake) +include(cmake/pp.cmake) +include(cmake/md.cmake) +include(cmake/cp.cmake) +include(cmake/rand.cmake) +include(cmake/with.cmake) + +# Number of tests and benchmarks +set(BENCH "100" CACHE STRING "Number of times each benchmark is ran.") +set(TESTS "100" CACHE STRING "Number of times each test is ran.") + +# Number of cores. +set(CORES "1" CACHE STRING "Number of available processor cores.") + +# Choose the arithmetic backend. +set(ARITH "easy" CACHE STRING "Arithmetic backend") + +# Choose the memory-allocation policy. +set(ALLOC "AUTO" CACHE STRING "Allocation policy") + +# Simulator of the target platform. +set(SIMUL "$ENV{SIMUL}" CACHE STRING "Path to call a simulator of the target platform.") +set(SIMAR "$ENV{SIMAR}" CACHE STRING "Arguments to call a simulator of the target platform.") +string(REPLACE " " ";" SIMAR "${SIMAR}") + +# Linker flags. +string(TOLOWER ${ARITH} LFLAGS) +set(LFLAGS "-L${CMAKE_CURRENT_SOURCE_DIR}/src/low/${LFLAGS}/") +set(LFLAGS "${LFLAGS} $ENV{LDFLAGS}") + +if(STBIN) + set(LFLAGS "${LFLAGS} -static") + set(CMAKE_LINK_SEARCH_START_STATIC ON) + set(CMAKE_LINK_SEARCH_END_STATIC ON) +endif() + +# Discover the operating system. +if(CMAKE_SYSTEM_NAME STREQUAL Linux) + set(OPSYS "LINUX" CACHE STRING "Operating system") +else() + if(CMAKE_SYSTEM_NAME STREQUAL FreeBSD) + set(OPSYS "FREEBSD" CACHE STRING "Operating system") + else() + if(CMAKE_SYSTEM_NAME STREQUAL Darwin) + set(OPSYS "MACOSX" CACHE STRING "Operating system") + else() + if(CMAKE_SYSTEM_NAME STREQUAL NetBSD) + set(OPSYS "NETBSD" CACHE STRING "Operating system") + else() + if(CMAKE_SYSTEM_NAME STREQUAL Windows) + set(OPSYS "WINDOWS" CACHE STRING "Operating system") + endif() + endif() + endif() + endif() +endif() +if(OPSYS STREQUAL LINUX) + add_definitions(-D_GNU_SOURCE) +endif() +message(STATUS "Configured operating system: ${OPSYS}") + +if(OPSYS STREQUAL LINUX) + set(TIMER "HREAL" CACHE STRING "Timer") +else() + set(TIMER "ANSI" CACHE STRING "Timer") +endif() + +if(MSVC) + #defaults to the DLL runtime library. + set(RUNTIME "MD" CACHE STRING "MSVC runtime libraries") + message(STATUS "Supported MSVC runtime libraries (default = MD):\n") + message(" RUNTIME=MD DLL runtime library (/MD,/MDd).") + message(" RUNTIME=MT Static runtime library (/MT,/MTd).\n") + + #loop over the compile flags to swap /MD and /MT. + set(CompilerFlags + CMAKE_C_FLAGS_DEBUG + CMAKE_C_FLAGS_RELEASE + CMAKE_C_FLAGS_RELWITHDEBINFO + CMAKE_C_FLAGS_MINSIZEREL) + foreach(CompilerFlag ${CompilerFlags}) + if(RUNTIME STREQUAL MT) + string(REPLACE "/MD" "/MT" ${CompilerFlag} "${${CompilerFlag}}") + else() + string(REPLACE "/MT" "/MD" ${CompilerFlag} "${${CompilerFlag}}") + endif() + endforeach() +endif() + +if("$ENV{CFLAGS}" STREQUAL "") + # If the user did not specify compile flags, we use sane defaults. + if(DEBUG) + if (MSVC) + set(CFLAGS "/Od" CACHE STRING "Default compiler flags.") + else() + # Turn off all optimizations. + set(CFLAGS "-pipe -std=c99 -O0 -fno-omit-frame-pointer" CACHE STRING "Default compiler flags.") + set(DFLAGS "-ggdb") + endif() + else() + if (MSVC) + set(CFLAGS "/O2" CACHE STRING "Default compiler flags.") + else() + set(CFLAGS "-pipe -std=c99 -O2 -funroll-loops -fomit-frame-pointer" CACHE STRING "Default compiler flags.") + endif() + endif() +else() + # Turn on debugging symbols with custom flags. + if(DEBUG) + if (MSVC) + set(DFLAGS "/Z7") + else () + set(DFLAGS "-ggdb") + endif() + endif() + set(CFLAGS "$ENV{CFLAGS}" CACHE STRING "User-chosen compiler flags.") +endif() + +if(AUSAN) + set(DFLAGS "${DFLAGS} -ggdb -fsanitize=address -fsanitize=undefined") +endif() + +if(MULTI STREQUAL OPENMP) + if (MSVC) + set(CFLAGS "${CFLAGS} /openmp") + else () + find_package(OpenMP REQUIRED) + set(CFLAGS "${CFLAGS} -fopenmp") + endif () + set(MULTI "OPENMP" CACHE STRING "Multithreading interface") +else() + if(MULTI STREQUAL PTHREAD) + find_package(Threads REQUIRED) + set(CFLAGS "${CFLAGS} -pthread") + set(MULTI "PTHREAD" CACHE STRING "Multithreading interface") + endif() +endif() + +if(PROFL) + set(PFLAGS "-pg -fno-omit-frame-pointer") +else() + set(PFLAGS "") +endif() + +if(ARITH STREQUAL "gmp" OR ARITH STREQUAL "gmp-sec") + include(cmake/gmp.cmake) + if(GMP_FOUND) + include_directories(${GMP_INCLUDE_DIR}) + set(ARITH_LIBS ${GMP_LIBRARIES}) + endif() +endif() + +if(ARITH STREQUAL "fiat") + message(STATUS "Configured Fiat-Crypto: After build completes, set FIAT_CRYPTO to root folder and run: make fiat; cmake; make.") +endif() + +set(CMAKE_C_FLAGS "${AFLAGS} ${WFLAGS} ${DFLAGS} ${PFLAGS} ${CFLAGS}") +set(CMAKE_EXE_LINKER_FLAGS "${LFLAGS}") + +message(STATUS "Compiler flags: ${CMAKE_C_FLAGS}") +message(STATUS "Linker flags: ${CMAKE_EXE_LINKER_FLAGS}") + +string(TOUPPER ${ARITH} ARITH) +configure_file(${CMAKE_CURRENT_SOURCE_DIR}/include/relic_conf.h.in + ${CMAKE_CURRENT_BINARY_DIR}/include/relic_conf.h @ONLY) +message(STATUS "Configured ${CMAKE_CURRENT_SOURCE_DIR}/include/relic_conf.h.in") +string(TOLOWER ${ARITH} ARITH) + +if (LABEL) + set(RELIC "relic_${LABEL}") + set(RELIC_S "relic_s_${LABEL}") +else() + set(RELIC "relic") + set(RELIC_S "relic_s") +endif() + +# Choose the arithmetic backend. +set(LABEL "" CACHE STRING "Build label") + +add_subdirectory(${CMAKE_CURRENT_SOURCE_DIR}/src) + +file(GLOB includes "${CMAKE_CURRENT_SOURCE_DIR}/include/*.h") +install(FILES ${includes} DESTINATION include/${RELIC}) +file(GLOB includes "${CMAKE_CURRENT_SOURCE_DIR}/include/low/*.h") +install(FILES ${includes} DESTINATION include/${RELIC}/low) +install(DIRECTORY "${CMAKE_CURRENT_BINARY_DIR}/include/" DESTINATION include/${RELIC}) + +install(FILES cmake/relic-config.cmake DESTINATION cmake/) + +if(DOCUM) + include(cmake/doxygen.cmake) +endif() + +if(TESTS GREATER 0) + enable_testing() + add_subdirectory(test) +endif(TESTS GREATER 0) + +if(BENCH GREATER 0) + add_subdirectory(bench) +endif(BENCH GREATER 0) diff --git a/depends/relic/COPYRIGHT b/depends/relic/COPYRIGHT new file mode 100644 index 00000000000000..bf950c2b0ad3df --- /dev/null +++ b/depends/relic/COPYRIGHT @@ -0,0 +1,11 @@ +RELIC Authors: + +Diego de Freitas Aranha dfaranha at gmail com +Conrado Porto Lopes Gouvêa conradoplg at gmail com +Tobias Markmann tmarkmann at gmail com +Riad S. Wahby rsw at cs stanford edu +Kevin Liao kevliao at mit edu + +RELIC logo: + +Fernanda Alcântara Andaló fernanda@andalo.net.br diff --git a/depends/relic/LICENSE b/depends/relic/LICENSE new file mode 100644 index 00000000000000..d5e3877071e97c --- /dev/null +++ b/depends/relic/LICENSE @@ -0,0 +1 @@ +Apache-2.0 OR LGPL-2.1 diff --git a/depends/relic/LICENSE.Apache-2.0 b/depends/relic/LICENSE.Apache-2.0 new file mode 100644 index 00000000000000..d645695673349e --- /dev/null +++ b/depends/relic/LICENSE.Apache-2.0 @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/depends/relic/LICENSE.LGPL-2.1 b/depends/relic/LICENSE.LGPL-2.1 new file mode 100644 index 00000000000000..e8555423924e30 --- /dev/null +++ b/depends/relic/LICENSE.LGPL-2.1 @@ -0,0 +1,520 @@ +RELIC is licensed under the GNU Lesser General Public License (LGPL), with +the following exceptions/clarifications: + + 1. Making modifications to RELIC configuration files, build scripts and + configuration headers such as "relic_conf.h" in order to create a + customized build setup of RELIC with the otherwise unmodified source code, + does not constitute a derived work. + 2. Statically linking the RELIC library into a user application does not + make the user application a derived work, and therefore does not require + the user to distribute the source code or object code of their own + application. The RELIC source code with all modifications must still be + passed on in the same way as using RELIC as a shared library. + 3. Using source code obfuscation on the RELIC source code when distributing + it is not permitted. + +These exceptions/clarifications shall be deemed to amend the base LGPL text, +as reproduced below. + + GNU LESSER GENERAL PUBLIC LICENSE + Version 2.1, February 1999 + + Copyright (C) 1991, 1999 Free Software Foundation, Inc. + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + +[This is the first released version of the Lesser GPL. It also counts + as the successor of the GNU Library Public License, version 2, hence + the version number 2.1.] + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +Licenses are intended to guarantee your freedom to share and change +free software--to make sure the software is free for all its users. + + This license, the Lesser General Public License, applies to some +specially designated software packages--typically libraries--of the +Free Software Foundation and other authors who decide to use it. You +can use it too, but we suggest you first think carefully about whether +this license or the ordinary General Public License is the better +strategy to use in any particular case, based on the explanations below. + + When we speak of free software, we are referring to freedom of use, +not price. Our General Public Licenses are designed to make sure that +you have the freedom to distribute copies of free software (and charge +for this service if you wish); that you receive source code or can get +it if you want it; that you can change the software and use pieces of +it in new free programs; and that you are informed that you can do +these things. + + To protect your rights, we need to make restrictions that forbid +distributors to deny you these rights or to ask you to surrender these +rights. These restrictions translate to certain responsibilities for +you if you distribute copies of the library or if you modify it. + + For example, if you distribute copies of the library, whether gratis +or for a fee, you must give the recipients all the rights that we gave +you. You must make sure that they, too, receive or can get the source +code. If you link other code with the library, you must provide +complete object files to the recipients, so that they can relink them +with the library after making changes to the library and recompiling +it. And you must show them these terms so they know their rights. + + We protect your rights with a two-step method: (1) we copyright the +library, and (2) we offer you this license, which gives you legal +permission to copy, distribute and/or modify the library. + + To protect each distributor, we want to make it very clear that +there is no warranty for the free library. Also, if the library is +modified by someone else and passed on, the recipients should know +that what they have is not the original version, so that the original +author's reputation will not be affected by problems that might be +introduced by others. + + Finally, software patents pose a constant threat to the existence of +any free program. We wish to make sure that a company cannot +effectively restrict the users of a free program by obtaining a +restrictive license from a patent holder. Therefore, we insist that +any patent license obtained for a version of the library must be +consistent with the full freedom of use specified in this license. + + Most GNU software, including some libraries, is covered by the +ordinary GNU General Public License. This license, the GNU Lesser +General Public License, applies to certain designated libraries, and +is quite different from the ordinary General Public License. We use +this license for certain libraries in order to permit linking those +libraries into non-free programs. + + When a program is linked with a library, whether statically or using +a shared library, the combination of the two is legally speaking a +combined work, a derivative of the original library. The ordinary +General Public License therefore permits such linking only if the +entire combination fits its criteria of freedom. The Lesser General +Public License permits more lax criteria for linking other code with +the library. + + We call this license the "Lesser" General Public License because it +does Less to protect the user's freedom than the ordinary General +Public License. It also provides other free software developers Less +of an advantage over competing non-free programs. These disadvantages +are the reason we use the ordinary General Public License for many +libraries. However, the Lesser license provides advantages in certain +special circumstances. + + For example, on rare occasions, there may be a special need to +encourage the widest possible use of a certain library, so that it becomes +a de-facto standard. To achieve this, non-free programs must be +allowed to use the library. A more frequent case is that a free +library does the same job as widely used non-free libraries. In this +case, there is little to gain by limiting the free library to free +software only, so we use the Lesser General Public License. + + In other cases, permission to use a particular library in non-free +programs enables a greater number of people to use a large body of +free software. For example, permission to use the GNU C Library in +non-free programs enables many more people to use the whole GNU +operating system, as well as its variant, the GNU/Linux operating +system. + + Although the Lesser General Public License is Less protective of the +users' freedom, it does ensure that the user of a program that is +linked with the Library has the freedom and the wherewithal to run +that program using a modified version of the Library. + + The precise terms and conditions for copying, distribution and +modification follow. Pay close attention to the difference between a +"work based on the library" and a "work that uses the library". The +former contains code derived from the library, whereas the latter must +be combined with the library in order to run. + + GNU LESSER GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License Agreement applies to any software library or other +program which contains a notice placed by the copyright holder or +other authorized party saying it may be distributed under the terms of +this Lesser General Public License (also called "this License"). +Each licensee is addressed as "you". + + A "library" means a collection of software functions and/or data +prepared so as to be conveniently linked with application programs +(which use some of those functions and data) to form executables. + + The "Library", below, refers to any such software library or work +which has been distributed under these terms. A "work based on the +Library" means either the Library or any derivative work under +copyright law: that is to say, a work containing the Library or a +portion of it, either verbatim or with modifications and/or translated +straightforwardly into another language. (Hereinafter, translation is +included without limitation in the term "modification".) + + "Source code" for a work means the preferred form of the work for +making modifications to it. For a library, complete source code means +all the source code for all modules it contains, plus any associated +interface definition files, plus the scripts used to control compilation +and installation of the library. + + Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running a program using the Library is not restricted, and output from +such a program is covered only if its contents constitute a work based +on the Library (independent of the use of the Library in a tool for +writing it). Whether that is true depends on what the Library does +and what the program that uses the Library does. + + 1. You may copy and distribute verbatim copies of the Library's +complete source code as you receive it, in any medium, provided that +you conspicuously and appropriately publish on each copy an +appropriate copyright notice and disclaimer of warranty; keep intact +all the notices that refer to this License and to the absence of any +warranty; and distribute a copy of this License along with the +Library. + + You may charge a fee for the physical act of transferring a copy, +and you may at your option offer warranty protection in exchange for a +fee. + + 2. You may modify your copy or copies of the Library or any portion +of it, thus forming a work based on the Library, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) The modified work must itself be a software library. + + b) You must cause the files modified to carry prominent notices + stating that you changed the files and the date of any change. + + c) You must cause the whole of the work to be licensed at no + charge to all third parties under the terms of this License. + + d) If a facility in the modified Library refers to a function or a + table of data to be supplied by an application program that uses + the facility, other than as an argument passed when the facility + is invoked, then you must make a good faith effort to ensure that, + in the event an application does not supply such function or + table, the facility still operates, and performs whatever part of + its purpose remains meaningful. + + (For example, a function in a library to compute square roots has + a purpose that is entirely well-defined independent of the + application. Therefore, Subsection 2d requires that any + application-supplied function or table used by this function must + be optional: if the application does not supply it, the square + root function must still compute square roots.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Library, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Library, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote +it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Library. + +In addition, mere aggregation of another work not based on the Library +with the Library (or with a work based on the Library) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may opt to apply the terms of the ordinary GNU General Public +License instead of this License to a given copy of the Library. To do +this, you must alter all the notices that refer to this License, so +that they refer to the ordinary GNU General Public License, version 2, +instead of to this License. (If a newer version than version 2 of the +ordinary GNU General Public License has appeared, then you can specify +that version instead if you wish.) Do not make any other change in +these notices. + + Once this change is made in a given copy, it is irreversible for +that copy, so the ordinary GNU General Public License applies to all +subsequent copies and derivative works made from that copy. + + This option is useful when you wish to copy part of the code of +the Library into a program that is not a library. + + 4. You may copy and distribute the Library (or a portion or +derivative of it, under Section 2) in object code or executable form +under the terms of Sections 1 and 2 above provided that you accompany +it with the complete corresponding machine-readable source code, which +must be distributed under the terms of Sections 1 and 2 above on a +medium customarily used for software interchange. + + If distribution of object code is made by offering access to copy +from a designated place, then offering equivalent access to copy the +source code from the same place satisfies the requirement to +distribute the source code, even though third parties are not +compelled to copy the source along with the object code. + + 5. A program that contains no derivative of any portion of the +Library, but is designed to work with the Library by being compiled or +linked with it, is called a "work that uses the Library". Such a +work, in isolation, is not a derivative work of the Library, and +therefore falls outside the scope of this License. + + However, linking a "work that uses the Library" with the Library +creates an executable that is a derivative of the Library (because it +contains portions of the Library), rather than a "work that uses the +library". The executable is therefore covered by this License. +Section 6 states terms for distribution of such executables. + + When a "work that uses the Library" uses material from a header file +that is part of the Library, the object code for the work may be a +derivative work of the Library even though the source code is not. +Whether this is true is especially significant if the work can be +linked without the Library, or if the work is itself a library. The +threshold for this to be true is not precisely defined by law. + + If such an object file uses only numerical parameters, data +structure layouts and accessors, and small macros and small inline +functions (ten lines or less in length), then the use of the object +file is unrestricted, regardless of whether it is legally a derivative +work. (Executables containing this object code plus portions of the +Library will still fall under Section 6.) + + Otherwise, if the work is a derivative of the Library, you may +distribute the object code for the work under the terms of Section 6. +Any executables containing that work also fall under Section 6, +whether or not they are linked directly with the Library itself. + + 6. As an exception to the Sections above, you may also combine or +link a "work that uses the Library" with the Library to produce a +work containing portions of the Library, and distribute that work +under terms of your choice, provided that the terms permit +modification of the work for the customer's own use and reverse +engineering for debugging such modifications. + + You must give prominent notice with each copy of the work that the +Library is used in it and that the Library and its use are covered by +this License. You must supply a copy of this License. If the work +during execution displays copyright notices, you must include the +copyright notice for the Library among them, as well as a reference +directing the user to the copy of this License. Also, you must do one +of these things: + + a) Accompany the work with the complete corresponding + machine-readable source code for the Library including whatever + changes were used in the work (which must be distributed under + Sections 1 and 2 above); and, if the work is an executable linked + with the Library, with the complete machine-readable "work that + uses the Library", as object code and/or source code, so that the + user can modify the Library and then relink to produce a modified + executable containing the modified Library. (It is understood + that the user who changes the contents of definitions files in the + Library will not necessarily be able to recompile the application + to use the modified definitions.) + + b) Use a suitable shared library mechanism for linking with the + Library. A suitable mechanism is one that (1) uses at run time a + copy of the library already present on the user's computer system, + rather than copying library functions into the executable, and (2) + will operate properly with a modified version of the library, if + the user installs one, as long as the modified version is + interface-compatible with the version that the work was made with. + + c) Accompany the work with a written offer, valid for at + least three years, to give the same user the materials + specified in Subsection 6a, above, for a charge no more + than the cost of performing this distribution. + + d) If distribution of the work is made by offering access to copy + from a designated place, offer equivalent access to copy the above + specified materials from the same place. + + e) Verify that the user has already received a copy of these + materials or that you have already sent this user a copy. + + For an executable, the required form of the "work that uses the +Library" must include any data and utility programs needed for +reproducing the executable from it. However, as a special exception, +the materials to be distributed need not include anything that is +normally distributed (in either source or binary form) with the major +components (compiler, kernel, and so on) of the operating system on +which the executable runs, unless that component itself accompanies +the executable. + + It may happen that this requirement contradicts the license +restrictions of other proprietary libraries that do not normally +accompany the operating system. Such a contradiction means you cannot +use both them and the Library together in an executable that you +distribute. + + 7. You may place library facilities that are a work based on the +Library side-by-side in a single library together with other library +facilities not covered by this License, and distribute such a combined +library, provided that the separate distribution of the work based on +the Library and of the other library facilities is otherwise +permitted, and provided that you do these two things: + + a) Accompany the combined library with a copy of the same work + based on the Library, uncombined with any other library + facilities. This must be distributed under the terms of the + Sections above. + + b) Give prominent notice with the combined library of the fact + that part of it is a work based on the Library, and explaining + where to find the accompanying uncombined form of the same work. + + 8. You may not copy, modify, sublicense, link with, or distribute +the Library except as expressly provided under this License. Any +attempt otherwise to copy, modify, sublicense, link with, or +distribute the Library is void, and will automatically terminate your +rights under this License. However, parties who have received copies, +or rights, from you under this License will not have their licenses +terminated so long as such parties remain in full compliance. + + 9. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Library or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Library (or any work based on the +Library), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Library or works based on it. + + 10. Each time you redistribute the Library (or any work based on the +Library), the recipient automatically receives a license from the +original licensor to copy, distribute, link with or modify the Library +subject to these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties with +this License. + + 11. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Library at all. For example, if a patent +license would not permit royalty-free redistribution of the Library by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Library. + +If any portion of this section is held invalid or unenforceable under any +particular circumstance, the balance of the section is intended to apply, +and the section as a whole is intended to apply in other circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 12. If the distribution and/or use of the Library is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Library under this License may add +an explicit geographical distribution limitation excluding those countries, +so that distribution is permitted only in or among countries not thus +excluded. In such case, this License incorporates the limitation as if +written in the body of this License. + + 13. The Free Software Foundation may publish revised and/or new +versions of the Lesser General Public License from time to time. +Such new versions will be similar in spirit to the present version, +but may differ in detail to address new problems or concerns. + +Each version is given a distinguishing version number. If the Library +specifies a version number of this License which applies to it and +"any later version", you have the option of following the terms and +conditions either of that version or of any later version published by +the Free Software Foundation. If the Library does not specify a +license version number, you may choose any version ever published by +the Free Software Foundation. + + 14. If you wish to incorporate parts of the Library into other free +programs whose distribution conditions are incompatible with these, +write to the author to ask for permission. For software which is +copyrighted by the Free Software Foundation, write to the Free +Software Foundation; we sometimes make exceptions for this. Our +decision will be guided by the two goals of preserving the free status +of all derivatives of our free software and of promoting the sharing +and reuse of software generally. + + NO WARRANTY + + 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO +WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. +EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR +OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY +KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE +LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME +THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN +WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY +AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU +FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR +CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE +LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING +RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A +FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF +SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH +DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Libraries + + If you develop a new library, and you want it to be of the greatest +possible use to the public, we recommend making it free software that +everyone can redistribute and change. You can do so by permitting +redistribution under these terms (or, alternatively, under the terms of the +ordinary General Public License). + + To apply these terms, attach the following notices to the library. It is +safest to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least the +"copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + +Also add information on how to contact you by electronic and paper mail. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the library, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the + library `Frob' (a library for tweaking knobs) written by James Random Hacker. + + , 1 April 1990 + Ty Coon, President of Vice + +That's all there is to it! diff --git a/depends/relic/README.md b/depends/relic/README.md new file mode 100644 index 00000000000000..9fa6d01b2756ce --- /dev/null +++ b/depends/relic/README.md @@ -0,0 +1,66 @@ +![](https://github.com/relic-toolkit/relic/blob/master/art/rlc_logo.png) +===== + +[![Project stats](https://www.openhub.net/p/relic-toolkit/widgets/project_thin_badge.gif)](https://www.openhub.net/p/relic-toolkit) +[![Code Quality: Cpp](https://img.shields.io/lgtm/grade/cpp/g/relic-toolkit/relic.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/relic-toolkit/relic/context:cpp) +[![Total Alerts](https://img.shields.io/lgtm/alerts/g/relic-toolkit/relic.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/relic-toolkit/relic/alerts) + +[![Travis Status](https://travis-ci.org/relic-toolkit/relic.svg?branch=main)](https://travis-ci.org/relic-toolkit/relic) +[![GHA Status](https://github.com/relic-toolkit/relic/actions/workflows/easy.yml/badge.svg)](https://github.com/relic-toolkit/relic/actions/workflows/easy.yml) +[![GHA Status](https://github.com/relic-toolkit/relic/actions/workflows/gmp.yml/badge.svg)](https://github.com/relic-toolkit/relic/actions/workflows/gmp.yml) +[![GHA Status](https://github.com/relic-toolkit/relic/actions/workflows/bls12-381.yml/badge.svg)](https://github.com/relic-toolkit/relic/actions/workflows/bls12-381.yml) + + +RELIC is a modern research-oriented cryptographic meta-toolkit with emphasis on efficiency and flexibility. RELIC can be used to build efficient and usable cryptographic toolkits tailored for specific security levels and algorithmic choices. + +### Goals + +RELIC is an ongoing project and features will be added on demand. The focus is to provide: + + * Ease of portability and inclusion of architecture-dependent code + * Simple experimentation with alternative implementations + * Tests and benchmarks for every implemented function + * Flexible configuration + * Maximum efficiency + +### Algorithms + +RELIC implements to date: + + * Multiple-precision integer arithmetic + * Prime and Binary field arithmetic + * Elliptic curves over prime and binary fields (NIST curves and pairing-friendly curves) + * Bilinear maps and related extension fields + * Cryptographic protocols (RSA, Rabin, ECDSA, ECMQV, ECSS (Schnorr), ECIES, Sakai-Ohgishi-Kasahara ID-based authenticated key agreement, Boneh-Lynn-Schacham and Boneh-Boyen short signatures, Paillier and Benaloh homomorphic encryption systems) + +### Citing + +If you use RELIC, please cite using the template below: + + @misc{relic-toolkit, + author = {D. F. Aranha and C. P. L. Gouvêa and T. Markmann and R. S. Wahby and K. Liao}, + title = {{RELIC is an Efficient LIbrary for Cryptography}}, + howpublished = {\url{https://github.com/relic-toolkit/relic}}, + } + +### Build instructions + +Instructions for building the library can be found in the [Wiki](https://github.com/relic-toolkit/relic/wiki/Building). + +### Support + +You can probably get some help over the official mailing list at `relic-discuss@googlegroups.com` + +If you like the library, please consider supporting development through [Paypal](https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=R7D6ZE3BLMTF2&lc=BR&item_name=RELIC%20Development¤cy_code=USD&bn=PP%2dDonationsBF%3abtn_donateCC_LG%2egif%3aNonHosted). + +### Licensing + +This work is dual-licensed under Apache 2.0 and LGPL 2.1-or-above to encourage collaboration with other research groups and contributions from the industry. You can choose between one of them if you use this work. + +`SPDX-License-Identifier: Apache-2.0 OR LGPL-2.1` + +Starting from version 0.3.3, static linking and changes in the configuration or build system are explicitly exempted from representing derived works. Please refer to the LICENSE files for additional details. + +### Disclaimer + +RELIC is at most alpha-quality software. Implementations may not be correct or secure and may include patented algorithms. There are *many* configuration options which make the library horribly insecure. Backward API compatibility with early versions may not necessarily be maintained. Use at your own risk. diff --git a/depends/relic/art/rlc_logo.png b/depends/relic/art/rlc_logo.png new file mode 100755 index 00000000000000..4f481be964f914 Binary files /dev/null and b/depends/relic/art/rlc_logo.png differ diff --git a/depends/relic/art/rlc_logo.svg b/depends/relic/art/rlc_logo.svg new file mode 100644 index 00000000000000..6a3fb890ee90ec --- /dev/null +++ b/depends/relic/art/rlc_logo.svg @@ -0,0 +1,1694 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + toolkit + + + + + + + + + elic + + elic + + elic + + + + R + + R + + R + + + + + elic + elic + + + R + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + toolkit + + + + + + + + + elic + + elic + + elic + + + + R + + R + + R + + + + + elic + elic + + + R + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/depends/relic/bench/CMakeLists.txt b/depends/relic/bench/CMakeLists.txt new file mode 100644 index 00000000000000..d9e6a46e137517 --- /dev/null +++ b/depends/relic/bench/CMakeLists.txt @@ -0,0 +1,80 @@ +macro(ADD_MODULE MODULE) + add_executable(bench_${MODULE} bench_${MODULE}.c) + if (STLIB) + target_link_libraries(bench_${MODULE} ${RELIC_S}) + else(STLIB) + if (SHLIB) + target_link_libraries(bench_${MODULE} ${RELIC}) + endif(SHLIB) + endif(STLIB) +endmacro(ADD_MODULE) + +if (CHECK) + ADD_MODULE(err) +endif(CHECK) + +if (WITH_BN) + ADD_MODULE(bn) +endif(WITH_BN) + +if (WITH_DV) + ADD_MODULE(dv) +endif(WITH_DV) + +if (WITH_FP) + ADD_MODULE(fp) +endif(WITH_FP) + +if (WITH_FPX) + ADD_MODULE(fpx) +endif(WITH_FPX) + +if (WITH_FB) + ADD_MODULE(fb) +endif(WITH_FB) + +if (WITH_FBX) + ADD_MODULE(fbx) +endif(WITH_FBX) + +if (WITH_EP) + ADD_MODULE(ep) +endif(WITH_EP) + +if (WITH_EPX) + ADD_MODULE(epx) +endif(WITH_EPX) + +if (WITH_EB) + ADD_MODULE(eb) +endif(WITH_EB) + +if (WITH_ED) + ADD_MODULE(ed) +endif (WITH_ED) + +if (WITH_EC) + ADD_MODULE(ec) +endif(WITH_EC) + +if (WITH_PP) + ADD_MODULE(pp) +endif(WITH_PP) + +if (WITH_PC) + ADD_MODULE(pc) +endif(WITH_PC) + +if (WITH_MD) + ADD_MODULE(md) +endif(WITH_MD) + +if (WITH_CP) + ADD_MODULE(cp) +endif(WITH_CP) + +if (WITH_MPC) + ADD_MODULE(mpc) +endif(WITH_MPC) + +ADD_MODULE(rand) diff --git a/depends/relic/bench/bench_bn.c b/depends/relic/bench/bench_bn.c new file mode 100644 index 00000000000000..5747351ebd67cc --- /dev/null +++ b/depends/relic/bench/bench_bn.c @@ -0,0 +1,943 @@ +/* + * RELIC is an Efficient LIbrary for Cryptography + * Copyright (c) 2009 RELIC Authors + * + * This file is part of RELIC. RELIC is legal property of its developers, + * whose names are not listed here. Please refer to the COPYRIGHT file + * for contact information. + * + * RELIC is free software; you can redistribute it and/or modify it under the + * terms of the version 2.1 (or later) of the GNU Lesser General Public License + * as published by the Free Software Foundation; or version 2.0 of the Apache + * License as published by the Apache Software Foundation. See the LICENSE files + * for more details. + * + * RELIC is distributed in the hope that it will be useful, but WITHOUT ANY + * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + * A PARTICULAR PURPOSE. See the LICENSE files for more details. + * + * You should have received a copy of the GNU Lesser General Public or the + * Apache License along with RELIC. If not, see + * or . + */ + +/** + * @file + * + * Benchmarks for multiple precision integer arithmetic. + * + * @ingroup bench + */ + +#include "relic.h" +#include "relic_bench.h" + +static void memory(void) { + bn_t a[BENCH]; + + BENCH_FEW("bn_null", bn_null(a[i]), 1); + + BENCH_FEW("bn_new", bn_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + bn_free(a[i]); + } + + BENCH_FEW("bn_new_size", bn_new_size(a[i], 2 * RLC_BN_DIGS), 1); + for (int i = 0; i < BENCH; i++) { + bn_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + bn_new(a[i]); + bn_clean(a[i]); + } + BENCH_FEW("bn_make", bn_make(a[i], RLC_BN_DIGS), 1); + for (int i = 0; i < BENCH; i++) { + bn_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + bn_new(a[i]); + } + BENCH_FEW("bn_clean", bn_clean(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + bn_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + bn_new(a[i]); + } + BENCH_FEW("bn_grow", bn_grow(a[i], 2 * RLC_BN_DIGS), 1); + for (int i = 0; i < BENCH; i++) { + bn_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + bn_new(a[i]); + bn_grow(a[i], 2 * RLC_BN_DIGS); + } + BENCH_FEW("bn_trim", bn_trim(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + bn_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + bn_new(a[i]); + } + BENCH_FEW("bn_free", bn_free(a[i]), 1); + + for (int i = 0; i < BENCH; i++) { + bn_new_size(a[i], 2 * RLC_BN_DIGS); + } + BENCH_FEW("bn_free (size)", bn_free(a[i]), 1); +} + +static void util(void) { + dig_t digit; + char str[RLC_CEIL(RLC_BN_BITS, 8) * 3 + 1]; + uint8_t bin[RLC_CEIL(RLC_BN_BITS, 8)]; + dig_t raw[RLC_BN_DIGS]; + bn_t a, b; + + bn_null(a); + bn_null(b); + + bn_new(a); + bn_new(b); + + bn_rand(b, RLC_POS, RLC_BN_BITS); + + BENCH_RUN("bn_copy") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_copy(b, a)); + } + BENCH_END; + + BENCH_RUN("bn_abs") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_abs(b, a)); + } + BENCH_END; + + BENCH_RUN("bn_neg") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_neg(b, a)); + } + BENCH_END; + + BENCH_RUN("bn_sign") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_sign(a)); + } + BENCH_END; + + BENCH_RUN("bn_zero") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_zero(b)); + } + BENCH_END; + + BENCH_RUN("bn_is_zero") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_is_zero(a)); + } + BENCH_END; + + BENCH_RUN("bn_is_even") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_is_even(a)); + } + BENCH_END; + + BENCH_RUN("bn_bits") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_bits(a)); + } + BENCH_END; + + BENCH_RUN("bn_get_bit") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_get_bit(a, RLC_BN_BITS / 2)); + } + BENCH_END; + + BENCH_RUN("bn_set_bit") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_set_bit(a, RLC_BN_BITS / 2, 1)); + } + BENCH_END; + + BENCH_RUN("bn_ham") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_ham(a)); + } + BENCH_END; + + BENCH_RUN("bn_get_dig") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_get_dig(&digit, a)); + } + BENCH_END; + + BENCH_RUN("bn_set_dig") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_set_dig(a, 1)); + } + BENCH_END; + + BENCH_RUN("bn_set_2b") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_set_2b(a, RLC_BN_BITS / 2)); + } + BENCH_END; + + BENCH_RUN("bn_rand") { + BENCH_ADD(bn_rand(a, RLC_POS, RLC_BN_BITS)); + } + BENCH_END; + + BENCH_RUN("bn_rand_mod") { + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_rand_mod(a, b)); + } + BENCH_END; + + BENCH_RUN("bn_size_str") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_size_str(a, 10)); + } + BENCH_END; + + BENCH_RUN("bn_write_str") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_write_str(str, sizeof(str), a, 10)); + } + BENCH_END; + + BENCH_RUN("bn_read_str") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_read_str(a, str, sizeof(str), 10)); + } + BENCH_END; + + BENCH_RUN("bn_size_bin") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_size_bin(a)); + } + BENCH_END; + + BENCH_RUN("bn_write_bin") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_write_bin(bin, bn_size_bin(a), a)); + } + BENCH_END; + + BENCH_RUN("bn_read_bin") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_read_bin(a, bin, bn_size_bin(a))); + } + BENCH_END; + + BENCH_RUN("bn_size_raw") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_size_raw(a)); + } + BENCH_END; + + BENCH_RUN("bn_write_raw") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_write_raw(raw, bn_size_raw(a), a)); + } + BENCH_END; + + BENCH_RUN("bn_read_raw") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_read_raw(a, raw, bn_size_raw(a))); + } + BENCH_END; + + BENCH_RUN("bn_cmp_abs") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_cmp_abs(b, a)); + } + BENCH_END; + + BENCH_RUN("bn_cmp_dig") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_cmp_dig(a, (dig_t)0)); + } + BENCH_END; + + BENCH_RUN("bn_cmp") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_cmp(b, a)); + } + BENCH_END; + + bn_free(a); + bn_free(b); +} + +static void arith(void) { + bn_t a, b, c, d, e; + dig_t f; + int len; + + bn_null(a); + bn_null(b); + bn_null(c); + bn_null(d); + bn_null(e); + + bn_new(a); + bn_new(b); + bn_new(c); + bn_new(d); + bn_new(e); + + BENCH_RUN("bn_add") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_add(c, a, b)); + } + BENCH_END; + + BENCH_RUN("bn_add_dig") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + bn_get_dig(&f, b); + BENCH_ADD(bn_add_dig(c, a, f)); + } + BENCH_END; + + BENCH_RUN("bn_sub") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_sub(c, a, b)); + } + BENCH_END; + + BENCH_RUN("bn_sub_dig") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + bn_get_dig(&f, b); + BENCH_ADD(bn_sub_dig(c, a, f)); + } + BENCH_END; + + BENCH_RUN("bn_mul") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_mul(c, a, b)); + } + BENCH_END; + + BENCH_RUN("bn_mul_dig") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + bn_get_dig(&f, b); + BENCH_ADD(bn_mul_dig(c, a, f)); + } + BENCH_END; + +#if BN_MUL == BASIC || !defined(STRIP) + BENCH_RUN("bn_mul_basic") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_mul_basic(c, a, b)); + } + BENCH_END; +#endif + +#if BN_MUL == COMBA || !defined(STRIP) + BENCH_RUN("bn_mul_comba") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_mul_comba(c, a, b)); + } + BENCH_END; +#endif + +#if BN_KARAT > 0 || !defined(STRIP) + BENCH_RUN("bn_mul_karat") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_mul_karat(c, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("bn_sqr") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_sqr(c, a)); + } + BENCH_END; + +#if BN_SQR == BASIC || !defined(STRIP) + BENCH_RUN("bn_sqr_basic") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_sqr_basic(c, a)); + } + BENCH_END; +#endif + +#if BN_SQR == COMBA || !defined(STRIP) + BENCH_RUN("bn_sqr_comba") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_sqr_comba(c, a)); + } + BENCH_END; +#endif + +#if BN_KARAT > 0 || !defined(STRIP) + BENCH_RUN("bn_sqr_karat") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_sqr_karat(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("bn_dbl") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_dbl(c, a)); + } + BENCH_END; + + BENCH_RUN("bn_hlv") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_hlv(c, a)); + } + BENCH_END; + + BENCH_RUN("bn_lsh") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_lsh(c, a, RLC_BN_BITS / 2 + RLC_DIG / 2)); + } + BENCH_END; + + BENCH_RUN("bn_rsh") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_rsh(c, a, RLC_BN_BITS / 2 + RLC_DIG / 2)); + } + BENCH_END; + + BENCH_RUN("bn_div") { + bn_rand(a, RLC_POS, 2 * RLC_BN_BITS - RLC_DIG / 2); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_div(c, a, b)); + } + BENCH_END; + + BENCH_RUN("bn_div_rem") { + bn_rand(a, RLC_POS, 2 * RLC_BN_BITS - RLC_DIG / 2); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_div_rem(c, d, a, b)); + } + BENCH_END; + + BENCH_RUN("bn_div_dig") { + bn_rand(a, RLC_POS, 2 * RLC_BN_BITS - RLC_DIG / 2); + do { + bn_rand(b, RLC_POS, RLC_DIG); + } while (bn_is_zero(b)); + BENCH_ADD(bn_div_dig(c, a, b->dp[0])); + } + BENCH_END; + + BENCH_RUN("bn_div_rem_dig") { + bn_rand(a, RLC_POS, 2 * RLC_BN_BITS - RLC_DIG / 2); + do { + bn_rand(b, RLC_POS, RLC_DIG); + } while (bn_is_zero(b)); + BENCH_ADD(bn_div_rem_dig(c, &f, a, b->dp[0])); + } + BENCH_END; + + BENCH_RUN("bn_mod_2b") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_mod_2b(c, a, RLC_BN_BITS / 2)); + } + BENCH_END; + + BENCH_RUN("bn_mod_dig") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + do { + bn_rand(b, RLC_POS, RLC_DIG); + } while (bn_is_zero(b)); + BENCH_ADD(bn_mod_dig(&f, a, b->dp[0])); + } + BENCH_END; + + BENCH_RUN("bn_mod") { +#if BN_MOD == PMERS + bn_rand(a, RLC_POS, 2 * RLC_BN_BITS - RLC_DIG / 2); + bn_set_2b(b, RLC_BN_BITS); + bn_rand(c, RLC_POS, RLC_DIG); + bn_sub(b, b, c); + bn_mod_pre(d, b); +#else + bn_rand(a, RLC_POS, 2 * RLC_BN_BITS - RLC_DIG / 2); + bn_rand(b, RLC_POS, RLC_BN_BITS); + if (bn_is_even(b)) { + bn_add_dig(b, b, 1); + } + bn_mod_pre(d, b); +#endif + BENCH_ADD(bn_mod(c, a, b, d)); + } + BENCH_END; + +#if BN_MOD == BASIC || !defined(STRIP) + BENCH_RUN("bn_mod_basic") { + bn_rand(a, RLC_POS, 2 * RLC_BN_BITS - RLC_DIG / 2); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_mod_basic(c, a, b)); + } + BENCH_END; +#endif + +#if BN_MOD == BARRT || !defined(STRIP) + BENCH_RUN("bn_mod_pre_barrt") { + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_mod_pre_barrt(d, b)); + } + BENCH_END; +#endif + +#if BN_MOD == BARRT || !defined(STRIP) + BENCH_RUN("bn_mod_barrt") { + bn_rand(a, RLC_POS, 2 * RLC_BN_BITS - RLC_DIG / 2); + bn_rand(b, RLC_POS, RLC_BN_BITS); + bn_mod_pre_barrt(d, b); + BENCH_ADD(bn_mod_barrt(c, a, b, d)); + } + BENCH_END; +#endif + +#if BN_MOD == MONTY || !defined(STRIP) + BENCH_RUN("bn_mod_pre_monty") { + bn_rand(b, RLC_POS, RLC_BN_BITS); + if (bn_is_even(b)) { + bn_add_dig(b, b, 1); + } + BENCH_ADD(bn_mod_pre_monty(d, b)); + } + BENCH_END; + + BENCH_RUN("bn_mod_monty_conv") { + bn_rand(a, RLC_POS, 2 * RLC_BN_BITS - RLC_DIG / 2); + bn_rand(b, RLC_POS, RLC_BN_BITS); + if (bn_is_even(b)) { + bn_add_dig(b, b, 1); + } + bn_mod(a, a, b); + BENCH_ADD(bn_mod_monty_conv(a, a, b)); + } + BENCH_END; + + BENCH_RUN("bn_mod_monty") { + bn_rand(a, RLC_POS, 2 * RLC_BN_BITS - RLC_DIG / 2); + bn_rand(b, RLC_POS, RLC_BN_BITS); + if (bn_is_even(b)) { + bn_add_dig(b, b, 1); + } + bn_mod(a, a, b); + bn_mod_pre_monty(d, b); + BENCH_ADD(bn_mod_monty(c, a, b, d)); + } + BENCH_END; + +#if BN_MUL == BASIC || !defined(STRIP) + BENCH_RUN("bn_mod_monty_basic") { + bn_rand(a, RLC_POS, 2 * RLC_BN_BITS - RLC_DIG / 2); + bn_rand(b, RLC_POS, RLC_BN_BITS); + if (bn_is_even(b)) { + bn_add_dig(b, b, 1); + } + bn_mod(a, a, b); + bn_mod_pre_monty(d, b); + BENCH_ADD(bn_mod_monty_basic(c, a, b, d)); + } + BENCH_END; +#endif + +#if BN_MUL == COMBA || !defined(STRIP) + BENCH_RUN("bn_mod_monty_comba") { + bn_rand(a, RLC_POS, 2 * RLC_BN_BITS - RLC_DIG / 2); + bn_rand(b, RLC_POS, RLC_BN_BITS); + if (bn_is_even(b)) { + bn_add_dig(b, b, 1); + } + bn_mod(a, a, b); + bn_mod_pre_monty(d, b); + BENCH_ADD(bn_mod_monty_comba(c, a, b, d)); + } + BENCH_END; +#endif + + BENCH_RUN("bn_mod_monty_back") { + bn_rand(a, RLC_POS, 2 * RLC_BN_BITS - RLC_DIG / 2); + bn_rand(b, RLC_POS, RLC_BN_BITS); + if (bn_is_even(b)) { + bn_add_dig(b, b, 1); + } + bn_mod(a, a, b); + bn_mod_pre_monty(d, b); + BENCH_ADD(bn_mod_monty_back(c, c, b)); + } + BENCH_END; +#endif + +#if BN_MOD == PMERS || !defined(STRIP) + BENCH_RUN("bn_mod_pre_pmers") { + bn_rand(a, RLC_POS, 2 * RLC_BN_BITS - RLC_DIG / 2); + bn_set_2b(b, RLC_BN_BITS); + bn_rand(c, RLC_POS, RLC_DIG); + bn_sub(b, b, c); + BENCH_ADD(bn_mod_pre_pmers(d, b)); + } + BENCH_END; + + BENCH_RUN("bn_mod_pmers") { + bn_rand(a, RLC_POS, 2 * RLC_BN_BITS - RLC_DIG / 2); + bn_set_2b(b, RLC_BN_BITS); + bn_rand(c, RLC_POS, RLC_DIG); + bn_sub(b, b, c); + bn_mod_pre_pmers(d, b); + BENCH_ADD(bn_mod_pmers(c, a, b, d)); + } + BENCH_END; +#endif + + BENCH_RUN("bn_mxp") { + bn_rand(a, RLC_POS, 2 * RLC_BN_BITS - RLC_DIG / 2); + bn_rand(b, RLC_POS, RLC_BN_BITS); +#if BN_MOD != PMERS + if (bn_is_even(b)) { + bn_add_dig(b, b, 1); + } +#else + bn_set_2b(b, RLC_BN_BITS); + bn_rand(c, RLC_POS, RLC_DIG); + bn_sub(b, b, c); +#endif + bn_mod(a, a, b); + BENCH_ADD(bn_mxp(c, a, b, b)); + } + BENCH_END; + +#if BN_MXP == BASIC || !defined(STRIP) + BENCH_RUN("bn_mxp_basic") { + bn_mod(a, a, b); + BENCH_ADD(bn_mxp_basic(c, a, b, b)); + } + BENCH_END; +#endif + +#if BN_MXP == SLIDE || !defined(STRIP) + BENCH_RUN("bn_mxp_slide") { + bn_rand(a, RLC_POS, 2 * RLC_BN_BITS - RLC_DIG / 2); + bn_mod(a, a, b); + BENCH_ADD(bn_mxp_slide(c, a, b, b)); + } + BENCH_END; +#endif + +#if BN_MXP == CONST || !defined(STRIP) + BENCH_RUN("bn_mxp_monty") { + bn_rand(a, RLC_POS, 2 * RLC_BN_BITS - RLC_DIG / 2); + bn_mod(a, a, b); + BENCH_ADD(bn_mxp_monty(c, a, b, b)); + } + BENCH_END; +#endif + + BENCH_RUN("bn_mxp_dig") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(d, RLC_POS, RLC_DIG); + bn_get_dig(&f, d); + BENCH_ADD(bn_mxp_dig(c, a, f, b)); + } + BENCH_END; + + BENCH_RUN("bn_srt") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_srt(b, a)); + } + BENCH_END; + + BENCH_RUN("bn_gcd") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_gcd(c, a, b)); + } + BENCH_END; + +#if BN_GCD == BASIC || !defined(STRIP) + BENCH_RUN("bn_gcd_basic") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_gcd_basic(c, a, b)); + } + BENCH_END; +#endif + +#if BN_GCD == LEHME || !defined(STRIP) + BENCH_RUN("bn_gcd_lehme") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_gcd_lehme(c, a, b)); + } + BENCH_END; +#endif + +#if BN_GCD == STEIN || !defined(STRIP) + BENCH_RUN("bn_gcd_stein") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_gcd_stein(c, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("bn_gcd_dig") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_DIG); + bn_get_dig(&f, b); + BENCH_ADD(bn_gcd_dig(c, a, f)); + } + BENCH_END; + + BENCH_RUN("bn_gcd_ext") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_gcd_ext(c, d, e, a, b)); + } + BENCH_END; + +#if BN_GCD == BASIC || !defined(STRIP) + BENCH_RUN("bn_gcd_ext_basic") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_gcd_ext_basic(c, d, e, a, b)); + } + BENCH_END; +#endif + +#if BN_GCD == LEHME || !defined(STRIP) + BENCH_RUN("bn_gcd_ext_lehme") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_gcd_ext_lehme(c, d, e, a, b)); + } + BENCH_END; +#endif + +#if BN_GCD == STEIN || !defined(STRIP) + BENCH_RUN("bn_gcd_ext_stein") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_gcd_ext_stein(c, d, e, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("bn_gcd_ext_mid") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_gcd_ext_mid(c, c, d, d, a, b)); + } + BENCH_END; + + BENCH_RUN("bn_gcd_ext_dig") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_DIG); + BENCH_ADD(bn_gcd_ext_dig(c, d, e, a, b->dp[0])); + } + BENCH_END; + + BENCH_RUN("bn_lcm") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_lcm(c, a, b)); + } + BENCH_END; + + bn_gen_prime(b, RLC_BN_BITS); + + BENCH_RUN("bn_smb_leg") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_smb_leg(c, a, b)); + } + BENCH_END; + + BENCH_RUN("bn_smb_jac") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + if (bn_is_even(b)) { + bn_add_dig(b, b, 1); + } + BENCH_ADD(bn_smb_jac(c, a, b)); + } + BENCH_END; + + BENCH_ONE("bn_gen_prime", bn_gen_prime(a, RLC_BN_BITS), 1); + +#if BN_GEN == BASIC || !defined(STRIP) + BENCH_ONE("bn_gen_prime_basic", bn_gen_prime_basic(a, RLC_BN_BITS), 1); +#endif + +#if BN_GEN == SAFEP || !defined(STRIP) + BENCH_ONE("bn_gen_prime_safep", bn_gen_prime_safep(a, RLC_BN_BITS), 1); +#endif + +#if BN_GEN == STRON || !defined(STRIP) + BENCH_ONE("bn_gen_prime_stron", bn_gen_prime_stron(a, RLC_BN_BITS), 1); +#endif + + BENCH_ONE("bn_is_prime", bn_is_prime(a), 1); + + BENCH_ONE("bn_is_prime_basic", bn_is_prime_basic(a), 1); + + BENCH_ONE("bn_is_prime_rabin", bn_is_prime_rabin(a), 1); + + BENCH_ONE("bn_is_prime_solov", bn_is_prime_solov(a), 1); + + /* It should be the case that a is prime here. */ + BENCH_RUN("bn_mod_inv") { + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_mod_inv(c, b, a)); + } + BENCH_END; + + bn_rand(a, RLC_POS, RLC_BN_BITS); + + BENCH_ONE("bn_factor", bn_factor(c, a), 1); + + BENCH_RUN("bn_is_factor") { + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD(bn_is_factor(b, a)); + } + BENCH_END; + + BENCH_RUN("bn_rec_win") { + uint8_t win[RLC_BN_BITS + 1]; + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD((len = RLC_BN_BITS + 1, bn_rec_win(win, &len, a, 4))); + } + BENCH_END; + + BENCH_RUN("bn_rec_slw") { + uint8_t win[RLC_BN_BITS + 1]; + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD((len = RLC_BN_BITS + 1, bn_rec_slw(win, &len, a, 4))); + } + BENCH_END; + + BENCH_RUN("bn_rec_naf") { + int8_t naf[RLC_BN_BITS + 1]; + int len; + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD((len = RLC_BN_BITS + 1, bn_rec_naf(naf, &len, a, 4))); + } + BENCH_END; + +#if defined(WITH_EB) && defined(EB_KBLTZ) && (EB_MUL == LWNAF || EB_MUL == RWNAF || EB_FIX == LWNAF || EB_SIM == INTER || !defined(STRIP)) + if (eb_param_set_any_kbltz() == RLC_OK) { + BENCH_RUN("bn_rec_tnaf") { + int8_t tnaf[RLC_FB_BITS + 8]; + int len = RLC_BN_BITS + 1; + eb_curve_get_ord(e); + bn_rand_mod(a, e); + if (eb_curve_opt_a() == RLC_ZERO) { + BENCH_ADD((len = RLC_FB_BITS + 8, bn_rec_tnaf(tnaf, &len, a, -1, RLC_FB_BITS, 4))); + } else { + BENCH_ADD((len = RLC_FB_BITS + 8, bn_rec_tnaf(tnaf, &len, a, 1, RLC_FB_BITS, 4))); + } + } + BENCH_END; + + BENCH_RUN("bn_rec_rtnaf") { + int8_t tnaf[RLC_FB_BITS + 8]; + eb_curve_get_ord(e); + bn_rand_mod(a, e); + if (eb_curve_opt_a() == RLC_ZERO) { + BENCH_ADD((len = RLC_FB_BITS + 8, bn_rec_rtnaf(tnaf, &len, a, -1, RLC_FB_BITS, 4))); + } else { + BENCH_ADD((len = RLC_FB_BITS + 8, bn_rec_rtnaf(tnaf, &len, a, 1, RLC_FB_BITS, 4))); + } + } + BENCH_END; + } +#endif + + BENCH_RUN("bn_rec_reg") { + int8_t naf[RLC_BN_BITS + 1]; + int len = RLC_BN_BITS + 1; + bn_rand(a, RLC_POS, RLC_BN_BITS); + BENCH_ADD((len = RLC_BN_BITS + 1, bn_rec_reg(naf, &len, a, RLC_BN_BITS, 4))); + } + BENCH_END; + + BENCH_RUN("bn_rec_jsf") { + int8_t jsf[2 * (RLC_BN_BITS + 1)]; + bn_rand(a, RLC_POS, RLC_BN_BITS); + bn_rand(b, RLC_POS, RLC_BN_BITS); + BENCH_ADD((len = 2 * (RLC_BN_BITS + 1), bn_rec_jsf(jsf, &len, a, b))); + } + BENCH_END; + +#if defined(WITH_EP) && defined(EP_ENDOM) && (EP_MUL == LWNAF || EP_FIX == COMBS || EP_FIX == LWNAF || EP_SIM == INTER || !defined(STRIP)) + if (ep_param_set_any_endom() == RLC_OK) { + bn_t v1[3], v2[3]; + + for (int j = 0; j < 3; j++) { + bn_new(v1[j]); + bn_new(v2[j]); + } + + BENCH_RUN("bn_rec_glv") { + bn_rand(a, RLC_POS, RLC_FP_BITS); + ep_curve_get_v1(v1); + ep_curve_get_v2(v2); + ep_curve_get_ord(e); + bn_rand_mod(a, e); + BENCH_ADD(bn_rec_glv(b, c, a, e, (const bn_t *)v1, + (const bn_t *)v2)); + } + BENCH_END; + + for (int j = 0; j < 3; j++) { + bn_free(v1[j]); + bn_free(v2[j]); + } + } +#endif /* WITH_EP && EP_KBLTZ */ + + bn_free(a); + bn_free(b); + bn_free(c); + bn_free(d); + bn_free(e); +} + +int main(void) { + if (core_init() != RLC_OK) { + core_clean(); + return 1; + } + + conf_print(); + util_banner("Benchmarks for the BN module:", 0); + util_banner("Utilities:", 1); + memory(); + util(); + util_banner("Arithmetic:", 1); + arith(); + + core_clean(); + return 0; +} diff --git a/depends/relic/bench/bench_cp.c b/depends/relic/bench/bench_cp.c new file mode 100644 index 00000000000000..621df803f316d1 --- /dev/null +++ b/depends/relic/bench/bench_cp.c @@ -0,0 +1,1809 @@ +/* + * RELIC is an Efficient LIbrary for Cryptography + * Copyright (c) 2009 RELIC Authors + * + * This file is part of RELIC. RELIC is legal property of its developers, + * whose names are not listed here. Please refer to the COPYRIGHT file + * for contact information. + * + * RELIC is free software; you can redistribute it and/or modify it under the + * terms of the version 2.1 (or later) of the GNU Lesser General Public License + * as published by the Free Software Foundation; or version 2.0 of the Apache + * License as published by the Apache Software Foundation. See the LICENSE files + * for more details. + * + * RELIC is distributed in the hope that it will be useful, but WITHOUT ANY + * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + * A PARTICULAR PURPOSE. See the LICENSE files for more details. + * + * You should have received a copy of the GNU Lesser General Public or the + * Apache License along with RELIC. If not, see + * or . + */ + +/** + * @file + * + * Benchmarks for cryptographic protocols. + * + * @version $Id$ + * @ingroup bench + */ + +#include + +#include "relic.h" +#include "relic_bench.h" + +#if defined(WITH_BN) + +static void rsa(void) { + rsa_t pub, prv; + uint8_t in[10], new[10], h[RLC_MD_LEN], out[RLC_BN_BITS / 8 + 1]; + int out_len, new_len; + + rsa_null(pub); + rsa_null(prv); + + rsa_new(pub); + rsa_new(prv); + + BENCH_ONE("cp_rsa_gen", cp_rsa_gen(pub, prv, RLC_BN_BITS), 1); + + BENCH_RUN("cp_rsa_enc") { + out_len = RLC_BN_BITS / 8 + 1; + new_len = out_len; + rand_bytes(in, sizeof(in)); + BENCH_ADD(cp_rsa_enc(out, &out_len, in, sizeof(in), pub)); + cp_rsa_dec(new, &new_len, out, out_len, prv); + } BENCH_END; + + BENCH_RUN("cp_rsa_dec") { + out_len = RLC_BN_BITS / 8 + 1; + new_len = out_len; + rand_bytes(in, sizeof(in)); + cp_rsa_enc(out, &out_len, in, sizeof(in), pub); + BENCH_ADD(cp_rsa_dec(new, &new_len, out, out_len, prv)); + } BENCH_END; + + BENCH_RUN("cp_rsa_sig (h = 0)") { + out_len = RLC_BN_BITS / 8 + 1; + new_len = out_len; + rand_bytes(in, sizeof(in)); + BENCH_ADD(cp_rsa_sig(out, &out_len, in, sizeof(in), 0, prv)); + } BENCH_END; + + BENCH_RUN("cp_rsa_sig (h = 1)") { + out_len = RLC_BN_BITS / 8 + 1; + new_len = out_len; + rand_bytes(in, sizeof(in)); + md_map(h, in, sizeof(in)); + BENCH_ADD(cp_rsa_sig(out, &out_len, h, RLC_MD_LEN, 1, prv)); + } BENCH_END; + + BENCH_RUN("cp_rsa_ver (h = 0)") { + out_len = RLC_BN_BITS / 8 + 1; + new_len = out_len; + rand_bytes(in, sizeof(in)); + cp_rsa_sig(out, &out_len, in, sizeof(in), 0, prv); + BENCH_ADD(cp_rsa_ver(out, out_len, in, sizeof(in), 0, pub)); + } BENCH_END; + + BENCH_RUN("cp_rsa_ver (h = 1)") { + out_len = RLC_BN_BITS / 8 + 1; + new_len = out_len; + rand_bytes(in, sizeof(in)); + md_map(h, in, sizeof(in)); + cp_rsa_sig(out, &out_len, h, RLC_MD_LEN, 1, prv); + BENCH_ADD(cp_rsa_ver(out, out_len, h, RLC_MD_LEN, 1, pub)); + } BENCH_END; + + rsa_free(pub); + rsa_free(prv); +} + +static void rabin(void) { + rabin_t pub, prv; + uint8_t in[1000], new[1000], out[RLC_BN_BITS / 8 + 1]; + int in_len, out_len, new_len; + + rabin_null(pub); + rabin_null(prv); + + rabin_new(pub); + rabin_new(prv); + + BENCH_ONE("cp_rabin_gen", cp_rabin_gen(pub, prv, RLC_BN_BITS), 1); + + BENCH_RUN("cp_rabin_enc") { + in_len = bn_size_bin(pub->n) - 9; + out_len = RLC_BN_BITS / 8 + 1; + rand_bytes(in, in_len); + BENCH_ADD(cp_rabin_enc(out, &out_len, in, in_len, pub)); + cp_rabin_dec(new, &new_len, out, out_len, prv); + } BENCH_END; + + BENCH_RUN("cp_rabin_dec") { + in_len = bn_size_bin(pub->n) - 9; + new_len = in_len; + out_len = RLC_BN_BITS / 8 + 1; + rand_bytes(in, in_len); + cp_rabin_enc(out, &out_len, in, in_len, pub); + BENCH_ADD(cp_rabin_dec(new, &new_len, out, out_len, prv)); + } BENCH_END; + + rabin_free(pub); + rabin_free(prv); +} + +static void benaloh(void) { + bdpe_t pub, prv; + dig_t in, new; + uint8_t out[RLC_BN_BITS / 8 + 1]; + int out_len; + + bdpe_null(pub); + bdpe_null(prv); + + bdpe_new(pub); + bdpe_new(prv); + + BENCH_ONE("cp_bdpe_gen", cp_bdpe_gen(pub, prv, bn_get_prime(47), + RLC_BN_BITS), 1); + + BENCH_RUN("cp_bdpe_enc") { + out_len = RLC_BN_BITS / 8 + 1; + rand_bytes(out, 1); + in = out[0] % bn_get_prime(47); + BENCH_ADD(cp_bdpe_enc(out, &out_len, in, pub)); + cp_bdpe_dec(&new, out, out_len, prv); + } BENCH_END; + + BENCH_RUN("cp_bdpe_dec") { + out_len = RLC_BN_BITS / 8 + 1; + rand_bytes(out, 1); + in = out[0] % bn_get_prime(47); + cp_bdpe_enc(out, &out_len, in, pub); + BENCH_ADD(cp_bdpe_dec(&new, out, out_len, prv)); + } BENCH_END; + + bdpe_free(pub); + bdpe_free(prv); +} + +static void paillier(void) { + bn_t c, m, pub; + phpe_t prv; + + bn_null(c); + bn_null(m); + bn_null(pub); + phpe_null(prv); + + bn_new(c); + bn_new(m); + bn_new(pub); + phpe_new(prv); + + BENCH_ONE("cp_phpe_gen", cp_phpe_gen(pub, prv, RLC_BN_BITS / 2), 1); + + BENCH_RUN("cp_phpe_enc") { + bn_rand_mod(m, pub); + BENCH_ADD(cp_phpe_enc(c, m, pub)); + } BENCH_END; + + BENCH_RUN("cp_phpe_dec") { + bn_rand_mod(m, pub); + cp_phpe_enc(c, m, pub); + BENCH_ADD(cp_phpe_dec(m, c, prv)); + } BENCH_END; + + BENCH_ONE("cp_ghpe_gen", cp_ghpe_gen(pub, prv->n, RLC_BN_BITS / 2), 1); + + BENCH_RUN("cp_ghpe_enc (1)") { + bn_rand_mod(m, pub); + BENCH_ADD(cp_ghpe_enc(c, m, pub, 1)); + } BENCH_END; + + BENCH_RUN("cp_ghpe_dec (1)") { + bn_rand_mod(m, pub); + cp_ghpe_enc(m, c, pub, 1); + BENCH_ADD(cp_ghpe_dec(c, m, pub, prv->n, 1)); + } BENCH_END; + + BENCH_ONE("cp_ghpe_gen", cp_ghpe_gen(pub, prv->n, RLC_BN_BITS / 4), 1); + + BENCH_RUN("cp_ghpe_enc (2)") { + bn_rand(m, RLC_POS, 2 * bn_bits(pub) - 1); + BENCH_ADD(cp_ghpe_enc(m, c, pub, 2)); + } BENCH_END; + + BENCH_RUN("cp_ghpe_dec (2)") { + bn_rand(m, RLC_POS, 2 * bn_bits(pub) - 1); + cp_ghpe_enc(m, c, pub, 2); + BENCH_ADD(cp_ghpe_dec(c, m, pub, prv->n, 2)); + } BENCH_END; + + bn_free(c); + bn_free(m); + bn_free(pub); + phpe_free(prv); +} + +#endif + +#if defined(WITH_EC) + +static void ecdh(void) { + bn_t d; + ec_t p; + uint8_t key[RLC_MD_LEN]; + + bn_null(d); + ec_null(p); + + bn_new(d); + ec_new(p); + + BENCH_RUN("cp_ecdh_gen") { + BENCH_ADD(cp_ecdh_gen(d, p)); + } + BENCH_END; + + BENCH_RUN("cp_ecdh_key") { + BENCH_ADD(cp_ecdh_key(key, RLC_MD_LEN, d, p)); + } + BENCH_END; + + bn_free(d); + ec_free(p); +} + +static void ecmqv(void) { + bn_t d1, d2; + ec_t p1, p2; + uint8_t key[RLC_MD_LEN]; + + bn_null(d1); + bn_null(d2); + ec_null(p1); + ec_null(p2); + + bn_new(d1); + bn_new(d2); + ec_new(p1); + ec_new(p2); + + BENCH_RUN("cp_ecmqv_gen") { + BENCH_ADD(cp_ecmqv_gen(d1, p1)); + } + BENCH_END; + + cp_ecmqv_gen(d2, p2); + + BENCH_RUN("cp_ecmqv_key") { + BENCH_ADD(cp_ecmqv_key(key, RLC_MD_LEN, d1, d2, p1, p1, p2)); + } + BENCH_END; + + bn_free(d1); + bn_free(d2); + ec_free(p1); + ec_free(p2); +} + +static void ecies(void) { + ec_t q, r; + bn_t d; + uint8_t in[10], out[16 + RLC_MD_LEN]; + int in_len, out_len; + + bn_null(d); + ec_null(q); + ec_null(r); + + ec_new(q); + ec_new(r); + bn_new(d); + + BENCH_RUN("cp_ecies_gen") { + BENCH_ADD(cp_ecies_gen(d, q)); + } + BENCH_END; + + BENCH_RUN("cp_ecies_enc") { + in_len = sizeof(in); + out_len = sizeof(out); + rand_bytes(in, sizeof(in)); + BENCH_ADD(cp_ecies_enc(r, out, &out_len, in, in_len, q)); + cp_ecies_dec(out, &out_len, r, out, out_len, d); + } + BENCH_END; + + BENCH_RUN("cp_ecies_dec") { + in_len = sizeof(in); + out_len = sizeof(out); + rand_bytes(in, sizeof(in)); + cp_ecies_enc(r, out, &out_len, in, in_len, q); + BENCH_ADD(cp_ecies_dec(in, &in_len, r, out, out_len, d)); + } + BENCH_END; + + ec_free(q); + ec_free(r); + bn_free(d); +} + +static void ecdsa(void) { + uint8_t msg[5] = { 0, 1, 2, 3, 4 }, h[RLC_MD_LEN]; + bn_t r, s, d; + ec_t p; + + bn_null(r); + bn_null(s); + bn_null(d); + ec_null(p); + + bn_new(r); + bn_new(s); + bn_new(d); + ec_new(p); + + BENCH_RUN("cp_ecdsa_gen") { + BENCH_ADD(cp_ecdsa_gen(d, p)); + } + BENCH_END; + + BENCH_RUN("cp_ecdsa_sign (h = 0)") { + BENCH_ADD(cp_ecdsa_sig(r, s, msg, 5, 0, d)); + } + BENCH_END; + + BENCH_RUN("cp_ecdsa_sign (h = 1)") { + md_map(h, msg, 5); + BENCH_ADD(cp_ecdsa_sig(r, s, h, RLC_MD_LEN, 1, d)); + } + BENCH_END; + + BENCH_RUN("cp_ecdsa_ver (h = 0)") { + BENCH_ADD(cp_ecdsa_ver(r, s, msg, 5, 0, p)); + } + BENCH_END; + + BENCH_RUN("cp_ecdsa_ver (h = 1)") { + md_map(h, msg, 5); + BENCH_ADD(cp_ecdsa_ver(r, s, h, RLC_MD_LEN, 1, p)); + } + BENCH_END; + + bn_free(r); + bn_free(s); + bn_free(d); + ec_free(p); +} + +static void ecss(void) { + uint8_t msg[5] = { 0, 1, 2, 3, 4 }; + bn_t r, s, d; + ec_t p; + + bn_null(r); + bn_null(s); + bn_null(d); + ec_null(p); + + bn_new(r); + bn_new(s); + bn_new(d); + ec_new(p); + + BENCH_RUN("cp_ecss_gen") { + BENCH_ADD(cp_ecss_gen(d, p)); + } + BENCH_END; + + BENCH_RUN("cp_ecss_sign") { + BENCH_ADD(cp_ecss_sig(r, s, msg, 5, d)); + } + BENCH_END; + + BENCH_RUN("cp_ecss_ver") { + BENCH_ADD(cp_ecss_ver(r, s, msg, 5, p)); + } + BENCH_END; + + bn_free(r); + bn_free(s); + bn_free(d); + ec_free(p); +} + +static void vbnn(void) { + uint8_t ida[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 }; + uint8_t idb[] = { 5, 6, 7, 8, 9, 0, 1, 2, 3, 4 }; + bn_t msk, ska, skb; + ec_t mpk, pka, pkb; + + uint8_t m[] = "Thrice the brinded cat hath mew'd."; + + ec_t r; + bn_t z; + bn_t h; + + bn_null(z); + bn_null(h); + bn_null(msk); + bn_null(ska); + bn_null(skb); + ec_null(r); + ec_null(mpk); + bn_null(pka); + bn_null(pkb); + + bn_new(z); + bn_new(h); + bn_new(msk); + bn_new(ska); + bn_new(skb); + ec_new(r); + ec_new(mpk); + ec_new(pka); + ec_new(pkb); + + BENCH_RUN("cp_vbnn_gen") { + BENCH_ADD(cp_vbnn_gen(msk, mpk)); + } + BENCH_END; + + BENCH_RUN("cp_vbnn_gen_prv") { + BENCH_ADD(cp_vbnn_gen_prv(ska, pka, msk, ida, sizeof(ida))); + } + BENCH_END; + + cp_vbnn_gen_prv(skb, pkb, msk, idb, sizeof(idb)); + + BENCH_RUN("cp_vbnn_sig") { + BENCH_ADD(cp_vbnn_sig(r, z, h, ida, sizeof(ida), m, sizeof(m), ska, pka)); + } + BENCH_END; + + BENCH_RUN("cp_vbnn_ver") { + BENCH_ADD(cp_vbnn_ver(r, z, h, ida, sizeof(ida), m, sizeof(m), mpk)); + } + BENCH_END; + + bn_free(z); + bn_free(h); + bn_free(msk); + bn_free(ska); + bn_free(skb); + ec_free(r); + ec_free(mpk); + ec_free(pka); + ec_free(pkb); +} + +#define MAX_KEYS RLC_MAX(BENCH, 16) +#define MIN_KEYS RLC_MIN(BENCH, 16) + +static void ers(void) { + int size; + ec_t pp, pk[MAX_KEYS + 1]; + bn_t sk[MAX_KEYS + 1], td; + ers_t ring[MAX_KEYS + 1]; + uint8_t m[5] = { 0, 1, 2, 3, 4 }; + + bn_null(td); + ec_null(pp); + + bn_new(td); + ec_new(pp); + for (int i = 0; i <= MAX_KEYS; i++) { + bn_null(sk[i]); + bn_new(sk[i]); + ec_null(pk[i]); + ec_new(pk[i]); + ers_null(ring[i]); + ers_new(ring[i]); + cp_ers_gen_key(sk[i], pk[i]); + } + + cp_ers_gen(pp); + + BENCH_RUN("cp_ers_sig") { + BENCH_ADD(cp_ers_sig(td, ring[0], m, 5, sk[0], pk[0], pp)); + } BENCH_END; + + BENCH_RUN("cp_ers_ver") { + BENCH_ADD(cp_ers_ver(td, ring, 1, m, 5, pp)); + } BENCH_END; + + size = 1; + BENCH_FEW("cp_ers_ext", cp_ers_ext(td, ring, &size, m, 5, pk[size], pp), 1); + + size = 1; + cp_ers_sig(td, ring[0], m, 5, sk[0], pk[0], pp); + for (int j = 1; j < MAX_KEYS && size < BENCH; j = j << 1) { + for (int k = 0; k < j && size < BENCH; k++) { + cp_ers_ext(td, ring, &size, m, 5, pk[size], pp); + } + cp_ers_ver(td, ring, size, m, 5, pp); + util_print("(%2d exts) ", j); + BENCH_FEW("cp_ers_ver", cp_ers_ver(td, ring, size, m, 5, pp), 1); + } + + bn_free(td); + ec_free(pp); + for (int i = 0; i <= MAX_KEYS; i++) { + bn_free(sk[i]); + ec_free(pk[i]); + ers_free(ring[i]) + } +} + +static void etrs(void) { + int size; + ec_t pp, pk[MAX_KEYS + 1]; + bn_t sk[MAX_KEYS + 1], td[MAX_KEYS + 1], y[MAX_KEYS + 1]; + etrs_t ring[MAX_KEYS + 1]; + uint8_t m[5] = { 0, 1, 2, 3, 4 }; + + ec_null(pp); + ec_new(pp); + for (int i = 0; i <= MAX_KEYS; i++) { + bn_null(td[i]); + bn_new(td[i]); + bn_null(y[i]); + bn_new(y[i]); + bn_null(sk[i]); + bn_new(sk[i]); + ec_null(pk[i]); + ec_new(pk[i]); + etrs_null(ring[i]); + etrs_new(ring[i]); + ec_curve_get_ord(sk[i]); + bn_rand_mod(td[i], sk[i]); + bn_rand_mod(y[i], sk[i]); + cp_etrs_gen_key(sk[i], pk[i]); + } + + cp_etrs_gen(pp); + + BENCH_FEW("cp_etrs_sig", cp_etrs_sig(td, y, MIN_KEYS, ring[0], m, 5, sk[0], pk[0], pp), 1); + + BENCH_FEW("cp_etrs_ver", cp_etrs_ver(1, td, y, MIN_KEYS, ring, 1, m, 5, pp), 1); + + size = 1; + BENCH_FEW("cp_etrs_ext", (size = 1, cp_etrs_ext(td, y, MIN_KEYS, ring, &size, m, 5, pk[size], pp)), 1); + + size = 1; + cp_etrs_sig(td, y, MIN_KEYS, ring[0], m, 5, sk[0], pk[0], pp); + BENCH_FEW("cp_etrs_uni", cp_etrs_uni(1, td, y, MIN_KEYS, ring, &size, m, 5, sk[size], pk[size], pp), 1); + + size = 1; + cp_etrs_sig(td, y, MIN_KEYS, ring[0], m, 5, sk[0], pk[0], pp); + for (int j = 1; j < MIN_KEYS && size < MIN_KEYS; j = j << 1) { + for (int k = 0; k < j && size < MIN_KEYS; k++) { + cp_etrs_ext(td, y, MIN_KEYS, ring, &size, m, 5, pk[size], pp); + } + cp_etrs_ver(1, td+size-1, y+size-1, MIN_KEYS-size+1, ring, size, m, 5, pp); + util_print("(%2d exts) ", j); + BENCH_FEW("cp_etrs_ver", cp_etrs_ver(1, td+size-1, y+size-1, MIN_KEYS-size+1, ring, size, m, 5, pp), 1); + } + + ec_free(pp); + for (int i = 0; i <= MAX_KEYS; i++) { + bn_free(td[i]); + bn_free(y[i]); + bn_free(sk[i]); + ec_free(pk[i]); + etrs_free(ring[i]) + } +} + +#endif /* WITH_EC */ + +#if defined(WITH_PC) + +static void pdpub(void) { + bn_t r1, r2; + g1_t p, u1, v1; + g2_t q, u2, v2, w2; + gt_t e, r, g[3]; + + bn_null(r1); + bn_null(r2); + g1_null(p); + g1_null(u1); + g1_null(v1); + g2_null(q); + g2_null(u2); + g2_null(v2); + g2_null(w2); + gt_null(e); + gt_null(r); + gt_null(g[0]); + gt_null(g[1]); + gt_null(g[2]); + + bn_new(r1); + bn_new(r2); + g1_new(p); + g1_new(u1); + g1_new(v1); + g2_new(q); + g2_new(u2); + g2_new(v2); + g2_new(w2); + gt_new(e); + gt_new(r); + gt_new(g[0]); + gt_new(g[1]); + gt_new(g[2]); + + BENCH_RUN("cp_pdpub_gen") { + BENCH_ADD(cp_pdpub_gen(r1, r2, u1, u2, v2, e)); + } BENCH_END; + + BENCH_RUN("cp_pdpub_ask") { + g1_rand(p); + g2_rand(q); + BENCH_ADD(cp_pdpub_ask(v1, w2, p, q, r1, r2, u1, u2, v2)); + } BENCH_END; + + BENCH_RUN("cp_pdpub_ans") { + g1_rand(p); + g2_rand(q); + BENCH_ADD(cp_pdpub_ans(g, p, q, v1, v2, w2)); + } BENCH_END; + + BENCH_RUN("cp_pdpub_ver") { + g1_rand(p); + g2_rand(q); + pc_map(e, p, q); + BENCH_ADD(cp_pdpub_ver(r, g, r1, e)); + } BENCH_END; + + BENCH_RUN("cp_lvpub_gen") { + BENCH_ADD(cp_lvpub_gen(r2, u1, u2, v2, e)); + } BENCH_END; + + BENCH_RUN("cp_lvpub_ask") { + g1_rand(p); + g2_rand(q); + BENCH_ADD(cp_lvpub_ask(r1, v1, w2, p, q, r2, u1, u2, v2)); + } BENCH_END; + + BENCH_RUN("cp_lvpub_ans") { + g1_rand(p); + g2_rand(q); + BENCH_ADD(cp_lvpub_ans(g, p, q, v1, v2, w2)); + } BENCH_END; + + BENCH_RUN("cp_lvpub_ver") { + g1_rand(p); + g2_rand(q); + pc_map(e, p, q); + BENCH_ADD(cp_lvpub_ver(r, g, r1, e)); + } BENCH_END; + + bn_free(r1); + bn_free(r2); + g1_free(p); + g1_free(u1); + g1_free(v1); + g2_free(q); + g2_free(u2); + g2_free(v2); + g2_free(w2); + gt_free(e); + gt_free(r); + gt_free(g[0]); + gt_free(g[1]); + gt_free(g[2]); +} + +static void pdprv(void) { + bn_t r1, r2[3]; + g1_t p, u1[2], v1[3]; + g2_t q, u2[2], v2[4], w2[4]; + gt_t e[2], r, g[4]; + + bn_null(r1); + g1_null(p); + g2_null(q); + gt_null(r); + for (int i = 0; i < 2; i++) { + g1_null(u1[i]); + g2_null(u2[i]); + gt_null(e[i]); + } + for (int i = 0; i < 3; i++) { + g1_null(v1[i]); + bn_null(r2[i]); + } + for (int i = 0; i < 4; i++) { + g2_null(v2[i]); + g2_null(w2[i]); + gt_null(g[i]); + } + + bn_new(r1); + g1_new(p); + g2_new(q); + gt_new(r); + for (int i = 0; i < 2; i++) { + g1_new(u1[i]); + g2_new(u2[i]); + gt_new(e[i]); + } + for (int i = 0; i < 3; i++) { + g1_new(v1[i]); + bn_new(r2[i]); + } + for (int i = 0; i < 4; i++) { + g2_new(v2[i]); + g2_new(w2[i]); + gt_new(g[i]); + } + + BENCH_RUN("cp_pdprv_gen") { + BENCH_ADD(cp_pdprv_gen(r1, r2, u1, u2, v2, e)); + } BENCH_END; + + BENCH_RUN("cp_pdprv_ask") { + g1_rand(p); + g2_rand(q); + BENCH_ADD(cp_pdprv_ask(v1, w2, p, q, r1, r2, u1, u2, v2)); + } BENCH_END; + + BENCH_RUN("cp_pdprv_ans") { + g1_rand(p); + g2_rand(q); + BENCH_ADD(cp_pdprv_ans(g, v1, w2)); + } BENCH_END; + + BENCH_RUN("cp_pdprv_ver") { + g1_rand(p); + g2_rand(q); + BENCH_ADD(cp_pdprv_ver(r, g, r1, e)); + } BENCH_END; + + BENCH_RUN("cp_lvprv_gen") { + BENCH_ADD(cp_lvprv_gen(r1, r2, u1, u2, v2, e)); + } BENCH_END; + + BENCH_RUN("cp_lvprv_ask") { + g1_rand(p); + g2_rand(q); + BENCH_ADD(cp_lvprv_ask(v1, w2, p, q, r1, r2, u1, u2, v2)); + } BENCH_END; + + BENCH_RUN("cp_lvprv_ans") { + g1_rand(p); + g2_rand(q); + BENCH_ADD(cp_lvprv_ans(g, v1, w2)); + } BENCH_END; + + BENCH_RUN("cp_lvprv_ver") { + g1_rand(p); + g2_rand(q); + BENCH_ADD(cp_lvprv_ver(r, g, r1, e)); + } BENCH_END; + + bn_free(r1); + g1_free(p); + g2_free(q); + gt_free(r); + for (int i = 0; i < 2; i++) { + g1_free(u1[i]); + g2_free(u2[i]); + gt_free(e[i]); + } + for (int i = 0; i < 3; i++) { + g1_free(v1[i]); + bn_free(r2[i]); + } + for (int i = 0; i < 4; i++) { + g2_free(v2[i]); + g2_free(w2[i]); + gt_free(g[i]); + } +} + +static void sokaka(void) { + sokaka_t k; + bn_t s; + uint8_t key1[RLC_MD_LEN]; + char *id_a = "Alice"; + char *id_b = "Bob"; + + sokaka_null(k); + + sokaka_new(k); + bn_new(s); + + BENCH_RUN("cp_sokaka_gen") { + BENCH_ADD(cp_sokaka_gen(s)); + } + BENCH_END; + + BENCH_RUN("cp_sokaka_gen_prv") { + BENCH_ADD(cp_sokaka_gen_prv(k, id_b, s)); + } + BENCH_END; + + BENCH_RUN("cp_sokaka_key (g1)") { + BENCH_ADD(cp_sokaka_key(key1, RLC_MD_LEN, id_b, k, id_a)); + } + BENCH_END; + + if (pc_map_is_type3()) { + cp_sokaka_gen_prv(k, id_a, s); + + BENCH_RUN("cp_sokaka_key (g2)") { + BENCH_ADD(cp_sokaka_key(key1, RLC_MD_LEN, id_a, k, id_b)); + } + BENCH_END; + } + + sokaka_free(k); + bn_free(s); +} + +static void ibe(void) { + bn_t s; + g1_t pub; + g2_t prv; + uint8_t in[10], out[10 + 2 * RLC_FP_BYTES + 1]; + char *id = "Alice"; + int in_len, out_len; + + bn_null(s); + g1_null(pub); + g2_null(prv); + + bn_new(s); + g1_new(pub); + g2_new(prv); + + rand_bytes(in, sizeof(in)); + + BENCH_RUN("cp_ibe_gen") { + BENCH_ADD(cp_ibe_gen(s, pub)); + } + BENCH_END; + + BENCH_RUN("cp_ibe_gen_prv") { + BENCH_ADD(cp_ibe_gen_prv(prv, id, s)); + } + BENCH_END; + + BENCH_RUN("cp_ibe_enc") { + in_len = sizeof(in); + out_len = in_len + 2 * RLC_FP_BYTES + 1; + rand_bytes(in, sizeof(in)); + BENCH_ADD(cp_ibe_enc(out, &out_len, in, in_len, id, pub)); + cp_ibe_dec(out, &out_len, out, out_len, prv); + } + BENCH_END; + + BENCH_RUN("cp_ibe_dec") { + in_len = sizeof(in); + out_len = in_len + 2 * RLC_FP_BYTES + 1; + rand_bytes(in, sizeof(in)); + cp_ibe_enc(out, &out_len, in, in_len, id, pub); + BENCH_ADD(cp_ibe_dec(out, &out_len, out, out_len, prv)); + } + BENCH_END; + + bn_free(s); + g1_free(pub); + g2_free(prv); +} + +static void bgn(void) { + g1_t c[2]; + g2_t d[2]; + gt_t e[4]; + bgn_t pub, prv; + dig_t in; + + g1_null(c[0]); + g1_null(c[1]); + g2_null(d[0]); + g2_null(d[1]); + bgn_null(pub); + bgn_null(prv); + + g1_new(c[0]); + g1_new(c[1]); + g2_new(d[0]); + g2_new(d[1]); + bgn_new(pub); + bgn_new(prv); + for (int i = 0; i < 4; i++) { + gt_null(e[i]); + gt_new(e[i]); + } + + BENCH_RUN("cp_bgn_gen") { + BENCH_ADD(cp_bgn_gen(pub, prv)); + } BENCH_END; + + in = 10; + + BENCH_RUN("cp_bgn_enc1") { + BENCH_ADD(cp_bgn_enc1(c, in, pub)); + cp_bgn_dec1(&in, c, prv); + } BENCH_END; + + BENCH_RUN("cp_bgn_dec1 (10)") { + cp_bgn_enc1(c, in, pub); + BENCH_ADD(cp_bgn_dec1(&in, c, prv)); + } BENCH_END; + + BENCH_RUN("cp_bgn_enc2") { + BENCH_ADD(cp_bgn_enc2(d, in, pub)); + cp_bgn_dec2(&in, d, prv); + } BENCH_END; + + BENCH_RUN("cp_bgn_dec2 (10)") { + cp_bgn_enc2(d, in, pub); + BENCH_ADD(cp_bgn_dec2(&in, d, prv)); + } BENCH_END; + + BENCH_RUN("cp_bgn_mul") { + BENCH_ADD(cp_bgn_mul(e, c, d)); + } BENCH_END; + + BENCH_RUN("cp_bgn_dec (100)") { + BENCH_ADD(cp_bgn_dec(&in, e, prv)); + } BENCH_END; + + BENCH_RUN("cp_bgn_add") { + BENCH_ADD(cp_bgn_add(e, e, e)); + } BENCH_END; + + g1_free(c[0]); + g1_free(c[1]); + g2_free(d[0]); + g2_free(d[1]); + bgn_free(pub); + bgn_free(prv); + for (int i = 0; i < 4; i++) { + gt_free(e[i]); + } +} + +static void bls(void) { + uint8_t msg[5] = { 0, 1, 2, 3, 4 }; + g1_t s; + g2_t p; + bn_t d; + + g1_null(s); + g2_null(p); + bn_null(d); + + g1_new(s); + g2_new(p); + bn_new(d); + + BENCH_RUN("cp_bls_gen") { + BENCH_ADD(cp_bls_gen(d, p)); + } + BENCH_END; + + BENCH_RUN("cp_bls_sign") { + BENCH_ADD(cp_bls_sig(s, msg, 5, d)); + } + BENCH_END; + + BENCH_RUN("cp_bls_ver") { + BENCH_ADD(cp_bls_ver(s, msg, 5, p)); + } + BENCH_END; + + g1_free(s); + bn_free(d); + g2_free(p); +} + +static void bbs(void) { + uint8_t msg[5] = { 0, 1, 2, 3, 4 }, h[RLC_MD_LEN]; + g1_t s; + g2_t p; + gt_t z; + bn_t d; + + g1_null(s); + g2_null(p); + gt_null(z); + bn_null(d); + + g1_new(s); + g2_new(p); + gt_new(z); + bn_new(d); + + BENCH_RUN("cp_bbs_gen") { + BENCH_ADD(cp_bbs_gen(d, p, z)); + } + BENCH_END; + + BENCH_RUN("cp_bbs_sign (h = 0)") { + BENCH_ADD(cp_bbs_sig(s, msg, 5, 0, d)); + } + BENCH_END; + + BENCH_RUN("cp_bbs_sign (h = 1)") { + md_map(h, msg, 5); + BENCH_ADD(cp_bbs_sig(s, h, RLC_MD_LEN, 1, d)); + } + BENCH_END; + + BENCH_RUN("cp_bbs_ver (h = 0)") { + BENCH_ADD(cp_bbs_ver(s, msg, 5, 0, p, z)); + } + BENCH_END; + + BENCH_RUN("cp_bbs_ver (h = 1)") { + md_map(h, msg, 5); + BENCH_ADD(cp_bbs_ver(s, h, RLC_MD_LEN, 1, p, z)); + } + BENCH_END; + + g1_free(s); + bn_free(d); + g2_free(p); +} + +static int cls(void) { + int i, code = RLC_ERR; + bn_t r, t, u, v, _v[4]; + g1_t a, A, b, B, c, _A[4], _B[4]; + g2_t x, y, z, _z[4]; + uint8_t m[5] = { 0, 1, 2, 3, 4 }; + uint8_t *msgs[5] = {m, m, m, m, m}; + int lens[5] = {sizeof(m), sizeof(m), sizeof(m), sizeof(m), sizeof(m)}; + + bn_null(r); + bn_null(t); + bn_null(u); + bn_null(v); + g1_null(a); + g1_null(A); + g1_null(b); + g1_null(B); + g1_null(c); + g2_null(x); + g2_null(y); + g2_null(z); + for (i = 0; i < 4; i++) { + bn_null(_v[i]); + g1_null(_A[i]); + g1_null(_B[i]); + g2_null(_z[i]); + } + + bn_new(r); + bn_new(t); + bn_new(u); + bn_new(v); + g1_new(a); + g1_new(A); + g1_new(b); + g1_new(B); + g1_new(c); + g2_new(x); + g2_new(y); + g2_new(z); + for (i = 0; i < 4; i++) { + bn_new(_v[i]); + g1_new(_A[i]); + g1_new(_B[i]); + g2_new(_z[i]); + } + + BENCH_RUN("cp_cls_gen") { + BENCH_ADD(cp_cls_gen(u, v, x, y)); + } BENCH_END; + + BENCH_RUN("cp_cls_sig") { + BENCH_ADD(cp_cls_sig(a, b, c, m, sizeof(m), u, v)); + } BENCH_END; + + BENCH_RUN("cp_cls_ver") { + BENCH_ADD(cp_cls_ver(a, b, c, m, sizeof(m), x, y)); + } BENCH_END; + + BENCH_RUN("cp_cli_gen") { + BENCH_ADD(cp_cli_gen(t, u, v, x, y, z)); + } BENCH_END; + + bn_rand(r, RLC_POS, 2 * pc_param_level()); + BENCH_RUN("cp_cli_sig") { + BENCH_ADD(cp_cli_sig(a, A, b, B, c, m, sizeof(m), r, t, u, v)); + } BENCH_END; + + BENCH_RUN("cp_cli_ver") { + BENCH_ADD(cp_cli_ver(a, A, b, B, c, m, sizeof(m), r, x, y, z)); + } BENCH_END; + + BENCH_RUN("cp_clb_gen (5)") { + BENCH_ADD(cp_clb_gen(t, u, _v, x, y, _z, 5)); + } BENCH_END; + + BENCH_RUN("cp_clb_sig (5)") { + BENCH_ADD(cp_clb_sig(a, _A, b, _B, c, msgs, lens, t, u, _v, 5)); + } BENCH_END; + + BENCH_RUN("cp_clb_ver (5)") { + BENCH_ADD(cp_clb_ver(a, _A, b, _B, c, msgs, lens, x, y, _z, 5)); + } BENCH_END; + + bn_free(r); + bn_free(t); + bn_free(u); + bn_free(v); + g1_free(a); + g1_free(A); + g1_free(b); + g1_free(B); + g1_free(c); + g2_free(x); + g2_free(y); + g2_free(z); + for (i = 0; i < 4; i++) { + bn_free(_v[i]); + g1_free(_A[i]); + g1_free(_B[i]); + g2_free(_z[i]); + } + return code; +} + +static void pss(void) { + bn_t ms[10], n, u, v, _v[10]; + g1_t a, b; + g2_t g, x, y, _y[10]; + + bn_null(n); + bn_null(u); + bn_null(v); + g1_null(a); + g1_null(b); + g2_null(g); + g2_null(x); + g2_null(y); + bn_new(n); + bn_new(u); + bn_new(v); + g1_new(a); + g1_new(b); + g2_new(g); + g2_new(x); + g2_new(y); + + g1_get_ord(n); + for (int i = 0; i < 10; i++) { + bn_null(ms[i]); + bn_null(_v[i]); + g2_null(_y[i]); + bn_new(ms[i]); + bn_rand_mod(ms[i], n); + bn_new(_v[i]); + g2_new(_y[i]); + } + + BENCH_RUN("cp_pss_gen") { + BENCH_ADD(cp_pss_gen(u, v, g, x, y)); + } BENCH_END; + + BENCH_RUN("cp_pss_sig") { + BENCH_ADD(cp_pss_sig(a, b, ms[0], u, v)); + } BENCH_END; + + BENCH_RUN("cp_pss_ver") { + BENCH_ADD(cp_pss_ver(a, b, ms[0], g, x, y)); + } BENCH_END; + + BENCH_RUN("cp_psb_gen (10)") { + BENCH_ADD(cp_psb_gen(u, _v, g, x, _y, 10)); + } BENCH_END; + + BENCH_RUN("cp_psb_sig (10)") { + BENCH_ADD(cp_psb_sig(a, b, ms, u, _v, 10)); + } BENCH_END; + + BENCH_RUN("cp_psb_ver (10)") { + BENCH_ADD(cp_psb_ver(a, b, ms, g, x, _y, 10)); + } BENCH_END; + + bn_free(u); + bn_free(v); + g1_free(a); + g1_free(b); + g2_free(g); + g2_free(x); + g2_free(y); + for (int i = 0; i < 10; i++) { + bn_free(ms[i]); + bn_free(_v[i]); + g1_free(_y[i]); + } +} + +#ifdef WITH_MPC + +static void mpss(void) { + bn_t m[2], n, u[2], v[2], ms[10][2], _v[10][2]; + g1_t g, s[2]; + g2_t h, x[2], y[2], _y[10][2]; + gt_t r[2]; + mt_t tri[3][2]; + pt_t t[2]; + + bn_null(n); + g1_null(g); + g2_null(h); + + bn_new(n); + g1_new(g); + g2_new(h); + for (int i = 0; i < 2; i++) { + bn_null(m[i]); + bn_null(u[i]); + bn_null(v[i]); + g1_null(s[i]); + g2_null(x[i]); + g2_null(y[i]); + gt_null(r[i]); + mt_null(tri[0][i]); + mt_null(tri[1][i]); + mt_null(tri[2][i]); + pt_null(t[i]); + bn_new(m[i]); + bn_new(u[i]); + bn_new(v[i]); + g1_new(s[i]); + g2_new(x[i]); + g2_new(y[i]); + gt_new(r[i]); + mt_new(tri[0][i]); + mt_new(tri[1][i]); + mt_new(tri[2][i]); + pt_new(t[i]); + + g1_get_ord(n); + for (int j = 0; j < 10; j++) { + bn_null(ms[j][i]); + bn_null(_v[j][i]); + g2_null(_y[j][i]); + bn_new(ms[j][i]); + bn_rand_mod(ms[j][i], n); + bn_new(_v[j][i]); + g2_new(_y[j][i]); + } + } + + pc_map_tri(t); + mt_gen(tri[0], n); + mt_gen(tri[1], n); + mt_gen(tri[2], n); + + bn_rand_mod(m[0], n); + bn_rand_mod(m[1], n); + bn_sub(m[0], m[1], m[0]); + if (bn_sign(m[0]) == RLC_NEG) { + bn_add(m[0], m[0], n); + } + gt_exp_gen(r[0], tri[2][0]->c); + gt_exp_gen(r[1], tri[2][1]->c); + tri[2][0]->bt = &r[0]; + tri[2][1]->bt = &r[1]; + tri[2][0]->ct = &r[0]; + tri[2][1]->ct = &r[1]; + + BENCH_RUN("cp_mpss_gen") { + BENCH_ADD(cp_mpss_gen(u, v, h, x, y)); + } BENCH_END; + + BENCH_RUN("cp_mpss_bct") { + BENCH_ADD(cp_mpss_bct(x, y)); + } BENCH_END; + + BENCH_RUN("cp_mpss_sig") { + BENCH_ADD(cp_mpss_sig(g, s, m, u, v, tri[0], tri[1])); + } BENCH_DIV(2); + + BENCH_RUN("cp_mpss_ver") { + BENCH_ADD(cp_mpss_ver(r[0], g, s, m, h, x[0], y[0], tri[2], t)); + } BENCH_DIV(2); + + g1_get_ord(n); + pc_map_tri(t); + mt_gen(tri[0], n); + mt_gen(tri[1], n); + mt_gen(tri[2], n); + + BENCH_RUN("cp_mpsb_gen (10)") { + BENCH_ADD(cp_mpsb_gen(u, _v, h, x, _y, 10)); + } BENCH_END; + + BENCH_RUN("cp_mpsb_bct (10)") { + BENCH_ADD(cp_mpsb_bct(x, _y, 10)); + } BENCH_END; + + BENCH_RUN("cp_mpsb_sig (10)") { + BENCH_ADD(cp_mpsb_sig(g, s, ms, u, _v, tri[0], tri[1], 10)); + } BENCH_DIV(2); + + BENCH_RUN("cp_mpsb_ver (10)") { + BENCH_ADD(cp_mpsb_ver(r[1], g, s, ms, h, x[0], _y, NULL, tri[2], t, 10)); + } BENCH_DIV(2); + + BENCH_RUN("cp_mpsb_ver (10,sk)") { + BENCH_ADD(cp_mpsb_ver(r[1], g, s, ms, h, x[0], _y, _v, tri[2], t, 10)); + } BENCH_DIV(2); + + bn_free(n); + g1_free(g); + g2_free(h); + for (int i = 0; i < 2; i++) { + bn_free(m[i]); + bn_free(u[i]); + bn_free(v[i]); + g1_free(s[i]); + g2_free(x[i]); + g2_free(y[i]); + gt_null(r[i]); + mt_free(tri[0][i]); + mt_free(tri[1][i]); + mt_free(tri[2][i]); + pt_free(t[i]); + for (int j = 0; j < 10; j++) { + bn_free(ms[j][i]); + bn_free(_v[j][i]); + g2_free(_y[j][i]); + } + } +} + +#endif + +static void zss(void) { + uint8_t msg[5] = { 0, 1, 2, 3, 4 }, h[RLC_MD_LEN]; + g1_t p; + g2_t s; + gt_t z; + bn_t d; + + bn_null(d); + g1_null(p); + g2_null(s); + gt_null(z); + + g1_new(p); + g2_new(s); + gt_new(z); + bn_new(d); + + BENCH_RUN("cp_zss_gen") { + BENCH_ADD(cp_zss_gen(d, p, z)); + } + BENCH_END; + + BENCH_RUN("cp_zss_sign (h = 0)") { + BENCH_ADD(cp_zss_sig(s, msg, 5, 0, d)); + } + BENCH_END; + + BENCH_RUN("cp_zss_sign (h = 1)") { + md_map(h, msg, 5); + BENCH_ADD(cp_zss_sig(s, h, RLC_MD_LEN, 1, d)); + } + BENCH_END; + + BENCH_RUN("cp_zss_ver (h = 0)") { + BENCH_ADD(cp_zss_ver(s, msg, 5, 0, p, z)); + } + BENCH_END; + + BENCH_RUN("cp_zss_ver (h = 1)") { + md_map(h, msg, 5); + BENCH_ADD(cp_zss_ver(s, h, RLC_MD_LEN, 1, p, z)); + } + BENCH_END; + + bn_free(d); + g1_free(p); + g2_free(s); +} + +/* Size of the dataset for benchmarking. */ +#define S 10 /* Number of signers. */ +#define L 16 /* Number of labels, must be <= RLC_TERMS. */ +#define K RLC_MD_LEN /* Size of PRF key. */ +//#define BENCH_LHS /* Uncomment for fine-grained benchmarking. */ + +static void lhs(void) { + uint8_t k[S][K]; + bn_t m, n, msg[L], sk[S], d[S], x[S][L]; + g1_t _r, h, as[S], cs[S], sig[S]; + g1_t a[S][L], c[S][L], r[S][L]; + g2_t _s, s[S][L], pk[S], y[S], z[S]; + gt_t *hs[S], vk; + char *data = "id"; + char *id[S] = { "0", "1", "2", "3", "4", "5", "6", "7", "8", "9"}; + dig_t ft[S]; + dig_t *f[S]; + int flen[S]; + + bn_null(m); + bn_null(n); + g1_null(h); + g1_null(_r); + g2_null(_s); + gt_null(vk); + + bn_new(m); + bn_new(n); + g1_new(h); + g1_new(_r); + g2_new(_s); + gt_new(vk); + + pc_get_ord(n); + for (int i = 0; i < L; i++) { + bn_null(msg[i]); + bn_new(msg[i]); + bn_rand_mod(msg[i], n); + } + for (int i = 0; i < S; i++) { + hs[i] = RLC_ALLOCA(gt_t, RLC_TERMS); + for (int j = 0; j < RLC_TERMS; j++) { + gt_null(hs[i][j]); + gt_new(hs[i][j]); + } + for (int j = 0; j < L; j++) { + bn_null(x[i][j]); + g1_null(a[i][j]); + g1_null(c[i][j]); + g1_null(r[i][j]); + g2_null(s[i][j]); + bn_new(x[i][j]); + g1_new(a[i][j]); + g1_new(c[i][j]); + g1_new(r[i][j]); + g2_new(s[i][j]); + } + bn_null(sk[i]); + bn_null(d[i]); + g1_null(sig[i]); + g1_null(as[i]); + g1_null(cs[i]); + g2_null(y[i]); + g2_null(z[i]); + g2_null(pk[i]); + + bn_new(sk[i]); + bn_new(d[i]); + g1_new(sig[i]); + g1_new(as[i]); + g1_new(cs[i]); + g2_new(y[i]); + g2_new(z[i]); + g2_new(pk[i]); + } + + /* Define linear function. */ + for (int i = 0; i < S; i++) { + f[i] = RLC_ALLOCA(dig_t, RLC_TERMS); + for (int j = 0; j < RLC_TERMS; j++) { + uint32_t t; + rand_bytes((uint8_t *)&t, sizeof(uint32_t)); + f[i][j] = t; + } + flen[i] = L; + } + + /* Initialize scheme for messages of single components. */ + cp_cmlhs_init(h); + + BENCH_ONE("cp_cmlhs_gen", + for (int j = 0; j < S; j++) { + BENCH_ADD(cp_cmlhs_gen(x[j], hs[j], L, k[j], K, sk[j], pk[j], d[j], y[j])); + }, + S); + + int label[L]; + + BENCH_FEW("cp_cmlhs_sig", + /* Compute all signatures. */ + for (int j = 0; j < S; j++) { + for (int l = 0; l < L; l++) { + label[l] = l; + bn_mod(msg[l], msg[l], n); + BENCH_ADD(cp_cmlhs_sig(sig[j], z[j], a[j][l], c[j][l], r[j][l], + s[j][l], msg[l], data, label[l], x[j][l], h, k[j], K, d[j], sk[j])); + } + }, + S * L); + + BENCH_RUN("cp_cmlhs_fun") { + for (int j = 0; j < S; j++) { + BENCH_ADD(cp_cmlhs_fun(as[j], cs[j], a[j], c[j], f[j], L)); + } + } BENCH_DIV(S); + + BENCH_RUN("cp_cmlhs_evl") { + cp_cmlhs_evl(_r, _s, r[0], s[0], f[0], L); + for (int j = 1; j < S; j++) { + BENCH_ADD(cp_cmlhs_evl(r[0][0], s[0][0], r[j], s[j], f[j], L)); + g1_add(_r, _r, r[0][0]); + g2_add(_s, _s, s[0][0]); + } + g1_norm(_r, _r); + g2_norm(_s, _s); + } BENCH_DIV(S); + + bn_zero(m); + for (int j = 0; j < L; j++) { + dig_t sum = 0; + for (int l = 0; l < S; l++) { + sum += f[l][j]; + } + bn_mul_dig(msg[j], msg[j], sum); + bn_add(m, m, msg[j]); + bn_mod(m, m, n); + } + + BENCH_RUN("cp_cmlhs_ver") { + BENCH_ADD(cp_cmlhs_ver(_r, _s, sig, z, as, cs, m, data, h, label, hs, + f, flen, y, pk, S)); + } BENCH_DIV(S); + + BENCH_RUN("cp_cmlhs_off") { + BENCH_ADD(cp_cmlhs_off(vk, h, label, hs, f, flen, y, pk, S)); + } BENCH_DIV(S); + + BENCH_RUN("cp_cmlhs_onv") { + BENCH_ADD(cp_cmlhs_onv(_r, _s, sig, z, as, cs, m, data, h, vk, y, + pk, S)); + } BENCH_DIV(S); + +#ifdef BENCH_LHS + for (int t = 1; t <= S; t++) { + util_print("(%2d ids) ", t); + BENCH_RUN("cp_cmlhs_ver") { + BENCH_ADD(cp_cmlhs_ver(_r, _s, sig, z, as, cs, m, data, h, label, + hs, f, flen, y, pk, t)); + } BENCH_END; + + util_print("(%2d ids) ", t); + BENCH_RUN("cp_cmlhs_off") { + BENCH_ADD(cp_cmlhs_off(vk, h, label, hs, f, flen, y, pk, t)); + } BENCH_END; + + util_print("(%2d ids) ", t); + BENCH_RUN("cp_cmlhs_onv") { + BENCH_ADD(cp_cmlhs_onv(_r, _s, sig, z, as, cs, m, data, h, vk, y, + pk, t)); + } BENCH_END; + } + + for (int t = 1; t <= L; t++) { + util_print("(%2d lbs) ", t); + for (int u = 0; u < S; u++) { + flen[u] = t; + } + BENCH_RUN("cp_cmlhs_ver") { + BENCH_ADD(cp_cmlhs_ver(_r, _s, sig, z, as, cs, m, data, h, label, + hs, f, flen, y, pk, S)); + } BENCH_END; + + util_print("(%2d lbs) ", t); + BENCH_RUN("cp_cmlhs_off") { + BENCH_ADD(cp_cmlhs_off(vk, h, label, hs, f, flen, y, pk, t)); + } BENCH_END; + + util_print("(%2d lbs) ", t); + BENCH_RUN("cp_cmlhs_onv") { + BENCH_ADD(cp_cmlhs_onv(_r, _s, sig, z, as, cs, m, data, h, vk, y, + pk, t)); + } BENCH_END; + } +#endif /* BENCH_LHS */ + + char *ls[L]; + + BENCH_RUN("cp_mklhs_gen") { + for (int j = 0; j < S; j++) { + BENCH_ADD(cp_mklhs_gen(sk[j], pk[j])); + } + } BENCH_DIV(S); + + BENCH_RUN("cp_mklhs_sig") { + for (int j = 0; j < S; j++) { + for (int l = 0; l < L; l++) { + ls[l] = "l"; + bn_mod(msg[l], msg[l], n); + BENCH_ADD(cp_mklhs_sig(a[j][l], msg[l], data, + id[j], ls[l], sk[j])); + } + } + } BENCH_DIV(S * L); + + BENCH_RUN("cp_mklhs_fun") { + for (int j = 0; j < S; j++) { + bn_zero(d[j]); + BENCH_ADD(cp_mklhs_fun(d[j], msg, f[j], L)); + } + } + BENCH_DIV(S); + + BENCH_RUN("cp_mklhs_evl") { + g1_set_infty(_r); + for (int j = 0; j < S; j++) { + BENCH_ADD(cp_mklhs_evl(r[0][j], a[j], f[j], L)); + g1_add(_r, _r, r[0][j]); + } + g1_norm(_r, _r); + } + BENCH_DIV(S); + + bn_zero(m); + for (int j = 0; j < L; j++) { + dig_t sum = 0; + for (int l = 0; l < S; l++) { + sum += f[l][j]; + } + bn_mul_dig(msg[j], msg[j], sum); + bn_add(m, m, msg[j]); + bn_mod(m, m, n); + } + + BENCH_RUN("cp_mklhs_ver") { + BENCH_ADD(cp_mklhs_ver(_r, m, d, data, id, ls, f, flen, pk, S)); + } BENCH_DIV(S); + + BENCH_RUN("cp_mklhs_off") { + BENCH_ADD(cp_mklhs_off(cs, ft, id, ls, f, flen, S)); + } BENCH_DIV(S); + + BENCH_RUN("cp_mklhs_onv") { + BENCH_ADD(cp_mklhs_onv(_r, m, d, data, id, cs, ft, pk, S)); + } BENCH_DIV(S); + +#ifdef BENCH_LHS + for (int t = 1; t <= S; t++) { + util_print("(%2d ids) ", t); + BENCH_RUN("cp_mklhs_ver") { + BENCH_ADD(cp_mklhs_ver(_r, m, d, data, id, ls, f, flen, pk, t)); + } BENCH_END; + + util_print("(%2d ids) ", t); + BENCH_RUN("cp_mklhs_off") { + BENCH_ADD(cp_mklhs_off(cs, ft, id, ls, f, flen, t)); + } BENCH_END; + + util_print("(%2d ids) ", t); + BENCH_RUN("cp_mklhs_onv") { + BENCH_ADD(cp_mklhs_onv(_r, m, d, data, id, cs, ft, pk, t)); + } BENCH_END; + } + + for (int t = 1; t <= L; t++) { + util_print("(%2d lbs) ", t); + for (int u = 0; u < S; u++) { + flen[u] = t; + } + BENCH_RUN("cp_mklhs_ver") { + BENCH_ADD(cp_mklhs_ver(_r, m, d, data, id, ls, f, flen, pk, S)); + } BENCH_END; + + util_print("(%2d lbs) ", t); + BENCH_RUN("cp_mklhs_off") { + BENCH_ADD(cp_mklhs_off(cs, ft, id, ls, f, flen, S)); + } BENCH_END; + + util_print("(%2d lbs) ", t); + BENCH_RUN("cp_mklhs_onv") { + BENCH_ADD(cp_mklhs_onv(_r, m, d, data, id, cs, ft, pk, S)); + } BENCH_END; + } +#endif /* BENCH_LHS */ + + bn_free(n); + bn_free(m); + g1_free(h); + g1_free(_r); + g2_free(_s); + gt_free(vk); + + for (int i = 0; i < L; i++) { + bn_free(msg[i]); + } + for (int i = 0; i < S; i++) { + RLC_FREE(f[i]); + for (int j = 0; j < RLC_TERMS; j++) { + gt_free(hs[i][j]); + } + RLC_FREE(hs[i]); + for (int j = 0; j < L; j++) { + bn_free(x[i][j]); + g1_free(a[i][j]); + g1_free(c[i][j]); + g1_free(r[i][j]); + g2_free(s[i][j]); + } + bn_free(sk[i]); + bn_free(d[i]); + g1_free(sig[i]); + g1_free(as[i]); + g1_free(cs[i]); + g2_free(y[i]); + g2_free(z[i]); + g2_free(pk[i]); + } +} + +#endif /* WITH_PC */ + +int main(void) { + if (core_init() != RLC_OK) { + core_clean(); + return 1; + } + + conf_print(); + + util_banner("Benchmarks for the CP module:", 0); + +#if defined(WITH_BN) + util_banner("Protocols based on integer factorization:\n", 0); + rsa(); + rabin(); + benaloh(); + paillier(); +#endif + +#if defined(WITH_EC) + if (ec_param_set_any() == RLC_OK) { + util_banner("Protocols based on elliptic curves:\n", 0); + ecdh(); + ecmqv(); + ecies(); + ecdsa(); + ecss(); + vbnn(); + ers(); + etrs(); + } +#endif + +#if defined(WITH_PC) + if (pc_param_set_any() == RLC_OK) { + util_banner("Protocols based on pairings:\n", 0); + pdpub(); + pdprv(); + sokaka(); + ibe(); + bgn(); + bls(); + bbs(); + cls(); + pss(); +#if defined(WITH_MPC) + mpss(); +#endif + zss(); + lhs(); + } +#endif + + core_clean(); + return 0; +} diff --git a/depends/relic/bench/bench_dv.c b/depends/relic/bench/bench_dv.c new file mode 100644 index 00000000000000..7f1584619770d2 --- /dev/null +++ b/depends/relic/bench/bench_dv.c @@ -0,0 +1,111 @@ +/* + * RELIC is an Efficient LIbrary for Cryptography + * Copyright (c) 2009 RELIC Authors + * + * This file is part of RELIC. RELIC is legal property of its developers, + * whose names are not listed here. Please refer to the COPYRIGHT file + * for contact information. + * + * RELIC is free software; you can redistribute it and/or modify it under the + * terms of the version 2.1 (or later) of the GNU Lesser General Public License + * as published by the Free Software Foundation; or version 2.0 of the Apache + * License as published by the Apache Software Foundation. See the LICENSE files + * for more details. + * + * RELIC is distributed in the hope that it will be useful, but WITHOUT ANY + * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + * A PARTICULAR PURPOSE. See the LICENSE files for more details. + * + * You should have received a copy of the GNU Lesser General Public or the + * Apache License along with RELIC. If not, see + * or . + */ + +/** + * @file + * + * Benchmarks for manipulating temporary double-precision digit vectors. + * + * @ingroup bench + */ + +#include + +#include "relic.h" +#include "relic_bench.h" + +static void memory(void) { + dv_t a[BENCH]; + + BENCH_FEW("dv_null", dv_null(a[i]), 1); + + BENCH_FEW("dv_new", dv_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + dv_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + dv_new(a[i]); + } + BENCH_FEW("dv_free", dv_free(a[i]), 1); + + (void)a; +} + +static void copy(void) { + dv_t a, b; + + dv_null(a); + dv_null(b); + + dv_new(a); + dv_new(b); + + BENCH_RUN("dv_copy") { + rand_bytes((uint8_t *)a, RLC_DV_DIGS * sizeof(dig_t)); + rand_bytes((uint8_t *)b, RLC_DV_DIGS * sizeof(dig_t)); + BENCH_ADD(dv_copy(a, b, RLC_DV_DIGS)); + } BENCH_END; + + BENCH_RUN("dv_copy_cond") { + rand_bytes((uint8_t *)a, RLC_DV_DIGS * sizeof(dig_t)); + rand_bytes((uint8_t *)b, RLC_DV_DIGS * sizeof(dig_t)); + BENCH_ADD(dv_copy_cond(a, b, RLC_DV_DIGS, 1)); + } BENCH_END; + + BENCH_RUN("dv_swap_cond") { + rand_bytes((uint8_t *)a, RLC_DV_DIGS * sizeof(dig_t)); + rand_bytes((uint8_t *)b, RLC_DV_DIGS * sizeof(dig_t)); + BENCH_ADD(dv_swap_cond(a, b, RLC_DV_DIGS, 1)); + } BENCH_END; + + BENCH_RUN("dv_cmp") { + rand_bytes((uint8_t *)a, RLC_DV_DIGS * sizeof(dig_t)); + rand_bytes((uint8_t *)b, RLC_DV_DIGS * sizeof(dig_t)); + BENCH_ADD(dv_cmp(a, b, RLC_DV_DIGS)); + } BENCH_END; + + BENCH_RUN("dv_cmp_const") { + rand_bytes((uint8_t *)a, RLC_DV_DIGS * sizeof(dig_t)); + rand_bytes((uint8_t *)b, RLC_DV_DIGS * sizeof(dig_t)); + BENCH_ADD(dv_cmp_const(a, b, RLC_DV_DIGS)); + } BENCH_END; + + dv_free(a); + dv_free(b); +} + +int main(void) { + if (core_init() != RLC_OK) { + core_clean(); + return 1; + } + + conf_print(); + util_banner("Benchmarks for the DV module:", 0); + util_banner("Utilities:\n", 0); + memory(); + copy(); + core_clean(); + return 0; +} diff --git a/depends/relic/bench/bench_eb.c b/depends/relic/bench/bench_eb.c new file mode 100644 index 00000000000000..1bd9d94d333bad --- /dev/null +++ b/depends/relic/bench/bench_eb.c @@ -0,0 +1,660 @@ +/* + * RELIC is an Efficient LIbrary for Cryptography + * Copyright (c) 2009 RELIC Authors + * + * This file is part of RELIC. RELIC is legal property of its developers, + * whose names are not listed here. Please refer to the COPYRIGHT file + * for contact information. + * + * RELIC is free software; you can redistribute it and/or modify it under the + * terms of the version 2.1 (or later) of the GNU Lesser General Public License + * as published by the Free Software Foundation; or version 2.0 of the Apache + * License as published by the Apache Software Foundation. See the LICENSE files + * for more details. + * + * RELIC is distributed in the hope that it will be useful, but WITHOUT ANY + * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + * A PARTICULAR PURPOSE. See the LICENSE files for more details. + * + * You should have received a copy of the GNU Lesser General Public or the + * Apache License along with RELIC. If not, see + * or . + */ + +/** + * @file + * + * Benchmarks for arithmetic on binary elliptic curves. + * + * @ingroup bench + */ + +#include + +#include "relic.h" +#include "relic_bench.h" + +static void memory(void) { + eb_t a[BENCH]; + + BENCH_FEW("eb_null", eb_null(a[i]), 1); + + BENCH_FEW("eb_new", eb_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + eb_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + eb_new(a[i]); + } + BENCH_FEW("eb_free", eb_free(a[i]), 1); + + (void)a; +} + +static void util(void) { + eb_t p, q, t[4]; + uint8_t bin[2 * RLC_FB_BYTES + 1]; + int l; + + eb_null(p); + eb_null(q); + for (int j= 0; j < 4; j++) { + eb_null(t[j]); + } + + eb_new(p); + eb_new(q); + for (int j= 0; j < 4; j++) { + eb_new(t[j]); + } + + BENCH_RUN("eb_is_infty") { + eb_rand(p); + BENCH_ADD(eb_is_infty(p)); + } BENCH_END; + + BENCH_RUN("eb_set_infty") { + eb_rand(p); + BENCH_ADD(eb_set_infty(p)); + } BENCH_END; + + BENCH_RUN("eb_copy") { + eb_rand(p); + eb_rand(q); + BENCH_ADD(eb_copy(p, q)); + } BENCH_END; + + BENCH_RUN("eb_cmp") { + eb_rand(p); + eb_dbl(p, p); + eb_rand(q); + eb_dbl(q, q); + BENCH_ADD(eb_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("eb_cmp (1 norm)") { + eb_rand(p); + eb_dbl(p, p); + eb_rand(q); + BENCH_ADD(eb_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("eb_cmp (2 norm)") { + eb_rand(p); + eb_rand(q); + BENCH_ADD(eb_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("eb_rand") { + BENCH_ADD(eb_rand(p)); + } BENCH_END; + + BENCH_RUN("eb_blind") { + BENCH_ADD(eb_blind(p, p)); + } BENCH_END; + + BENCH_RUN("eb_rhs") { + eb_rand(p); + BENCH_ADD(eb_rhs(q->x, p)); + } BENCH_END; + + BENCH_RUN("eb_tab (4)") { + eb_rand(p); + BENCH_ADD(eb_tab(t, p, 4)); + } BENCH_END; + + BENCH_RUN("eb_on_curve") { + eb_rand(p); + BENCH_ADD(eb_on_curve(p)); + } BENCH_END; + + BENCH_RUN("eb_size_bin (0)") { + eb_rand(p); + BENCH_ADD(eb_size_bin(p, 0)); + } BENCH_END; + + BENCH_RUN("eb_size_bin (1)") { + eb_rand(p); + BENCH_ADD(eb_size_bin(p, 1)); + } BENCH_END; + + BENCH_RUN("eb_write_bin (0)") { + eb_rand(p); + l = eb_size_bin(p, 0); + BENCH_ADD(eb_write_bin(bin, l, p, 0)); + } BENCH_END; + + BENCH_RUN("eb_write_bin (1)") { + eb_rand(p); + l = eb_size_bin(p, 1); + BENCH_ADD(eb_write_bin(bin, l, p, 1)); + } BENCH_END; + + BENCH_RUN("eb_read_bin (0)") { + eb_rand(p); + l = eb_size_bin(p, 0); + eb_write_bin(bin, l, p, 0); + BENCH_ADD(eb_read_bin(p, bin, l)); + } BENCH_END; + + BENCH_RUN("eb_read_bin (1)") { + eb_rand(p); + l = eb_size_bin(p, 1); + eb_write_bin(bin, l, p, 1); + BENCH_ADD(eb_read_bin(p, bin, l)); + } BENCH_END; + + eb_free(p); + eb_free(q); + for (int j = 0; j < 4; j++) { + eb_free(t[j]); + } +} + +static void arith(void) { + eb_t p, q, r, t[RLC_EB_TABLE_MAX]; + bn_t k, l, n; + + eb_null(p); + eb_null(q); + eb_null(r); + for (int i = 0; i < RLC_EB_TABLE_MAX; i++) { + eb_null(t[i]); + } bn_null(k); + bn_null(l); + bn_null(n); + + eb_new(p); + eb_new(q); + eb_new(r); + bn_new(k); + bn_new(n); + bn_new(l); + + eb_curve_get_ord(n); + + BENCH_RUN("eb_add") { + eb_rand(p); + eb_rand(q); + eb_add(p, p, q); + eb_rand(q); + eb_rand(p); + eb_add(q, q, p); + BENCH_ADD(eb_add(r, p, q)); + } BENCH_END; + +#if EB_ADD == BASIC || !defined(STRIP) + BENCH_RUN("eb_add_basic") { + eb_rand(p); + eb_rand(q); + BENCH_ADD(eb_add_basic(r, p, q)); + } BENCH_END; +#endif + +#if EB_ADD == PROJC || !defined(STRIP) + BENCH_RUN("eb_add_projc") { + eb_rand(p); + eb_rand(q); + eb_add_projc(p, p, q); + eb_rand(q); + eb_rand(p); + eb_add_projc(q, q, p); + BENCH_ADD(eb_add_projc(r, p, q)); + } BENCH_END; + + BENCH_RUN("eb_add_projc (z2 = 1)") { + eb_rand(p); + eb_rand(q); + eb_add_projc(p, p, q); + eb_rand(q); + eb_norm(q, q); + BENCH_ADD(eb_add_projc(r, p, q)); + } BENCH_END; + + BENCH_RUN("eb_add_projc (z1,z2 = 1)") { + eb_rand(p); + eb_norm(p, p); + eb_rand(q); + eb_norm(q, q); + BENCH_ADD(eb_add_projc(r, p, q)); + } BENCH_END; +#endif + + BENCH_RUN("eb_sub") { + eb_rand(p); + eb_rand(q); + eb_add(p, p, q); + eb_rand(q); + eb_rand(p); + eb_add(q, q, p); + BENCH_ADD(eb_sub(r, p, q)); + } BENCH_END; + +#if EB_ADD == BASIC || !defined(STRIP) + BENCH_RUN("eb_sub_basic") { + eb_rand(p); + eb_rand(q); + BENCH_ADD(eb_sub_basic(r, p, q)); + } BENCH_END; +#endif + +#if EB_ADD == PROJC || !defined(STRIP) + BENCH_RUN("eb_sub_projc") { + eb_rand(p); + eb_rand(q); + eb_add_projc(p, p, q); + eb_rand(q); + eb_rand(p); + eb_add_projc(q, q, p); + BENCH_ADD(eb_sub_projc(r, p, q)); + } BENCH_END; + + BENCH_RUN("eb_sub_projc (z2 = 1)") { + eb_rand(p); + eb_rand(q); + eb_add_projc(p, p, q); + eb_rand(q); + eb_norm(q, q); + BENCH_ADD(eb_sub_projc(r, p, q)); + } BENCH_END; + + BENCH_RUN("eb_sub_projc (z1,z2 = 1)") { + eb_rand(p); + eb_norm(p, p); + eb_rand(q); + eb_norm(q, q); + BENCH_ADD(eb_sub_projc(r, p, q)); + } BENCH_END; +#endif + + BENCH_RUN("eb_dbl") { + eb_rand(p); + eb_rand(q); + eb_add(p, p, q); + BENCH_ADD(eb_dbl(r, p)); + } BENCH_END; + +#if EB_ADD == BASIC || !defined(STRIP) + BENCH_RUN("eb_dbl_basic") { + eb_rand(p); + BENCH_ADD(eb_dbl_basic(r, p)); + } BENCH_END; +#endif + +#if EB_ADD == PROJC || !defined(STRIP) + BENCH_RUN("eb_dbl_projc") { + eb_rand(p); + eb_rand(q); + eb_add_projc(p, p, q); + BENCH_ADD(eb_dbl_projc(r, p)); + } BENCH_END; + + BENCH_RUN("eb_dbl_projc (z1 = 1)") { + eb_rand(p); + eb_norm(p, p); + BENCH_ADD(eb_dbl_projc(r, p)); + } BENCH_END; +#endif + + BENCH_RUN("eb_hlv") { + eb_rand(p); + BENCH_ADD(eb_hlv(r, p)); + } + BENCH_END; +#if defined(EB_KBLTZ) + if (eb_curve_is_kbltz()) { + BENCH_RUN("eb_frb") { + eb_rand(p); + eb_rand(q); + eb_add_projc(p, p, q); + BENCH_ADD(eb_frb(r, p)); + } + BENCH_END; + } + +#if EB_ADD == BASIC || !defined(STRIP) + if (eb_curve_is_kbltz()) { + BENCH_RUN("eb_frb (z = 1)") { + eb_rand(p); + BENCH_ADD(eb_frb(r, p)); + } + BENCH_END; + } +#endif + +#endif /* EB_KBLTZ */ + + BENCH_RUN("eb_neg") { + eb_rand(p); + eb_rand(q); + eb_add(p, p, q); + BENCH_ADD(eb_neg(r, p)); + } + BENCH_END; + +#if EB_ADD == BASIC || !defined(STRIP) + BENCH_RUN("eb_neg_basic") { + eb_rand(p); + BENCH_ADD(eb_neg_basic(r, p)); + } + BENCH_END; +#endif + +#if EB_ADD == PROJC || !defined(STRIP) + BENCH_RUN("eb_neg_projc") { + eb_rand(p); + eb_rand(q); + eb_add_projc(p, p, q); + BENCH_ADD(eb_neg_projc(r, p)); + } + BENCH_END; +#endif + + BENCH_RUN("eb_mul") { + bn_rand_mod(k, n); + eb_rand(p); + eb_rand(q); + BENCH_ADD(eb_mul(q, p, k)); + } + BENCH_END; + +#if EB_MUL == BASIC || !defined(STRIP) + BENCH_RUN("eb_mul_basic") { + bn_rand_mod(k, n); + eb_rand(p); + BENCH_ADD(eb_mul_basic(q, p, k)); + } + BENCH_END; +#endif + +#if EB_MUL == LODAH || !defined(STRIP) + BENCH_RUN("eb_mul_lodah") { + bn_rand_mod(k, n); + eb_rand(p); + BENCH_ADD(eb_mul_lodah(q, p, k)); + } + BENCH_END; +#endif + +#if EB_MUL == LWNAF || !defined(STRIP) + BENCH_RUN("eb_mul_lwnaf") { + bn_rand_mod(k, n); + eb_rand(p); + BENCH_ADD(eb_mul_lwnaf(q, p, k)); + } + BENCH_END; +#endif + +#if EB_MUL == RWNAF || !defined(STRIP) + BENCH_RUN("eb_mul_rwnaf") { + bn_rand_mod(k, n); + eb_rand(p); + BENCH_ADD(eb_mul_rwnaf(q, p, k)); + } + BENCH_END; +#endif + +#if EB_MUL == HALVE || !defined(STRIP) + BENCH_RUN("eb_mul_halve") { + bn_rand_mod(k, n); + eb_rand(p); + BENCH_ADD(eb_mul_halve(q, p, k)); + } + BENCH_END; +#endif + + BENCH_RUN("eb_mul_gen") { + bn_rand_mod(k, n); + BENCH_ADD(eb_mul_gen(q, k)); + } + BENCH_END; + + BENCH_RUN("eb_mul_dig") { + bn_rand(k, RLC_POS, RLC_DIG); + bn_rand_mod(k, n); + BENCH_ADD(eb_mul_dig(p, q, k->dp[0])); + } + BENCH_END; + + for (int i = 0; i < RLC_EB_TABLE; i++) { + eb_new(t[i]); + } + + BENCH_RUN("eb_mul_pre") { + eb_rand(p); + BENCH_ADD(eb_mul_pre(t, p)); + } BENCH_END; + + BENCH_RUN("eb_mul_fix") { + bn_rand_mod(k, n); + eb_rand(p); + eb_mul_pre(t, p); + BENCH_ADD(eb_mul_fix(q, (const eb_t *)t, k)); + } BENCH_END; + + for (int i = 0; i < RLC_EB_TABLE; i++) { + eb_free(t[i]); + } + +#if EB_FIX == BASIC || !defined(STRIP) + for (int i = 0; i < RLC_EB_TABLE_BASIC; i++) { + eb_new(t[i]); + } + BENCH_RUN("eb_mul_pre_basic") { + eb_rand(p); + BENCH_ADD(eb_mul_pre_basic(t, p)); + } BENCH_END; + + BENCH_RUN("eb_mul_fix_basic") { + bn_rand_mod(k, n); + eb_rand(p); + eb_mul_pre_basic(t, p); + BENCH_ADD(eb_mul_fix_basic(q, (const eb_t *)t, k)); + } BENCH_END; + for (int i = 0; i < RLC_EB_TABLE_BASIC; i++) { + eb_free(t[i]); + } +#endif + +#if EB_FIX == COMBS || !defined(STRIP) + for (int i = 0; i < RLC_EB_TABLE_COMBS; i++) { + eb_new(t[i]); + } + BENCH_RUN("eb_mul_pre_combs") { + eb_rand(p); + BENCH_ADD(eb_mul_pre_combs(t, p)); + } BENCH_END; + + BENCH_RUN("eb_mul_fix_combs") { + bn_rand_mod(k, n); + eb_rand(p); + eb_mul_pre_combs(t, p); + BENCH_ADD(eb_mul_fix_combs(q, (const eb_t *)t, k)); + } BENCH_END; + for (int i = 0; i < RLC_EB_TABLE_COMBS; i++) { + eb_free(t[i]); + } +#endif + +#if EB_FIX == COMBD || !defined(STRIP) + for (int i = 0; i < RLC_EB_TABLE_COMBD; i++) { + eb_new(t[i]); + } + BENCH_RUN("eb_mul_pre_combd") { + eb_rand(p); + BENCH_ADD(eb_mul_pre_combd(t, p)); + } BENCH_END; + + BENCH_RUN("eb_mul_fix_combd") { + bn_rand_mod(k, n); + eb_rand(p); + eb_mul_pre_combd(t, p); + BENCH_ADD(eb_mul_fix_combd(q, (const eb_t *)t, k)); + } BENCH_END; + for (int i = 0; i < RLC_EB_TABLE_COMBD; i++) { + eb_free(t[i]); + } +#endif + +#if EB_FIX == LWNAF || !defined(STRIP) + for (int i = 0; i < RLC_EB_TABLE_LWNAF; i++) { + eb_new(t[i]); + } + BENCH_RUN("eb_mul_pre_lwnaf") { + eb_rand(p); + BENCH_ADD(eb_mul_pre_lwnaf(t, p)); + } BENCH_END; + + BENCH_RUN("eb_mul_fix_lwnaf") { + bn_rand_mod(k, n); + eb_rand(p); + eb_mul_pre_lwnaf(t, p); + BENCH_ADD(eb_mul_fix_lwnaf(q, (const eb_t *)t, k)); + } BENCH_END; + for (int i = 0; i < RLC_EB_TABLE_LWNAF; i++) { + eb_free(t[i]); + } +#endif + + BENCH_RUN("eb_mul_sim") { + bn_rand_mod(k, n); + bn_rand_mod(l, n); + eb_rand(p); + eb_rand(q); + BENCH_ADD(eb_mul_sim(r, p, k, q, l)); + } BENCH_END; + +#if EB_SIM == BASIC || !defined(STRIP) + BENCH_RUN("eb_mul_sim_basic") { + bn_rand_mod(k, n); + bn_rand_mod(l, n); + eb_rand(p); + eb_rand(q); + BENCH_ADD(eb_mul_sim_basic(r, p, k, q, l)); + } BENCH_END; +#endif + +#if EB_SIM == TRICK || !defined(STRIP) + BENCH_RUN("eb_mul_sim_trick") { + bn_rand_mod(k, n); + bn_rand_mod(l, n); + eb_rand(p); + eb_rand(q); + BENCH_ADD(eb_mul_sim_trick(r, p, k, q, l)); + } BENCH_END; +#endif + +#if EB_SIM == INTER || !defined(STRIP) + BENCH_RUN("eb_mul_sim_inter") { + bn_rand_mod(k, n); + bn_rand_mod(l, n); + eb_rand(p); + eb_rand(q); + BENCH_ADD(eb_mul_sim_inter(r, p, k, q, l)); + } BENCH_END; +#endif + +#if EB_SIM == JOINT || !defined(STRIP) + BENCH_RUN("eb_mul_sim_joint") { + bn_rand_mod(k, n); + bn_rand_mod(l, n); + eb_rand(p); + eb_rand(q); + BENCH_ADD(eb_mul_sim_joint(r, p, k, q, l)); + } BENCH_END; +#endif + + BENCH_RUN("eb_mul_sim_gen") { + bn_rand_mod(k, n); + bn_rand_mod(l, n); + eb_rand(q); + BENCH_ADD(eb_mul_sim_gen(r, k, q, l)); + } BENCH_END; + + BENCH_RUN("eb_map") { + uint8_t msg[5]; + rand_bytes(msg, 5); + BENCH_ADD(eb_map(p, msg, 5)); + } BENCH_END; + + BENCH_RUN("eb_pck") { + eb_rand(p); + BENCH_ADD(eb_pck(q, p)); + } BENCH_END; + + BENCH_RUN("eb_upk") { + eb_rand(p); + BENCH_ADD(eb_upk(q, p)); + } BENCH_END; + + eb_free(p); + eb_free(q); + bn_free(k); + bn_free(l); + bn_free(n); +} + +static void bench(void) { + eb_param_print(); + util_banner("Utilities:", 1); + memory(); + util(); + util_banner("Arithmetic:", 1); + arith(); +} + +int main(void) { + int r0 = RLC_ERR, r1 = RLC_ERR; + + if (core_init() != RLC_OK) { + core_clean(); + return 1; + } + + conf_print(); + util_banner("Benchmarks for the EB module:", 0); + +#if defined(EB_PLAIN) + r0 = eb_param_set_any_plain(); + if (r0 == RLC_OK) { + bench(); + } +#endif + +#if defined(EB_KBLTZ) + r1 = eb_param_set_any_kbltz(); + if (r1 == RLC_OK) { + bench(); + } +#endif + + if (r0 == RLC_ERR && r1 == RLC_ERR) { + if (eb_param_set_any() == RLC_ERR) { + RLC_THROW(ERR_NO_CURVE); + } + } + + core_clean(); + return 0; +} diff --git a/depends/relic/bench/bench_ec.c b/depends/relic/bench/bench_ec.c new file mode 100644 index 00000000000000..1926a987a951bc --- /dev/null +++ b/depends/relic/bench/bench_ec.c @@ -0,0 +1,317 @@ +/* + * RELIC is an Efficient LIbrary for Cryptography + * Copyright (c) 2009 RELIC Authors + * + * This file is part of RELIC. RELIC is legal property of its developers, + * whose names are not listed here. Please refer to the COPYRIGHT file + * for contact information. + * + * RELIC is free software; you can redistribute it and/or modify it under the + * terms of the version 2.1 (or later) of the GNU Lesser General Public License + * as published by the Free Software Foundation; or version 2.0 of the Apache + * License as published by the Apache Software Foundation. See the LICENSE files + * for more details. + * + * RELIC is distributed in the hope that it will be useful, but WITHOUT ANY + * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + * A PARTICULAR PURPOSE. See the LICENSE files for more details. + * + * You should have received a copy of the GNU Lesser General Public or the + * Apache License along with RELIC. If not, see + * or . + */ + +/** + * @file + * + * Benchmarks for Elliptic Curve Cryptography. + * + * @ingroup bench + */ + +#include + +#include "relic.h" +#include "relic_bench.h" + +static void memory(void) { + ec_t a[BENCH]; + + BENCH_FEW("ec_null", ec_null(a[i]), 1); + + BENCH_FEW("ec_new", ec_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + ec_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + ec_new(a[i]); + } + BENCH_FEW("ec_free", ec_free(a[i]), 1); + + (void)a; +} + +static void util(void) { + ec_t p, q; + uint8_t bin[2 * RLC_FC_BYTES + 1]; + int l; + + ec_null(p); + ec_null(q); + + ec_new(p); + ec_new(q); + + BENCH_RUN("ec_is_infty") { + ec_rand(p); + BENCH_ADD(ec_is_infty(p)); + } + BENCH_END; + + BENCH_RUN("ec_set_infty") { + ec_rand(p); + BENCH_ADD(ec_set_infty(p)); + } + BENCH_END; + + BENCH_RUN("ec_copy") { + ec_rand(p); + ec_rand(q); + BENCH_ADD(ec_copy(p, q)); + } + BENCH_END; + + BENCH_RUN("ec_cmp") { + ec_rand(p); + ec_dbl(p, p); + ec_rand(q); + ec_dbl(q, q); + BENCH_ADD(ec_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("ec_cmp (1 norm)") { + ec_rand(p); + ec_dbl(p, p); + ec_rand(q); + BENCH_ADD(ec_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("ec_cmp (2 norm)") { + ec_rand(p); + ec_rand(q); + BENCH_ADD(ec_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("ec_rand") { + BENCH_ADD(ec_rand(p)); + } + BENCH_END; + + BENCH_RUN("ec_blind") { + BENCH_ADD(ec_blind(p, p)); + } + BENCH_END; + + BENCH_RUN("ec_on_curve") { + ec_rand(p); + BENCH_ADD(ec_on_curve(p)); + } BENCH_END; + + BENCH_RUN("ec_size_bin (0)") { + ec_rand(p); + BENCH_ADD(ec_size_bin(p, 0)); + } BENCH_END; + + BENCH_RUN("ec_size_bin (1)") { + ec_rand(p); + BENCH_ADD(ec_size_bin(p, 1)); + } BENCH_END; + + BENCH_RUN("ec_write_bin (0)") { + ec_rand(p); + l = ec_size_bin(p, 0); + BENCH_ADD(ec_write_bin(bin, l, p, 0)); + } BENCH_END; + + BENCH_RUN("ec_write_bin (1)") { + ec_rand(p); + l = ec_size_bin(p, 1); + BENCH_ADD(ec_write_bin(bin, l, p, 1)); + } BENCH_END; + + BENCH_RUN("ec_read_bin (0)") { + ec_rand(p); + l = ec_size_bin(p, 0); + ec_write_bin(bin, l, p, 0); + BENCH_ADD(ec_read_bin(p, bin, l)); + } BENCH_END; + + BENCH_RUN("ec_read_bin (1)") { + ec_rand(p); + l = ec_size_bin(p, 1); + ec_write_bin(bin, l, p, 1); + BENCH_ADD(ec_read_bin(p, bin, l)); + } BENCH_END; + + ec_free(p); + ec_free(q); +} + +static void arith(void) { + ec_t p, q, r, t[RLC_EC_TABLE]; + bn_t k, l, n; + + ec_null(p); + ec_null(q); + ec_null(r); + for (int i = 0; i < RLC_EC_TABLE; i++) { + ec_null(t[i]); + } + + ec_new(p); + ec_new(q); + ec_new(r); + bn_new(k); + bn_new(n); + bn_new(l); + + ec_curve_get_ord(n); + + BENCH_RUN("ec_add") { + ec_rand(p); + ec_rand(q); + ec_add(p, p, q); + ec_rand(q); + ec_rand(p); + ec_add(q, q, p); + BENCH_ADD(ec_add(r, p, q)); + } + BENCH_END; + + BENCH_RUN("ec_sub") { + ec_rand(p); + ec_rand(q); + ec_add(p, p, q); + ec_rand(q); + ec_rand(p); + ec_add(q, q, p); + BENCH_ADD(ec_sub(r, p, q)); + } + BENCH_END; + + BENCH_RUN("ec_dbl") { + ec_rand(p); + ec_rand(q); + ec_add(p, p, q); + BENCH_ADD(ec_dbl(r, p)); + } + BENCH_END; + + BENCH_RUN("ec_neg") { + ec_rand(p); + ec_rand(q); + ec_add(p, p, q); + BENCH_ADD(ec_neg(r, p)); + } + BENCH_END; + + BENCH_RUN("ec_mul") { + bn_rand_mod(k, n); + ec_rand(p); + BENCH_ADD(ec_mul(q, p, k)); + } + BENCH_END; + + BENCH_RUN("ec_mul_gen") { + bn_rand_mod(k, n); + BENCH_ADD(ec_mul_gen(q, k)); + } + BENCH_END; + + for (int i = 0; i < RLC_EC_TABLE; i++) { + ec_new(t[i]); + } + + BENCH_RUN("ec_mul_pre") { + BENCH_ADD(ec_mul_pre(t, p)); + } + BENCH_END; + + BENCH_RUN("ec_mul_fix") { + bn_rand_mod(k, n); + ec_mul_pre(t, p); + BENCH_ADD(ec_mul_fix(q, (const ec_t *)t, k)); + } + BENCH_END; + + BENCH_RUN("ec_mul_sim") { + bn_rand_mod(k, n); + bn_rand_mod(l, n); + ec_rand(p); + ec_rand(q); + BENCH_ADD(ec_mul_sim(r, p, k, q, l)); + } + BENCH_END; + + BENCH_RUN("ec_mul_sim_gen") { + bn_rand_mod(k, n); + bn_rand_mod(l, n); + ec_rand(q); + BENCH_ADD(ec_mul_sim_gen(r, k, q, l)); + } + BENCH_END; + + BENCH_RUN("ec_map") { + uint8_t msg[5]; + rand_bytes(msg, 5); + BENCH_ADD(ec_map(p, msg, 5)); + } BENCH_END; + + BENCH_RUN("ec_pck") { + ec_rand(p); + BENCH_ADD(ec_pck(q, p)); + } BENCH_END; + + BENCH_RUN("ec_upk") { + ec_rand(p); + BENCH_ADD(ec_upk(q, p)); + } BENCH_END; + + ec_free(p); + ec_free(q); + bn_free(k); + bn_free(l); + bn_free(n); + for (int i = 0; i < RLC_EC_TABLE; i++) { + ec_free(t[i]); + } +} + +int main(void) { + if (core_init() != RLC_OK) { + core_clean(); + return 1; + } + + conf_print(); + util_banner("Benchmarks for the EC module:", 0); + + if (ec_param_set_any() != RLC_OK) { + RLC_THROW(ERR_NO_CURVE); + core_clean(); + return 0; + } + + ec_param_print(); + + util_banner("Utilities:", 1); + memory(); + util(); + + util_banner("Arithmetic:", 1); + arith(); + + core_clean(); + return 0; +} diff --git a/depends/relic/bench/bench_ed.c b/depends/relic/bench/bench_ed.c new file mode 100644 index 00000000000000..7dfa39424cabb3 --- /dev/null +++ b/depends/relic/bench/bench_ed.c @@ -0,0 +1,679 @@ +/* + * RELIC is an Efficient LIbrary for Cryptography + * Copyright (c) 2014 RELIC Authors + * + * This file is part of RELIC. RELIC is legal property of its developers, + * whose names are not listed here. Please refer to the COPYRIGHT file + * for contact information. + * + * RELIC is free software; you can redistribute it and/or modify it under the + * terms of the version 2.1 (or later) of the GNU Lesser General Public License + * as published by the Free Software Foundation; or version 2.0 of the Apache + * License as published by the Apache Software Foundation. See the LICENSE files + * for more details. + * + * RELIC is distributed in the hope that it will be useful, but WITHOUT ANY + * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + * A PARTICULAR PURPOSE. See the LICENSE files for more details. + * + * You should have received a copy of the GNU Lesser General Public or the + * Apache License along with RELIC. If not, see + * or . + */ + +/** + * @file + * + * Benchmarks for arithmetic on Edwards elliptic curves. + * + * @ingroup bench + */ + +#include + +#include "relic.h" +#include "relic_bench.h" + +static void memory(void) { + ed_t a[BENCH]; + + BENCH_FEW("ed_null", ed_null(a[i]), 1); + + BENCH_FEW("ed_new", ed_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + ed_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + ed_new(a[i]); + } + BENCH_FEW("ed_free", ed_free(a[i]), 1); + + (void)a; +} + +static void util(void) { + ed_t p, q, t[4]; + uint8_t bin[2 * RLC_FP_BYTES + 1]; + int l; + + ed_null(p); + ed_null(q); + for (int j = 0; j < 4; j++) { + ed_null(t[j]); + } + + ed_new(p); + ed_new(q); + for (int j = 0; j < 4; j++) { + ed_new(t[j]); + } + + BENCH_RUN("ed_is_infty") { + ed_rand(p); + BENCH_ADD(ed_is_infty(p)); + } BENCH_END; + + BENCH_RUN("ed_set_infty") { + ed_rand(p); + BENCH_ADD(ed_set_infty(p)); + } BENCH_END; + + BENCH_RUN("ed_copy") { + ed_rand(p); + ed_rand(q); + BENCH_ADD(ed_copy(p, q)); + } BENCH_END; + + BENCH_RUN("ed_cmp") { + ed_rand(p); + ed_dbl(p, p); + ed_rand(q); + ed_dbl(q, q); + BENCH_ADD(ed_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("ed_cmp (1 norm)") { + ed_rand(p); + ed_dbl(p, p); + ed_rand(q); + BENCH_ADD(ed_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("ed_cmp (2 norm)") { + ed_rand(p); + ed_rand(q); + BENCH_ADD(ed_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("ed_rand") { + BENCH_ADD(ed_rand(p)); + } BENCH_END; + + BENCH_RUN("ed_blind") { + BENCH_ADD(ed_blind(p, p)); + } BENCH_END; + + BENCH_RUN("ed_rhs") { + ed_rand(p); + BENCH_ADD(ed_rhs(q->x, p)); + } BENCH_END; + + BENCH_RUN("ed_tab (4)") { + ed_rand(p); + BENCH_ADD(ed_tab(t, p, 4)); + } BENCH_END; + + BENCH_RUN("ed_on_curve") { + ed_rand(p); + BENCH_ADD(ed_on_curve(p)); + } BENCH_END; + + BENCH_RUN("ed_size_bin (0)") { + ed_rand(p); + BENCH_ADD(ed_size_bin(p, 0)); + } BENCH_END; + + BENCH_RUN("ed_size_bin (1)") { + ed_rand(p); + BENCH_ADD(ed_size_bin(p, 1)); + } BENCH_END; + + BENCH_RUN("ed_write_bin (0)") { + ed_rand(p); + l = ed_size_bin(p, 0); + BENCH_ADD(ed_write_bin(bin, l, p, 0)); + } BENCH_END; + + BENCH_RUN("ed_write_bin (1)") { + ed_rand(p); + l = ed_size_bin(p, 1); + BENCH_ADD(ed_write_bin(bin, l, p, 1)); + } BENCH_END; + + BENCH_RUN("ed_read_bin (0)") { + ed_rand(p); + l = ed_size_bin(p, 0); + ed_write_bin(bin, l, p, 0); + BENCH_ADD(ed_read_bin(p, bin, l)); + } BENCH_END; + + BENCH_RUN("ed_read_bin (1)") { + ed_rand(p); + l = ed_size_bin(p, 1); + ed_write_bin(bin, l, p, 1); + BENCH_ADD(ed_read_bin(p, bin, l)); + } BENCH_END; + + ed_free(p); + ed_free(q); + for (int j = 0; j < 4; j++) { + ed_free(t[j]); + } +} + +static void arith(void) { + ed_t p, q, r, t[RLC_ED_TABLE_MAX]; + bn_t k, l, n; + + ed_null(p); + ed_null(q); + ed_null(r); + for (int i = 0; i < RLC_ED_TABLE_MAX; i++) { + ed_null(t[i]); + } + + ed_new(p); + ed_new(q); + ed_new(r); + bn_new(k); + bn_new(n); + bn_new(l); + + ed_curve_get_ord(n); + + BENCH_RUN("ed_add") { + ed_rand(p); + ed_rand(q); + ed_add(p, p, q); + ed_rand(q); + ed_rand(p); + ed_add(q, q, p); + BENCH_ADD(ed_add(r, p, q)); + } BENCH_END; + +#if ED_ADD == BASIC || !defined(STRIP) + BENCH_RUN("ed_add_basic") { + ed_rand(p); + ed_rand(q); + BENCH_ADD(ed_add_basic(r, p, q)); + } BENCH_END; +#endif + +#if ED_ADD == PROJC || !defined(STRIP) + BENCH_RUN("ed_add_projc") { + ed_rand(p); + ed_rand(q); + ed_add_projc(p, p, q); + ed_rand(q); + ed_rand(p); + ed_add_projc(q, q, p); + BENCH_ADD(ed_add_projc(r, p, q)); + } BENCH_END; + + BENCH_RUN("ed_add_projc (z2 = 1)") { + ed_rand(p); + ed_rand(q); + ed_add_projc(p, p, q); + ed_rand(q); + ed_norm(q, q); + BENCH_ADD(ed_add_projc(r, p, q)); + } BENCH_END; + + BENCH_RUN("ed_add_projc (z1,z2 = 1)") { + ed_rand(p); + ed_norm(p, p); + ed_rand(q); + ed_norm(q, q); + BENCH_ADD(ed_add_projc(r, p, q)); + } BENCH_END; +#endif + +#if ED_ADD == EXTND || !defined(STRIP) + BENCH_RUN("ed_add_extnd") { + ed_rand(p); + ed_rand(q); + ed_add_extnd(p, p, q); + ed_rand(q); + ed_rand(p); + ed_add_extnd(q, q, p); + BENCH_ADD(ed_add_extnd(r, p, q)); + } BENCH_END; + + BENCH_RUN("ed_add_extnd (z2 = 1)") { + ed_rand(p); + ed_rand(q); + ed_add_extnd(p, p, q); + ed_rand(q); + ed_norm(q, q); + BENCH_ADD(ed_add_extnd(r, p, q)); + } BENCH_END; + + BENCH_RUN("ed_add_extnd (z1,z2 = 1)") { + ed_rand(p); + ed_norm(p, p); + ed_rand(q); + ed_norm(q, q); + BENCH_ADD(ed_add_extnd(r, p, q)); + } BENCH_END; +#endif + + BENCH_RUN("ed_sub") { + ed_rand(p); + ed_rand(q); + ed_add(p, p, q); + ed_rand(q); + ed_rand(p); + ed_add(q, q, p); + BENCH_ADD(ed_sub(r, p, q)); + } BENCH_END; + +#if ED_ADD == BASIC || !defined(STRIP) + BENCH_RUN("ed_sub_basic") { + ed_rand(p); + ed_rand(q); + BENCH_ADD(ed_sub_basic(r, p, q)); + } BENCH_END; +#endif + +#if ED_ADD == PROJC || !defined(STRIP) + BENCH_RUN("ed_sub_projc") { + ed_rand(p); + ed_rand(q); + ed_add_projc(p, p, q); + ed_rand(q); + ed_rand(p); + ed_add_projc(q, q, p); + BENCH_ADD(ed_sub_projc(r, p, q)); + } BENCH_END; + + BENCH_RUN("ed_sub_projc (z2 = 1)") { + ed_rand(p); + ed_rand(q); + ed_add_projc(p, p, q); + ed_rand(q); + ed_norm(q, q); + BENCH_ADD(ed_sub_projc(r, p, q)); + } BENCH_END; + + BENCH_RUN("ed_sub_projc (z1,z2 = 1)") { + ed_rand(p); + ed_norm(p, p); + ed_rand(q); + ed_norm(q, q); + BENCH_ADD(ed_sub_projc(r, p, q)); + } BENCH_END; +#endif + +#if ED_ADD == EXTND || !defined(STRIP) + BENCH_RUN("ed_sub_extnd") { + ed_rand(p); + ed_rand(q); + ed_add_extnd(p, p, q); + ed_rand(q); + ed_rand(p); + ed_add_extnd(q, q, p); + BENCH_ADD(ed_sub_extnd(r, p, q)); + } BENCH_END; + + BENCH_RUN("ed_sub_projc (z2 = 1)") { + ed_rand(p); + ed_rand(q); + ed_add_extnd(p, p, q); + ed_rand(q); + ed_norm(q, q); + BENCH_ADD(ed_sub_extnd(r, p, q)); + } BENCH_END; + + BENCH_RUN("ed_sub_projc (z1,z2 = 1)") { + ed_rand(p); + ed_norm(p, p); + ed_rand(q); + ed_norm(q, q); + BENCH_ADD(ed_sub_projc(r, p, q)); + } BENCH_END; +#endif + + BENCH_RUN("ed_dbl") { + ed_rand(p); + ed_rand(q); + ed_add(p, p, q); + BENCH_ADD(ed_dbl(r, p)); + } BENCH_END; + +#if ED_ADD == BASIC || !defined(STRIP) + BENCH_RUN("ed_dbl_basic") { + ed_rand(p); + BENCH_ADD(ed_dbl_basic(r, p)); + } BENCH_END; +#endif + +#if ED_ADD == PROJC || !defined(STRIP) + BENCH_RUN("ed_dbl_projc") { + ed_rand(p); + ed_rand(q); + ed_add_projc(p, p, q); + BENCH_ADD(ed_dbl_projc(r, p)); + } BENCH_END; + + BENCH_RUN("ed_dbl_projc (z1 = 1)") { + ed_rand(p); + ed_norm(p, p); + BENCH_ADD(ed_dbl_projc(r, p)); + } BENCH_END; +#endif + +#if ED_ADD == PROJC || !defined(STRIP) + BENCH_RUN("ed_dbl_extnd") { + ed_rand(p); + ed_rand(q); + ed_add_extnd(p, p, q); + BENCH_ADD(ed_dbl_extnd(r, p)); + } BENCH_END; + + BENCH_RUN("ed_dbl_extnd (z1 = 1)") { + ed_rand(p); + ed_norm(p, p); + BENCH_ADD(ed_dbl_extnd(r, p)); + } BENCH_END; +#endif + + BENCH_RUN("ed_neg") { + ed_rand(p); + ed_rand(q); + ed_add(p, p, q); + BENCH_ADD(ed_neg(r, p)); + } BENCH_END; + +#if ED_ADD == BASIC || !defined(STRIP) + BENCH_RUN("ed_neg_basic") { + ed_rand(p); + BENCH_ADD(ed_neg_basic(r, p)); + } BENCH_END; +#endif + +#if ED_ADD == PROJC || !defined(STRIP) + BENCH_RUN("ed_neg_projc") { + ed_rand(p); + ed_rand(q); + ed_add_projc(p, p, q); + BENCH_ADD(ed_neg_projc(r, p)); + } BENCH_END; +#endif + + BENCH_RUN("ed_mul") { + bn_rand_mod(k, n); + ed_rand(p); + BENCH_ADD(ed_mul(q, p, k)); + } BENCH_END; + +#if ED_MUL == BASIC || !defined(STRIP) + BENCH_RUN("ed_mul_basic") { + bn_rand_mod(k, n); + BENCH_ADD(ed_mul_basic(q, p, k)); + } BENCH_END; +#endif + +#if ED_MUL == SLIDE || !defined(STRIP) + BENCH_RUN("ed_mul_slide") { + bn_rand_mod(k, n); + ed_rand(p); + BENCH_ADD(ed_mul_slide(q, p, k)); + } BENCH_END; +#endif + +#if ED_MUL == MONTY || !defined(STRIP) + BENCH_RUN("ed_mul_monty") { + bn_rand_mod(k, n); + ed_rand(p); + BENCH_ADD(ed_mul_monty(q, p, k)); + } BENCH_END; +#endif + +#if ED_MUL == LWNAF || !defined(STRIP) + BENCH_RUN("ed_mul_lwnaf") { + bn_rand_mod(k, n); + ed_rand(p); + BENCH_ADD(ed_mul_lwnaf(q, p, k)); + } BENCH_END; +#endif + +#if ED_MUL == LWREG || !defined(STRIP) + BENCH_RUN("ed_mul_lwreg") { + bn_rand_mod(k, n); + ed_rand(p); + BENCH_ADD(ed_mul_lwreg(q, p, k)); + } BENCH_END; +#endif + + BENCH_RUN("ed_mul_gen") { + bn_rand_mod(k, n); + BENCH_ADD(ed_mul_gen(q, k)); + } BENCH_END; + + BENCH_RUN("ed_mul_dig") { + bn_rand(k, RLC_POS, RLC_DIG); + bn_rand_mod(k, n); + BENCH_ADD(ed_mul_dig(p, q, k->dp[0])); + } + BENCH_END; + + for (int i = 0; i < RLC_ED_TABLE; i++) { + ed_new(t[i]); + } + + BENCH_RUN("ed_mul_pre") { + ed_rand(p); + BENCH_ADD(ed_mul_pre(t, p)); + } BENCH_END; + + BENCH_RUN("ed_mul_fix") { + bn_rand_mod(k, n); + ed_rand(p); + ed_mul_pre(t, p); + BENCH_ADD(ed_mul_fix(q, (const ed_t *)t, k)); + } BENCH_END; + + for (int i = 0; i < RLC_ED_TABLE; i++) { + ed_free(t[i]); + } + +#if ED_FIX == BASIC || !defined(STRIP) + for (int i = 0; i < RLC_ED_TABLE_BASIC; i++) { + ed_new(t[i]); + } + BENCH_RUN("ed_mul_pre_basic") { + ed_rand(p); + BENCH_ADD(ed_mul_pre_basic(t, p)); + } BENCH_END; + + BENCH_RUN("ed_mul_fix_basic") { + bn_rand_mod(k, n); + ed_rand(p); + ed_mul_pre_basic(t, p); + BENCH_ADD(ed_mul_fix_basic(q, (const ed_t *)t, k)); + } BENCH_END; + for (int i = 0; i < RLC_ED_TABLE_BASIC; i++) { + ed_free(t[i]); + } +#endif + +#if ED_FIX == COMBS || !defined(STRIP) + for (int i = 0; i < RLC_ED_TABLE_COMBS; i++) { + ed_new(t[i]); + } + BENCH_RUN("ed_mul_pre_combs") { + ed_rand(p); + BENCH_ADD(ed_mul_pre_combs(t, p)); + } BENCH_END; + + BENCH_RUN("ed_mul_fix_combs") { + bn_rand_mod(k, n); + ed_rand(p); + ed_mul_pre_combs(t, p); + BENCH_ADD(ed_mul_fix_combs(q, (const ed_t *)t, k)); + } BENCH_END; + for (int i = 0; i < RLC_ED_TABLE_COMBS; i++) { + ed_free(t[i]); + } +#endif + +#if ED_FIX == COMBD || !defined(STRIP) + for (int i = 0; i < RLC_ED_TABLE_COMBD; i++) { + ed_new(t[i]); + } + BENCH_RUN("ed_mul_pre_combd") { + BENCH_ADD(ed_mul_pre_combd(t, p)); + } BENCH_END; + + BENCH_RUN("ed_mul_fix_combd") { + bn_rand_mod(k, n); + ed_mul_pre_combd(t, p); + BENCH_ADD(ed_mul_fix_combd(q, (const ed_t *)t, k)); + } BENCH_END; + for (int i = 0; i < RLC_ED_TABLE_COMBD; i++) { + ed_free(t[i]); + } +#endif + +#if ED_FIX == LWNAF || !defined(STRIP) + for (int i = 0; i < RLC_ED_TABLE_LWNAF; i++) { + ed_new(t[i]); + } + BENCH_RUN("ed_mul_pre_lwnaf") { + ed_rand(p); + BENCH_ADD(ed_mul_pre_lwnaf(t, p)); + } BENCH_END; + + BENCH_RUN("ed_mul_fix_lwnaf") { + bn_rand_mod(k, n); + ed_rand(p); + ed_mul_pre_lwnaf(t, p); + BENCH_ADD(ed_mul_fix_lwnaf(q, (const ed_t *)t, k)); + } BENCH_END; + for (int i = 0; i < RLC_ED_TABLE_LWNAF; i++) { + ed_free(t[i]); + } +#endif + BENCH_RUN("ed_mul_sim") { + bn_rand_mod(k, n); + bn_rand_mod(l, n); + ed_rand(p); + ed_rand(q); + BENCH_ADD(ed_mul_sim(r, p, k, q, l)); + } BENCH_END; + +#if ED_SIM == BASIC || !defined(STRIP) + BENCH_RUN("ed_mul_sim_basic") { + bn_rand_mod(k, n); + bn_rand_mod(l, n); + ed_rand(p); + ed_rand(q); + BENCH_ADD(ed_mul_sim_basic(r, p, k, q, l)); + } BENCH_END; +#endif + +#if ED_SIM == TRICK || !defined(STRIP) + BENCH_RUN("ed_mul_sim_trick") { + bn_rand_mod(k, n); + bn_rand_mod(l, n); + ed_rand(p); + ed_rand(q); + BENCH_ADD(ed_mul_sim_trick(r, p, k, q, l)); + } BENCH_END; +#endif + +#if ED_SIM == INTER || !defined(STRIP) + BENCH_RUN("ed_mul_sim_inter") { + bn_rand_mod(k, n); + bn_rand_mod(l, n); + ed_rand(p); + ed_rand(q); + BENCH_ADD(ed_mul_sim_inter(r, p, k, q, l)); + } BENCH_END; +#endif + +#if ED_SIM == JOINT || !defined(STRIP) + BENCH_RUN("ed_mul_sim_joint") { + bn_rand_mod(k, n); + bn_rand_mod(l, n); + ed_rand(p); + ed_rand(q); + BENCH_ADD(ed_mul_sim_joint(r, p, k, q, l)); + } BENCH_END; +#endif + + BENCH_RUN("ed_mul_sim_gen") { + bn_rand_mod(k, n); + bn_rand_mod(l, n); + ed_rand(q); + BENCH_ADD(ed_mul_sim_gen(r, k, q, l)); + } BENCH_END; + + BENCH_RUN("ed_map") { + uint8_t msg[5]; + rand_bytes(msg, 5); + BENCH_ADD(ed_map(p, msg, 5)); + } BENCH_END; + + BENCH_RUN("ed_pck") { + ed_rand(p); + BENCH_ADD(ed_pck(q, p)); + } BENCH_END; + + BENCH_RUN("ed_upk") { + ed_rand(p); + BENCH_ADD(ed_upk(q, p)); + } BENCH_END; + + ed_free(p); + ed_free(q); + ed_free(r); + bn_free(k); + bn_free(l); + bn_free(n); +} + +static void bench(void) { + ed_param_print(); + util_banner("Utilities:", 1); + memory(); + util(); + util_banner("Arithmetic:", 1); + arith(); +} + +int main(void) { + int r0 = RLC_ERR; + + if (core_init() != RLC_OK) { + core_clean(); + return 1; + } + + conf_print(); + util_banner("Benchmarks for the ED module:", 0); + r0 = ed_param_set_any(); + if (r0 == RLC_OK) { + bench(); + } + + if (r0 == RLC_ERR) { + if (ed_param_set_any() == RLC_ERR) { + RLC_THROW(ERR_NO_CURVE); + } + } + + core_clean(); + return 0; +} diff --git a/depends/relic/bench/bench_ep.c b/depends/relic/bench/bench_ep.c new file mode 100644 index 00000000000000..04ccdfc835ff81 --- /dev/null +++ b/depends/relic/bench/bench_ep.c @@ -0,0 +1,651 @@ +/* + * RELIC is an Efficient LIbrary for Cryptography + * Copyright (c) 2009 RELIC Authors + * + * This file is part of RELIC. RELIC is legal property of its developers, + * whose names are not listed here. Please refer to the COPYRIGHT file + * for contact information. + * + * RELIC is free software; you can redistribute it and/or modify it under the + * terms of the version 2.1 (or later) of the GNU Lesser General Public License + * as published by the Free Software Foundation; or version 2.0 of the Apache + * License as published by the Apache Software Foundation. See the LICENSE files + * for more details. + * + * RELIC is distributed in the hope that it will be useful, but WITHOUT ANY + * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + * A PARTICULAR PURPOSE. See the LICENSE files for more details. + * + * You should have received a copy of the GNU Lesser General Public or the + * Apache License along with RELIC. If not, see + * or . + */ + +/** + * @file + * + * Benchmarks for arithmetic on prime elliptic curves. + * + * @ingroup bench + */ + +#include + +#include "relic.h" +#include "relic_bench.h" + +static void memory(void) { + ep_t a[BENCH]; + + BENCH_FEW("ep_null", ep_null(a[i]), 1); + + BENCH_FEW("ep_new", ep_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + ep_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + ep_new(a[i]); + } + BENCH_FEW("ep_free", ep_free(a[i]), 1); + + (void)a; +} + +static void util(void) { + ep_t p, q, t[4]; + uint8_t bin[2 * RLC_FP_BYTES + 1]; + int l; + + ep_null(p); + ep_null(q); + for (int j = 0; j < 4; j++) { + ep_null(t[j]); + } + + ep_new(p); + ep_new(q); + for (int j = 0; j < 4; j++) { + ep_new(t[j]); + } + + BENCH_RUN("ep_is_infty") { + ep_rand(p); + BENCH_ADD(ep_is_infty(p)); + } BENCH_END; + + BENCH_RUN("ep_set_infty") { + ep_rand(p); + BENCH_ADD(ep_set_infty(p)); + } BENCH_END; + + BENCH_RUN("ep_copy") { + ep_rand(p); + ep_rand(q); + BENCH_ADD(ep_copy(p, q)); + } BENCH_END; + + BENCH_RUN("ep_norm") { + ep_rand(p); + ep_dbl(p, p); + BENCH_ADD(ep_norm(p, p)); + } BENCH_END; + + BENCH_RUN("ep_norm_sim (2)") { + ep_rand(t[0]); + ep_rand(t[1]); + ep_dbl(t[0], t[0]); + ep_dbl(t[1], t[1]); + BENCH_ADD(ep_norm_sim(t, t, 2)); + } BENCH_END; + + BENCH_RUN("ep_cmp") { + ep_rand(p); + ep_dbl(p, p); + ep_rand(q); + ep_dbl(q, q); + BENCH_ADD(ep_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("ep_cmp (1 norm)") { + ep_rand(p); + ep_dbl(p, p); + ep_rand(q); + BENCH_ADD(ep_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("ep_cmp (2 norm)") { + ep_rand(p); + ep_rand(q); + BENCH_ADD(ep_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("ep_rand") { + BENCH_ADD(ep_rand(p)); + } BENCH_END; + + BENCH_RUN("ep_blind") { + BENCH_ADD(ep_blind(p, p)); + } BENCH_END; + + BENCH_RUN("ep_rhs") { + ep_rand(p); + BENCH_ADD(ep_rhs(q->x, p)); + } BENCH_END; + + BENCH_RUN("ep_tab (4)") { + ep_rand(p); + BENCH_ADD(ep_tab(t, p, 4)); + } BENCH_END; + + BENCH_RUN("ep_on_curve") { + ep_rand(p); + BENCH_ADD(ep_on_curve(p)); + } BENCH_END; + + BENCH_RUN("ep_size_bin (0)") { + ep_rand(p); + BENCH_ADD(ep_size_bin(p, 0)); + } BENCH_END; + + BENCH_RUN("ep_size_bin (1)") { + ep_rand(p); + BENCH_ADD(ep_size_bin(p, 1)); + } BENCH_END; + + BENCH_RUN("ep_write_bin (0)") { + ep_rand(p); + l = ep_size_bin(p, 0); + BENCH_ADD(ep_write_bin(bin, l, p, 0)); + } BENCH_END; + + BENCH_RUN("ep_write_bin (1)") { + ep_rand(p); + l = ep_size_bin(p, 1); + BENCH_ADD(ep_write_bin(bin, l, p, 1)); + } BENCH_END; + + BENCH_RUN("ep_read_bin (0)") { + ep_rand(p); + l = ep_size_bin(p, 0); + ep_write_bin(bin, l, p, 0); + BENCH_ADD(ep_read_bin(p, bin, l)); + } BENCH_END; + + BENCH_RUN("ep_read_bin (1)") { + ep_rand(p); + l = ep_size_bin(p, 1); + ep_write_bin(bin, l, p, 1); + BENCH_ADD(ep_read_bin(p, bin, l)); + } BENCH_END; + + ep_free(p); + ep_free(q); + for (int j = 0; j < 4; j++) { + ep_free(t[j]); + } +} + +static void arith(void) { + ep_t p, q, r, t[RLC_EP_TABLE_MAX]; + bn_t k, l[2], n; + + ep_null(p); + ep_null(q); + ep_null(r); + for (int i = 0; i < RLC_EP_TABLE_MAX; i++) { + ep_null(t[i]); + } + + ep_new(p); + ep_new(q); + ep_new(r); + bn_new(k); + bn_new(n); + bn_new(l[0]); + bn_new(l[1]); + + ep_curve_get_ord(n); + + BENCH_RUN("ep_add") { + ep_rand(p); + ep_rand(q); + ep_add(p, p, q); + ep_rand(q); + ep_rand(p); + ep_add(q, q, p); + BENCH_ADD(ep_add(r, p, q)); + } BENCH_END; + +#if EP_ADD == BASIC || !defined(STRIP) + BENCH_RUN("ep_add_basic") { + ep_rand(p); + ep_rand(q); + BENCH_ADD(ep_add_basic(r, p, q)); + } BENCH_END; +#endif + +#if EP_ADD == PROJC || !defined(STRIP) + BENCH_RUN("ep_add_projc") { + ep_rand(p); + ep_rand(q); + ep_add_projc(p, p, q); + ep_rand(q); + ep_rand(p); + ep_add_projc(q, q, p); + BENCH_ADD(ep_add_projc(r, p, q)); + } BENCH_END; + + BENCH_RUN("ep_add_projc (z2 = 1)") { + ep_rand(p); + ep_rand(q); + ep_add_projc(p, p, q); + ep_rand(q); + ep_norm(q, q); + BENCH_ADD(ep_add_projc(r, p, q)); + } BENCH_END; + + BENCH_RUN("ep_add_projc (z1,z2 = 1)") { + ep_rand(p); + ep_norm(p, p); + ep_rand(q); + ep_norm(q, q); + BENCH_ADD(ep_add_projc(r, p, q)); + } BENCH_END; +#endif + +#if EP_ADD == JACOB || !defined(STRIP) + BENCH_RUN("ep_add_jacob") { + ep_rand(p); + ep_rand(q); + ep_add_jacob(p, p, q); + ep_rand(q); + ep_rand(p); + ep_add_jacob(q, q, p); + BENCH_ADD(ep_add_jacob(r, p, q)); + } BENCH_END; + + BENCH_RUN("ep_add_jacob (z2 = 1)") { + ep_rand(p); + ep_rand(q); + ep_add_jacob(p, p, q); + ep_rand(q); + ep_norm(q, q); + BENCH_ADD(ep_add_jacob(r, p, q)); + } BENCH_END; + + BENCH_RUN("ep_add_jacob (z1,z2 = 1)") { + ep_rand(p); + ep_norm(p, p); + ep_rand(q); + ep_norm(q, q); + BENCH_ADD(ep_add_jacob(r, p, q)); + } BENCH_END; +#endif + + BENCH_RUN("ep_sub") { + ep_rand(p); + ep_rand(q); + ep_add(p, p, q); + ep_rand(q); + ep_rand(p); + ep_add(q, q, p); + BENCH_ADD(ep_sub(r, p, q)); + } BENCH_END; + + BENCH_RUN("ep_dbl") { + ep_rand(p); + ep_rand(q); + ep_add(p, p, q); + BENCH_ADD(ep_dbl(r, p)); + } BENCH_END; + +#if EP_ADD == BASIC || !defined(STRIP) + BENCH_RUN("ep_dbl_basic") { + ep_rand(p); + BENCH_ADD(ep_dbl_basic(r, p)); + } BENCH_END; +#endif + +#if EP_ADD == PROJC || !defined(STRIP) + BENCH_RUN("ep_dbl_projc") { + ep_rand(p); + ep_rand(q); + ep_add_projc(p, p, q); + BENCH_ADD(ep_dbl_projc(r, p)); + } BENCH_END; + + BENCH_RUN("ep_dbl_projc (z1 = 1)") { + ep_rand(p); + ep_norm(p, p); + BENCH_ADD(ep_dbl_projc(r, p)); + } BENCH_END; +#endif + +#if EP_ADD == JACOB || !defined(STRIP) + BENCH_RUN("ep_dbl_jacob") { + ep_rand(p); + ep_rand(q); + ep_add_jacob(p, p, q); + BENCH_ADD(ep_dbl_jacob(r, p)); + } BENCH_END; + + BENCH_RUN("ep_dbl_jacob (z1 = 1)") { + ep_rand(p); + ep_norm(p, p); + BENCH_ADD(ep_dbl_jacob(r, p)); + } BENCH_END; +#endif + + BENCH_RUN("ep_neg") { + ep_rand(p); + ep_rand(q); + ep_add(p, p, q); + BENCH_ADD(ep_neg(r, p)); + } BENCH_END; + + BENCH_RUN("ep_mul") { + bn_rand_mod(k, n); + ep_rand(p); + BENCH_ADD(ep_mul(q, p, k)); + } BENCH_END; + +#if EP_MUL == BASIC || !defined(STRIP) + BENCH_RUN("ep_mul_basic") { + bn_rand_mod(k, n); + BENCH_ADD(ep_mul_basic(q, p, k)); + } BENCH_END; +#endif + +#if EP_MUL == SLIDE || !defined(STRIP) + BENCH_RUN("ep_mul_slide") { + bn_rand_mod(k, n); + ep_rand(p); + BENCH_ADD(ep_mul_slide(q, p, k)); + } BENCH_END; +#endif + +#if EP_MUL == MONTY || !defined(STRIP) + BENCH_RUN("ep_mul_monty") { + bn_rand_mod(k, n); + ep_rand(p); + BENCH_ADD(ep_mul_monty(q, p, k)); + } BENCH_END; +#endif + +#if EP_MUL == LWNAF || !defined(STRIP) + BENCH_RUN("ep_mul_lwnaf") { + bn_rand_mod(k, n); + ep_rand(p); + BENCH_ADD(ep_mul_lwnaf(q, p, k)); + } BENCH_END; +#endif + +#if EP_MUL == LWREG || !defined(STRIP) + BENCH_RUN("ep_mul_lwreg") { + bn_rand_mod(k, n); + ep_rand(p); + BENCH_ADD(ep_mul_lwreg(q, p, k)); + } BENCH_END; +#endif + + BENCH_RUN("ep_mul_gen") { + bn_rand_mod(k, n); + BENCH_ADD(ep_mul_gen(q, k)); + } BENCH_END; + + BENCH_RUN("ep_mul_dig") { + bn_rand(k, RLC_POS, RLC_DIG); + bn_rand_mod(k, n); + BENCH_ADD(ep_mul_dig(p, q, k->dp[0])); + } + BENCH_END; + + for (int i = 0; i < RLC_EP_TABLE; i++) { + ep_new(t[i]); + } + + BENCH_RUN("ep_mul_pre") { + ep_rand(p); + BENCH_ADD(ep_mul_pre(t, p)); + } BENCH_END; + + BENCH_RUN("ep_mul_fix") { + bn_rand_mod(k, n); + ep_rand(p); + ep_mul_pre(t, p); + BENCH_ADD(ep_mul_fix(q, (const ep_t *)t, k)); + } BENCH_END; + + for (int i = 0; i < RLC_EP_TABLE; i++) { + ep_free(t[i]); + } + +#if EP_FIX == BASIC || !defined(STRIP) + for (int i = 0; i < RLC_EP_TABLE_BASIC; i++) { + ep_new(t[i]); + } + BENCH_RUN("ep_mul_pre_basic") { + ep_rand(p); + BENCH_ADD(ep_mul_pre_basic(t, p)); + } BENCH_END; + + BENCH_RUN("ep_mul_fix_basic") { + bn_rand_mod(k, n); + ep_rand(p); + ep_mul_pre_basic(t, p); + BENCH_ADD(ep_mul_fix_basic(q, (const ep_t *)t, k)); + } BENCH_END; + for (int i = 0; i < RLC_EP_TABLE_BASIC; i++) { + ep_free(t[i]); + } +#endif + +#if EP_FIX == COMBS || !defined(STRIP) + for (int i = 0; i < RLC_EP_TABLE_COMBS; i++) { + ep_new(t[i]); + } + BENCH_RUN("ep_mul_pre_combs") { + ep_rand(p); + BENCH_ADD(ep_mul_pre_combs(t, p)); + } BENCH_END; + + BENCH_RUN("ep_mul_fix_combs") { + bn_rand_mod(k, n); + ep_rand(p); + ep_mul_pre_combs(t, p); + BENCH_ADD(ep_mul_fix_combs(q, (const ep_t *)t, k)); + } BENCH_END; + for (int i = 0; i < RLC_EP_TABLE_COMBS; i++) { + ep_free(t[i]); + } +#endif + +#if EP_FIX == COMBD || !defined(STRIP) + for (int i = 0; i < RLC_EP_TABLE_COMBD; i++) { + ep_new(t[i]); + } + BENCH_RUN("ep_mul_pre_combd") { + BENCH_ADD(ep_mul_pre_combd(t, p)); + } BENCH_END; + + BENCH_RUN("ep_mul_fix_combd") { + bn_rand_mod(k, n); + ep_mul_pre_combd(t, p); + BENCH_ADD(ep_mul_fix_combd(q, (const ep_t *)t, k)); + } BENCH_END; + for (int i = 0; i < RLC_EP_TABLE_COMBD; i++) { + ep_free(t[i]); + } +#endif + +#if EP_FIX == LWNAF || !defined(STRIP) + for (int i = 0; i < RLC_EP_TABLE_LWNAF; i++) { + ep_new(t[i]); + } + BENCH_RUN("ep_mul_pre_lwnaf") { + ep_rand(p); + BENCH_ADD(ep_mul_pre_lwnaf(t, p)); + } BENCH_END; + + BENCH_RUN("ep_mul_fix_lwnaf") { + bn_rand_mod(k, n); + ep_rand(p); + ep_mul_pre_lwnaf(t, p); + BENCH_ADD(ep_mul_fix_lwnaf(q, (const ep_t *)t, k)); + } BENCH_END; + for (int i = 0; i < RLC_EP_TABLE_LWNAF; i++) { + ep_free(t[i]); + } +#endif + BENCH_RUN("ep_mul_sim") { + bn_rand_mod(l[0], n); + bn_rand_mod(l[1], n); + ep_rand(p); + ep_rand(q); + BENCH_ADD(ep_mul_sim(r, p, l[0], q, l[1])); + } BENCH_END; + +#if EP_SIM == BASIC || !defined(STRIP) + BENCH_RUN("ep_mul_sim_basic") { + bn_rand_mod(l[0], n); + bn_rand_mod(l[1], n); + ep_rand(p); + ep_rand(q); + BENCH_ADD(ep_mul_sim_basic(r, p, l[0], q, l[1])); + } BENCH_END; +#endif + +#if EP_SIM == TRICK || !defined(STRIP) + BENCH_RUN("ep_mul_sim_trick") { + bn_rand_mod(l[0], n); + bn_rand_mod(l[1], n); + ep_rand(p); + ep_rand(q); + BENCH_ADD(ep_mul_sim_trick(r, p, l[0], q, l[1])); + } BENCH_END; +#endif + +#if EP_SIM == INTER || !defined(STRIP) + BENCH_RUN("ep_mul_sim_inter") { + bn_rand_mod(l[0], n); + bn_rand_mod(l[1], n); + ep_rand(p); + ep_rand(q); + BENCH_ADD(ep_mul_sim_inter(r, p, l[0], q, l[1])); + } BENCH_END; +#endif + +#if EP_SIM == JOINT || !defined(STRIP) + BENCH_RUN("ep_mul_sim_joint") { + bn_rand_mod(l[0], n); + bn_rand_mod(l[1], n); + ep_rand(p); + ep_rand(q); + BENCH_ADD(ep_mul_sim_joint(r, p, l[0], q, l[1])); + } BENCH_END; +#endif + + BENCH_RUN("ep_mul_sim_gen") { + bn_rand_mod(l[0], n); + bn_rand_mod(l[1], n); + ep_rand(q); + BENCH_ADD(ep_mul_sim_gen(r, l[0], q, l[1])); + } BENCH_END; + + for (int i = 0; i < 2; i++) { + ep_new(t[i]); + } + + BENCH_RUN("ep_mul_sim_lot (2)") { + bn_rand_mod(l[0], n); + bn_rand_mod(l[1], n); + ep_rand(t[0]); + ep_rand(t[1]); + BENCH_ADD(ep_mul_sim_lot(r, t, l, 2)); + } BENCH_END; + + for (int i = 0; i < 2; i++) { + ep_free(t[i]); + } + + BENCH_RUN("ep_map") { + uint8_t msg[5]; + rand_bytes(msg, 5); + BENCH_ADD(ep_map(p, msg, 5)); + } BENCH_END; + + BENCH_RUN("ep_pck") { + ep_rand(p); + BENCH_ADD(ep_pck(q, p)); + } BENCH_END; + + BENCH_RUN("ep_upk") { + ep_rand(p); + BENCH_ADD(ep_upk(q, p)); + } BENCH_END; + + ep_free(p); + ep_free(q); + ep_free(r); + bn_free(k); + bn_free(l[0]); + bn_free(l[1]); + bn_free(n); +} + +static void bench(void) { + ep_param_print(); + util_banner("Utilities:", 1); + memory(); + util(); + util_banner("Arithmetic:", 1); + arith(); +} + +int main(void) { + int r0 = RLC_ERR, r1 = RLC_ERR, r2 = RLC_ERR, r3 = RLC_ERR;; + + if (core_init() != RLC_OK) { + core_clean(); + return 1; + } + + conf_print(); + util_banner("Benchmarks for the EP module:", 0); + +#if defined(EP_PLAIN) + r0 = ep_param_set_any_plain(); + if (r0 == RLC_OK) { + bench(); + } +#endif + +#if defined(EP_ENDOM) + r1 = ep_param_set_any_endom(); + if (r1 == RLC_OK) { + bench(); + } +#endif + + r2 = ep_param_set_any_pairf(); + if (r2 == RLC_OK) { + bench(); + } + +#if defined(EP_SUPER) + r3 = ep_param_set_any_super(); + if (r3 == RLC_OK) { + bench(); + } +#endif + + if (r0 == RLC_ERR && r1 == RLC_ERR && r2 == RLC_ERR && r3 == RLC_ERR) { + if (ep_param_set_any() == RLC_ERR) { + RLC_THROW(ERR_NO_CURVE); + } + } + + core_clean(); + return 0; +} diff --git a/depends/relic/bench/bench_epx.c b/depends/relic/bench/bench_epx.c new file mode 100644 index 00000000000000..487d3dad675c26 --- /dev/null +++ b/depends/relic/bench/bench_epx.c @@ -0,0 +1,1108 @@ +/* + * RELIC is an Efficient LIbrary for Cryptography + * Copyright (c) 2012 RELIC Authors + * + * This file is part of RELIC. RELIC is legal property of its developers, + * whose names are not listed here. Please refer to the COPYRIGHT file + * for contact information. + * + * RELIC is free software; you can redistribute it and/or modify it under the + * terms of the version 2.1 (or later) of the GNU Lesser General Public License + * as published by the Free Software Foundation; or version 2.0 of the Apache + * License as published by the Apache Software Foundation. See the LICENSE files + * for more details. + * + * RELIC is distributed in the hope that it will be useful, but WITHOUT ANY + * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + * A PARTICULAR PURPOSE. See the LICENSE files for more details. + * + * You should have received a copy of the GNU Lesser General Public or the + * Apache License along with RELIC. If not, see + * or . + */ + +/** + * @file + * + * Benchmarks for elliptic curves defined over extensions of prime fields. + * + * @ingroup bench + */ + +#include + +#include "relic.h" +#include "relic_bench.h" + +static void memory2(void) { + ep4_t a[BENCH]; + + BENCH_FEW("ep4_null", ep4_null(a[i]), 1); + + BENCH_FEW("ep4_new", ep4_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + ep4_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + ep4_new(a[i]); + } + BENCH_FEW("ep4_free", ep4_free(a[i]), 1); + + (void)a; +} + +static void util2(void) { + ep2_t p, q, t[2]; + uint8_t bin[4 * RLC_FP_BYTES + 1]; + int l; + + ep2_null(p); + ep2_null(q); + ep2_null(t[0]); + ep2_null(t[1]); + + ep2_new(p); + ep2_new(q); + ep2_new(t[0]); + ep2_new(t[1]); + + BENCH_RUN("ep2_is_infty") { + ep2_rand(p); + BENCH_ADD(ep2_is_infty(p)); + } + BENCH_END; + + BENCH_RUN("ep2_set_infty") { + ep2_rand(p); + BENCH_ADD(ep2_set_infty(p)); + } + BENCH_END; + + BENCH_RUN("ep2_copy") { + ep2_rand(p); + ep2_rand(q); + BENCH_ADD(ep2_copy(p, q)); + } + BENCH_END; + + BENCH_RUN("ep2_cmp") { + ep2_rand(p); + ep2_dbl(p, p); + ep2_rand(q); + ep2_dbl(q, q); + BENCH_ADD(ep2_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("ep2_norm") { + ep2_rand(p); + ep2_dbl(p, p); + BENCH_ADD(ep2_norm(p, p)); + } BENCH_END; + + BENCH_RUN("ep2_norm_sim (2)") { + ep2_rand(t[0]); + ep2_rand(t[1]); + ep2_dbl(t[0], t[0]); + ep2_dbl(t[1], t[1]); + BENCH_ADD(ep2_norm_sim(t, t, 2)); + } BENCH_END; + + BENCH_RUN("ep2_cmp (1 norm)") { + ep2_rand(p); + ep2_dbl(p, p); + ep2_rand(q); + BENCH_ADD(ep2_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("ep2_cmp (2 norm)") { + ep2_rand(p); + ep2_rand(q); + BENCH_ADD(ep2_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("ep2_rand") { + BENCH_ADD(ep2_rand(p)); + } + BENCH_END; + + BENCH_RUN("ep2_blind") { + BENCH_ADD(ep2_blind(p, p)); + } + BENCH_END; + + BENCH_RUN("ep2_on_curve") { + ep2_rand(p); + BENCH_ADD(ep2_on_curve(p)); + } BENCH_END; + + BENCH_RUN("ep2_size_bin (0)") { + ep2_rand(p); + BENCH_ADD(ep2_size_bin(p, 0)); + } BENCH_END; + + BENCH_RUN("ep2_size_bin (1)") { + ep2_rand(p); + BENCH_ADD(ep2_size_bin(p, 1)); + } BENCH_END; + + BENCH_RUN("ep2_write_bin (0)") { + ep2_rand(p); + l = ep2_size_bin(p, 0); + BENCH_ADD(ep2_write_bin(bin, l, p, 0)); + } BENCH_END; + + BENCH_RUN("ep2_write_bin (1)") { + ep2_rand(p); + l = ep2_size_bin(p, 1); + BENCH_ADD(ep2_write_bin(bin, l, p, 1)); + } BENCH_END; + + BENCH_RUN("ep2_read_bin (0)") { + ep2_rand(p); + l = ep2_size_bin(p, 0); + ep2_write_bin(bin, l, p, 0); + BENCH_ADD(ep2_read_bin(p, bin, l)); + } BENCH_END; + + BENCH_RUN("ep2_read_bin (1)") { + ep2_rand(p); + l = ep2_size_bin(p, 1); + ep2_write_bin(bin, l, p, 1); + BENCH_ADD(ep2_read_bin(p, bin, l)); + } BENCH_END; + + ep2_free(p); + ep2_free(q); + ep2_free(t[0]); + ep2_free(t[1]); +} + +static void arith2(void) { + ep2_t p, q, r, t[RLC_EPX_TABLE_MAX]; + bn_t k, n, l[2]; + fp2_t s; + + ep2_null(p); + ep2_null(q); + ep2_null(r); + bn_null(k); + bn_null(n); + fp2_null(s); + for (int i = 0; i < RLC_EPX_TABLE_MAX; i++) { + ep2_null(t[i]); + } + + ep2_new(p); + ep2_new(q); + ep2_new(r); + bn_new(k); + bn_new(n); + bn_new(l[0]); + bn_new(l[1]); + fp2_new(s); + + ep2_curve_get_ord(n); + + BENCH_RUN("ep2_add") { + ep2_rand(p); + ep2_rand(q); + ep2_add(p, p, q); + ep2_rand(q); + ep2_rand(p); + ep2_add(q, q, p); + BENCH_ADD(ep2_add(r, p, q)); + } + BENCH_END; + +#if EP_ADD == BASIC || !defined(STRIP) + BENCH_RUN("ep2_add_basic") { + ep2_rand(p); + ep2_rand(q); + BENCH_ADD(ep2_add_basic(r, p, q)); + } + BENCH_END; + + BENCH_RUN("ep2_add_slp_basic") { + ep2_rand(p); + ep2_rand(q); + BENCH_ADD(ep2_add_slp_basic(r, s, p, q)); + } + BENCH_END; +#endif + +#if EP_ADD == PROJC || !defined(STRIP) + BENCH_RUN("ep2_add_projc") { + ep2_rand(p); + ep2_rand(q); + ep2_add_projc(p, p, q); + ep2_rand(q); + ep2_rand(p); + ep2_add_projc(q, q, p); + BENCH_ADD(ep2_add_projc(r, p, q)); + } + BENCH_END; + + BENCH_RUN("ep2_add_projc (z2 = 1)") { + ep2_rand(p); + ep2_rand(q); + ep2_add_projc(p, p, q); + ep2_rand(q); + ep2_norm(q, q); + BENCH_ADD(ep2_add_projc(r, p, q)); + } + BENCH_END; + + BENCH_RUN("ep2_add_projc (z1,z2 = 1)") { + ep2_rand(p); + ep2_norm(p, p); + ep2_rand(q); + ep2_norm(q, q); + BENCH_ADD(ep2_add_projc(r, p, q)); + } + BENCH_END; +#endif + + BENCH_RUN("ep2_sub") { + ep2_rand(p); + ep2_rand(q); + ep2_add(p, p, q); + ep2_rand(q); + ep2_rand(p); + ep2_add(q, q, p); + BENCH_ADD(ep2_sub(r, p, q)); + } + BENCH_END; + + BENCH_RUN("ep2_dbl") { + ep2_rand(p); + ep2_rand(q); + ep2_add(p, p, q); + BENCH_ADD(ep2_dbl(r, p)); + } + BENCH_END; + +#if EP_ADD == BASIC || !defined(STRIP) + BENCH_RUN("ep2_dbl_basic") { + ep2_rand(p); + BENCH_ADD(ep2_dbl_basic(r, p)); + } + BENCH_END; + + BENCH_RUN("ep2_dbl_slp_basic") { + ep2_rand(p); + BENCH_ADD(ep2_dbl_slp_basic(r, s, p)); + } + BENCH_END; +#endif + +#if EP_ADD == PROJC || !defined(STRIP) + BENCH_RUN("ep2_dbl_projc") { + ep2_rand(p); + ep2_rand(q); + ep2_add_projc(p, p, q); + BENCH_ADD(ep2_dbl_projc(r, p)); + } + BENCH_END; + + BENCH_RUN("ep2_dbl_projc (z1 = 1)") { + ep2_rand(p); + ep2_norm(p, p); + BENCH_ADD(ep2_dbl_projc(r, p)); + } + BENCH_END; +#endif + + BENCH_RUN("ep2_neg") { + ep2_rand(p); + ep2_rand(q); + ep2_add(p, p, q); + BENCH_ADD(ep2_neg(r, p)); + } + BENCH_END; + + BENCH_RUN("ep2_mul") { + bn_rand_mod(k, n); + BENCH_ADD(ep2_mul(q, p, k)); + } BENCH_END; + +#if EP_MUL == BASIC || !defined(STRIP) + BENCH_RUN("ep2_mul_basic") { + bn_rand_mod(k, n); + BENCH_ADD(ep2_mul_basic(q, p, k)); + } BENCH_END; +#endif + +#if EP_MUL == SLIDE || !defined(STRIP) + BENCH_RUN("ep2_mul_slide") { + bn_rand_mod(k, n); + ep2_rand(p); + BENCH_ADD(ep2_mul_slide(q, p, k)); + } BENCH_END; +#endif + +#if EP_MUL == MONTY || !defined(STRIP) + BENCH_RUN("ep2_mul_monty") { + bn_rand_mod(k, n); + ep2_rand(p); + BENCH_ADD(ep2_mul_monty(q, p, k)); + } BENCH_END; +#endif + +#if EP_MUL == LWNAF || !defined(STRIP) + BENCH_RUN("ep2_mul_lwnaf") { + bn_rand_mod(k, n); + ep2_rand(p); + BENCH_ADD(ep2_mul_lwnaf(q, p, k)); + } BENCH_END; +#endif + + BENCH_RUN("ep2_mul_gen") { + bn_rand_mod(k, n); + BENCH_ADD(ep2_mul_gen(q, k)); + } BENCH_END; + + BENCH_RUN("ep2_mul_dig") { + bn_rand(k, RLC_POS, RLC_DIG); + bn_rand_mod(k, n); + BENCH_ADD(ep2_mul_dig(p, q, k->dp[0])); + } + BENCH_END; + + for (int i = 0; i < RLC_EPX_TABLE_MAX; i++) { + ep2_new(t[i]); + } + + BENCH_RUN("ep2_mul_pre") { + ep2_rand(p); + BENCH_ADD(ep2_mul_pre(t, p)); + } BENCH_END; + + BENCH_RUN("ep2_mul_fix") { + bn_rand_mod(k, n); + ep2_rand(p); + ep2_mul_pre(t, p); + BENCH_ADD(ep2_mul_fix(q, t, k)); + } BENCH_END; + + for (int i = 0; i < RLC_EPX_TABLE_MAX; i++) { + ep2_free(t[i]); + } + +#if EP_FIX == BASIC || !defined(STRIP) + for (int i = 0; i < RLC_EPX_TABLE_BASIC; i++) { + ep2_new(t[i]); + } + BENCH_RUN("ep2_mul_pre_basic") { + ep2_rand(p); + BENCH_ADD(ep2_mul_pre_basic(t, p)); + } BENCH_END; + + BENCH_RUN("ep2_mul_fix_basic") { + bn_rand_mod(k, n); + ep2_rand(p); + ep2_mul_pre_basic(t, p); + BENCH_ADD(ep2_mul_fix_basic(q, t, k)); + } BENCH_END; + for (int i = 0; i < RLC_EPX_TABLE_BASIC; i++) { + ep2_free(t[i]); + } +#endif + +#if EP_FIX == COMBS || !defined(STRIP) + for (int i = 0; i < RLC_EPX_TABLE_COMBS; i++) { + ep2_new(t[i]); + } + BENCH_RUN("ep2_mul_pre_combs") { + ep2_rand(p); + BENCH_ADD(ep2_mul_pre_combs(t, p)); + } BENCH_END; + + BENCH_RUN("ep2_mul_fix_combs") { + bn_rand_mod(k, n); + ep2_rand(p); + ep2_mul_pre_combs(t, p); + BENCH_ADD(ep2_mul_fix_combs(q, t, k)); + } BENCH_END; + for (int i = 0; i < RLC_EPX_TABLE_COMBS; i++) { + ep2_free(t[i]); + } +#endif + +#if EP_FIX == COMBD || !defined(STRIP) + for (int i = 0; i < RLC_EPX_TABLE_COMBD; i++) { + ep2_new(t[i]); + } + BENCH_RUN("ep2_mul_pre_combd") { + BENCH_ADD(ep2_mul_pre_combd(t, p)); + } BENCH_END; + + BENCH_RUN("ep2_mul_fix_combd") { + bn_rand_mod(k, n); + ep2_mul_pre_combd(t, p); + BENCH_ADD(ep2_mul_fix_combd(q, t, k)); + } BENCH_END; + for (int i = 0; i < RLC_EPX_TABLE_COMBD; i++) { + ep2_free(t[i]); + } +#endif + +#if EP_FIX == LWNAF || !defined(STRIP) + for (int i = 0; i < RLC_EPX_TABLE_LWNAF; i++) { + ep2_new(t[i]); + } + BENCH_RUN("ep2_mul_pre_lwnaf") { + ep2_rand(p); + BENCH_ADD(ep2_mul_pre_lwnaf(t, p)); + } BENCH_END; + + BENCH_RUN("ep2_mul_fix_lwnaf") { + bn_rand_mod(k, n); + ep2_rand(p); + ep2_mul_pre_lwnaf(t, p); + BENCH_ADD(ep2_mul_fix_lwnaf(q, t, k)); + } BENCH_END; + for (int i = 0; i < RLC_EPX_TABLE_LWNAF; i++) { + ep2_free(t[i]); + } +#endif + + BENCH_RUN("ep2_mul_sim") { + bn_rand_mod(l[0], n); + bn_rand_mod(l[1], n); + ep2_rand(p); + ep2_rand(q); + BENCH_ADD(ep2_mul_sim(r, p, l[0], q, l[1])); + } BENCH_END; + +#if EP_SIM == BASIC || !defined(STRIP) + BENCH_RUN("ep2_mul_sim_basic") { + bn_rand_mod(l[0], n); + bn_rand_mod(l[1], n); + ep2_rand(p); + ep2_rand(q); + BENCH_ADD(ep2_mul_sim_basic(r, p, l[0], q, l[1])); + } BENCH_END; +#endif + +#if EP_SIM == TRICK || !defined(STRIP) + BENCH_RUN("ep2_mul_sim_trick") { + bn_rand_mod(l[0], n); + bn_rand_mod(l[1], n); + ep2_rand(p); + ep2_rand(q); + BENCH_ADD(ep2_mul_sim_trick(r, p, l[0], q, l[1])); + } BENCH_END; +#endif + +#if EP_SIM == INTER || !defined(STRIP) + BENCH_RUN("ep2_mul_sim_inter") { + bn_rand_mod(l[0], n); + bn_rand_mod(l[1], n); + ep2_rand(p); + ep2_rand(q); + BENCH_ADD(ep2_mul_sim_inter(r, p, l[0], q, l[1])); + } BENCH_END; +#endif + +#if EP_SIM == JOINT || !defined(STRIP) + BENCH_RUN("ep2_mul_sim_joint") { + bn_rand_mod(l[0], n); + bn_rand_mod(l[1], n); + ep2_rand(p); + ep2_rand(q); + BENCH_ADD(ep2_mul_sim_joint(r, p, l[0], q, l[1])); + } BENCH_END; +#endif + + BENCH_RUN("ep2_mul_sim_gen") { + bn_rand_mod(l[0], n); + bn_rand_mod(l[1], n); + ep2_rand(q); + BENCH_ADD(ep2_mul_sim_gen(r, l[0], q, l[1])); + } BENCH_END; + + for (int i = 0; i < 2; i++) { + ep2_new(t[i]); + } + + BENCH_RUN("ep2_mul_sim_lot (2)") { + bn_rand_mod(l[0], n); + bn_rand_mod(l[1], n); + ep2_rand(t[0]); + ep2_rand(t[1]); + BENCH_ADD(ep2_mul_sim_lot(r, t, l, 2)); + } BENCH_END; + + for (int i = 0; i < 2; i++) { + ep2_free(t[i]); + } + + BENCH_RUN("ep2_frb") { + ep2_rand(q); + BENCH_ADD(ep2_frb(r, q, 1)); + } BENCH_END; + + BENCH_RUN("ep2_map") { + uint8_t msg[5]; + rand_bytes(msg, 5); + BENCH_ADD(ep2_map(p, msg, 5)); + } BENCH_END; + + BENCH_RUN("ep2_pck") { + ep2_rand(p); + BENCH_ADD(ep2_pck(q, p)); + } BENCH_END; + + BENCH_RUN("ep2_upk") { + ep2_rand(p); + BENCH_ADD(ep2_upk(q, p)); + } BENCH_END; + + ep2_free(p); + ep2_free(q); + ep2_free(r); + bn_free(k); + bn_free(n); + bn_free(l[0]); + bn_free(l[1]); + fp2_free(s); +} + +static void memory4(void) { + ep4_t a[BENCH]; + + BENCH_FEW("ep4_null", ep4_null(a[i]), 1); + + BENCH_FEW("ep4_new", ep4_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + ep4_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + ep4_new(a[i]); + } + BENCH_FEW("ep4_free", ep4_free(a[i]), 1); + + (void)a; +} + +static void util4(void) { + ep4_t p, q, t[2]; + uint8_t bin[8 * RLC_FP_BYTES + 1]; + int l; + + ep4_null(p); + ep4_null(q); + ep4_null(t[0]); + ep4_null(t[1]); + + ep4_new(p); + ep4_new(q); + ep4_new(t[0]); + ep4_new(t[1]); + + BENCH_RUN("ep4_is_infty") { + ep4_rand(p); + BENCH_ADD(ep4_is_infty(p)); + } + BENCH_END; + + BENCH_RUN("ep4_set_infty") { + ep4_rand(p); + BENCH_ADD(ep4_set_infty(p)); + } + BENCH_END; + + BENCH_RUN("ep4_copy") { + ep4_rand(p); + ep4_rand(q); + BENCH_ADD(ep4_copy(p, q)); + } + BENCH_END; + + BENCH_RUN("ep4_cmp") { + ep4_rand(p); + ep4_dbl(p, p); + ep4_rand(q); + ep4_dbl(q, q); + BENCH_ADD(ep4_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("ep4_norm") { + ep4_rand(p); + ep4_dbl(p, p); + BENCH_ADD(ep4_norm(p, p)); + } BENCH_END; + + BENCH_RUN("ep4_norm_sim (2)") { + ep4_rand(t[0]); + ep4_rand(t[1]); + ep4_dbl(t[0], t[0]); + ep4_dbl(t[1], t[1]); + BENCH_ADD(ep4_norm_sim(t, t, 2)); + } BENCH_END; + + BENCH_RUN("ep4_cmp (1 norm)") { + ep4_rand(p); + ep4_dbl(p, p); + ep4_rand(q); + BENCH_ADD(ep4_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("ep4_cmp (2 norm)") { + ep4_rand(p); + ep4_rand(q); + BENCH_ADD(ep4_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("ep4_rand") { + BENCH_ADD(ep4_rand(p)); + } + BENCH_END; + + BENCH_RUN("ep4_blind") { + BENCH_ADD(ep4_blind(p, p)); + } + BENCH_END; + + BENCH_RUN("ep4_on_curve") { + ep4_rand(p); + BENCH_ADD(ep4_on_curve(p)); + } BENCH_END; + + BENCH_RUN("ep4_size_bin") { + ep4_rand(p); + BENCH_ADD(ep4_size_bin(p, 0)); + } BENCH_END; + + BENCH_RUN("ep4_write_bin") { + ep4_rand(p); + l = ep4_size_bin(p, 0); + BENCH_ADD(ep4_write_bin(bin, l, p, 0)); + } BENCH_END; + + BENCH_RUN("ep4_read_bin") { + ep4_rand(p); + l = ep4_size_bin(p, 0); + ep4_write_bin(bin, l, p, 0); + BENCH_ADD(ep4_read_bin(p, bin, l)); + } BENCH_END; + + ep4_free(p); + ep4_free(q); + ep4_free(t[0]); + ep4_free(t[1]); +} + +static void arith4(void) { + ep4_t p, q, r, t[RLC_EPX_TABLE_MAX]; + bn_t k, n, l; + fp4_t s; + + ep4_null(p); + ep4_null(q); + ep4_null(r); + bn_null(k); + bn_null(n); + fp4_null(s); + for (int i = 0; i < RLC_EPX_TABLE_MAX; i++) { + ep4_null(t[i]); + } + + ep4_new(p); + ep4_new(q); + ep4_new(r); + bn_new(k); + bn_new(n); + bn_new(l); + fp4_new(s); + + ep4_curve_get_ord(n); + + BENCH_RUN("ep4_add") { + ep4_rand(p); + ep4_rand(q); + ep4_add(p, p, q); + ep4_rand(q); + ep4_rand(p); + ep4_add(q, q, p); + BENCH_ADD(ep4_add(r, p, q)); + } + BENCH_END; + +#if EP_ADD == BASIC || !defined(STRIP) + BENCH_RUN("ep4_add_basic") { + ep4_rand(p); + ep4_rand(q); + BENCH_ADD(ep4_add_basic(r, p, q)); + } + BENCH_END; + + BENCH_RUN("ep4_add_slp_basic") { + ep4_rand(p); + ep4_rand(q); + BENCH_ADD(ep4_add_slp_basic(r, s, p, q)); + } + BENCH_END; +#endif + +#if EP_ADD == PROJC || !defined(STRIP) + BENCH_RUN("ep4_add_projc") { + ep4_rand(p); + ep4_rand(q); + ep4_add_projc(p, p, q); + ep4_rand(q); + ep4_rand(p); + ep4_add_projc(q, q, p); + BENCH_ADD(ep4_add_projc(r, p, q)); + } + BENCH_END; + + BENCH_RUN("ep4_add_projc (z2 = 1)") { + ep4_rand(p); + ep4_rand(q); + ep4_add_projc(p, p, q); + ep4_rand(q); + ep4_norm(q, q); + BENCH_ADD(ep4_add_projc(r, p, q)); + } + BENCH_END; + + BENCH_RUN("ep4_add_projc (z1,z2 = 1)") { + ep4_rand(p); + ep4_norm(p, p); + ep4_rand(q); + ep4_norm(q, q); + BENCH_ADD(ep4_add_projc(r, p, q)); + } + BENCH_END; +#endif + + BENCH_RUN("ep4_sub") { + ep4_rand(p); + ep4_rand(q); + ep4_add(p, p, q); + ep4_rand(q); + ep4_rand(p); + ep4_add(q, q, p); + BENCH_ADD(ep4_sub(r, p, q)); + } + BENCH_END; + + BENCH_RUN("ep4_dbl") { + ep4_rand(p); + ep4_rand(q); + ep4_add(p, p, q); + BENCH_ADD(ep4_dbl(r, p)); + } + BENCH_END; + +#if EP_ADD == BASIC || !defined(STRIP) + BENCH_RUN("ep4_dbl_basic") { + ep4_rand(p); + BENCH_ADD(ep4_dbl_basic(r, p)); + } + BENCH_END; + + BENCH_RUN("ep4_dbl_slp_basic") { + ep4_rand(p); + BENCH_ADD(ep4_dbl_slp_basic(r, s, p)); + } + BENCH_END; +#endif + +#if EP_ADD == PROJC || !defined(STRIP) + BENCH_RUN("ep4_dbl_projc") { + ep4_rand(p); + ep4_rand(q); + ep4_add_projc(p, p, q); + BENCH_ADD(ep4_dbl_projc(r, p)); + } + BENCH_END; + + BENCH_RUN("ep4_dbl_projc (z1 = 1)") { + ep4_rand(p); + ep4_norm(p, p); + BENCH_ADD(ep4_dbl_projc(r, p)); + } + BENCH_END; +#endif + + BENCH_RUN("ep4_neg") { + ep4_rand(p); + ep4_rand(q); + ep4_add(p, p, q); + BENCH_ADD(ep4_neg(r, p)); + } + BENCH_END; + + BENCH_RUN("ep4_mul") { + bn_rand_mod(k, n); + BENCH_ADD(ep4_mul(q, p, k)); + } BENCH_END; + +#if EP_MUL == BASIC || !defined(STRIP) + BENCH_RUN("ep4_mul_basic") { + bn_rand_mod(k, n); + BENCH_ADD(ep4_mul_basic(q, p, k)); + } BENCH_END; +#endif + +#if EP_MUL == SLIDE || !defined(STRIP) + BENCH_RUN("ep4_mul_slide") { + bn_rand_mod(k, n); + ep4_rand(p); + BENCH_ADD(ep4_mul_slide(q, p, k)); + } BENCH_END; +#endif + +#if EP_MUL == MONTY || !defined(STRIP) + BENCH_RUN("ep4_mul_monty") { + bn_rand_mod(k, n); + ep4_rand(p); + BENCH_ADD(ep4_mul_monty(q, p, k)); + } BENCH_END; +#endif + +#if EP_MUL == LWNAF || !defined(STRIP) + BENCH_RUN("ep4_mul_lwnaf") { + bn_rand_mod(k, n); + ep4_rand(p); + BENCH_ADD(ep4_mul_lwnaf(q, p, k)); + } BENCH_END; +#endif + + BENCH_RUN("ep4_mul_gen") { + bn_rand_mod(k, n); + BENCH_ADD(ep4_mul_gen(q, k)); + } BENCH_END; + + BENCH_RUN("ep4_mul_dig") { + bn_rand(k, RLC_POS, RLC_DIG); + bn_rand_mod(k, n); + BENCH_ADD(ep4_mul_dig(p, q, k->dp[0])); + } + BENCH_END; + + for (int i = 0; i < RLC_EPX_TABLE_MAX; i++) { + ep4_new(t[i]); + } + + BENCH_RUN("ep4_mul_pre") { + ep4_rand(p); + BENCH_ADD(ep4_mul_pre(t, p)); + } BENCH_END; + + BENCH_RUN("ep4_mul_fix") { + bn_rand_mod(k, n); + ep4_rand(p); + ep4_mul_pre(t, p); + BENCH_ADD(ep4_mul_fix(q, t, k)); + } BENCH_END; + + for (int i = 0; i < RLC_EPX_TABLE_MAX; i++) { + ep4_free(t[i]); + } + +#if EP_FIX == BASIC || !defined(STRIP) + for (int i = 0; i < RLC_EPX_TABLE_BASIC; i++) { + ep4_new(t[i]); + } + BENCH_RUN("ep4_mul_pre_basic") { + ep4_rand(p); + BENCH_ADD(ep4_mul_pre_basic(t, p)); + } BENCH_END; + + BENCH_RUN("ep4_mul_fix_basic") { + bn_rand_mod(k, n); + ep4_rand(p); + ep4_mul_pre_basic(t, p); + BENCH_ADD(ep4_mul_fix_basic(q, t, k)); + } BENCH_END; + for (int i = 0; i < RLC_EPX_TABLE_BASIC; i++) { + ep4_free(t[i]); + } +#endif + +#if EP_FIX == COMBS || !defined(STRIP) + for (int i = 0; i < RLC_EPX_TABLE_COMBS; i++) { + ep4_new(t[i]); + } + BENCH_RUN("ep4_mul_pre_combs") { + ep4_rand(p); + BENCH_ADD(ep4_mul_pre_combs(t, p)); + } BENCH_END; + + BENCH_RUN("ep4_mul_fix_combs") { + bn_rand_mod(k, n); + ep4_rand(p); + ep4_mul_pre_combs(t, p); + BENCH_ADD(ep4_mul_fix_combs(q, t, k)); + } BENCH_END; + for (int i = 0; i < RLC_EPX_TABLE_COMBS; i++) { + ep4_free(t[i]); + } +#endif + +#if EP_FIX == COMBD || !defined(STRIP) + for (int i = 0; i < RLC_EPX_TABLE_COMBD; i++) { + ep4_new(t[i]); + } + BENCH_RUN("ep4_mul_pre_combd") { + BENCH_ADD(ep4_mul_pre_combd(t, p)); + } BENCH_END; + + BENCH_RUN("ep4_mul_fix_combd") { + bn_rand_mod(k, n); + ep4_mul_pre_combd(t, p); + BENCH_ADD(ep4_mul_fix_combd(q, t, k)); + } BENCH_END; + for (int i = 0; i < RLC_EPX_TABLE_COMBD; i++) { + ep4_free(t[i]); + } +#endif + +#if EP_FIX == LWNAF || !defined(STRIP) + for (int i = 0; i < RLC_EPX_TABLE_LWNAF; i++) { + ep4_new(t[i]); + } + BENCH_RUN("ep4_mul_pre_lwnaf") { + ep4_rand(p); + BENCH_ADD(ep4_mul_pre_lwnaf(t, p)); + } BENCH_END; + + BENCH_RUN("ep4_mul_fix_lwnaf") { + bn_rand_mod(k, n); + ep4_rand(p); + ep4_mul_pre_lwnaf(t, p); + BENCH_ADD(ep4_mul_fix_lwnaf(q, t, k)); + } BENCH_END; + for (int i = 0; i < RLC_EPX_TABLE_LWNAF; i++) { + ep4_free(t[i]); + } +#endif + + BENCH_RUN("ep4_mul_sim") { + bn_rand_mod(k, n); + bn_rand_mod(l, n); + ep4_rand(p); + ep4_rand(q); + BENCH_ADD(ep4_mul_sim(r, p, k, q, l)); + } BENCH_END; + +#if EP_SIM == BASIC || !defined(STRIP) + BENCH_RUN("ep4_mul_sim_basic") { + bn_rand_mod(k, n); + bn_rand_mod(l, n); + ep4_rand(p); + ep4_rand(q); + BENCH_ADD(ep4_mul_sim_basic(r, p, k, q, l)); + } BENCH_END; +#endif + +#if EP_SIM == TRICK || !defined(STRIP) + BENCH_RUN("ep4_mul_sim_trick") { + bn_rand_mod(k, n); + bn_rand_mod(l, n); + ep4_rand(p); + ep4_rand(q); + BENCH_ADD(ep4_mul_sim_trick(r, p, k, q, l)); + } BENCH_END; +#endif + +#if EP_SIM == INTER || !defined(STRIP) + BENCH_RUN("ep4_mul_sim_inter") { + bn_rand_mod(k, n); + bn_rand_mod(l, n); + ep4_rand(p); + ep4_rand(q); + BENCH_ADD(ep4_mul_sim_inter(r, p, k, q, l)); + } BENCH_END; +#endif + +#if EP_SIM == JOINT || !defined(STRIP) + BENCH_RUN("ep4_mul_sim_joint") { + bn_rand_mod(k, n); + bn_rand_mod(l, n); + ep4_rand(p); + ep4_rand(q); + BENCH_ADD(ep4_mul_sim_joint(r, p, k, q, l)); + } BENCH_END; +#endif + + BENCH_RUN("ep4_mul_sim_gen") { + bn_rand_mod(k, n); + bn_rand_mod(l, n); + ep4_rand(q); + BENCH_ADD(ep4_mul_sim_gen(r, k, q, l)); + } BENCH_END; + + BENCH_RUN("ep4_frb") { + ep4_rand(q); + BENCH_ADD(ep4_frb(r, q, 1)); + } BENCH_END; + + BENCH_RUN("ep4_map") { + uint8_t msg[5]; + rand_bytes(msg, 5); + BENCH_ADD(ep4_map(p, msg, 5)); + } BENCH_END; + + ep4_free(p); + ep4_free(q); + ep4_free(r); + bn_free(k); + bn_free(n); + bn_free(l); + fp4_free(s); +} + +int main(void) { + int r0, r1; + if (core_init() != RLC_OK) { + core_clean(); + return 1; + } + + conf_print(); + + util_banner("Benchmarks for the EPX module:", 0); + + if (ep_param_set_any_pairf() != RLC_OK) { + RLC_THROW(ERR_NO_CURVE); + core_clean(); + return 0; + } + + if ((r0 = ep2_curve_is_twist())) { + ep_param_print(); + + util_banner("Utilities:", 1); + memory2(); + util2(); + + util_banner("Arithmetic:", 1); + arith2(); + } + + if ((r1 = ep4_curve_is_twist())) { + ep_param_print(); + + util_banner("Utilities:", 1); + memory4(); + util4(); + + util_banner("Arithmetic:", 1); + arith4(); + } + + if (!r0 && !r1) { + RLC_THROW(ERR_NO_CURVE); + core_clean(); + return 0; + } + + core_clean(); + return 0; +} diff --git a/depends/relic/bench/bench_err.c b/depends/relic/bench/bench_err.c new file mode 100644 index 00000000000000..bb99e94edefde5 --- /dev/null +++ b/depends/relic/bench/bench_err.c @@ -0,0 +1,76 @@ +/* + * RELIC is an Efficient LIbrary for Cryptography + * Copyright (c) 2009 RELIC Authors + * + * This file is part of RELIC. RELIC is legal property of its developers, + * whose names are not listed here. Please refer to the COPYRIGHT file + * for contact information. + * + * RELIC is free software; you can redistribute it and/or modify it under the + * terms of the version 2.1 (or later) of the GNU Lesser General Public License + * as published by the Free Software Foundation; or version 2.0 of the Apache + * License as published by the Apache Software Foundation. See the LICENSE files + * for more details. + * + * RELIC is distributed in the hope that it will be useful, but WITHOUT ANY + * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + * A PARTICULAR PURPOSE. See the LICENSE files for more details. + * + * You should have received a copy of the GNU Lesser General Public or the + * Apache License along with RELIC. If not, see + * or . + */ + +/** + * @file + * + * Benchmarks for error-management routines. + * + * @ingroup bench + */ + +#include + +#include "relic.h" +#include "relic_bench.h" + +static void dummy2(void) { + +} + +static void dummy(void) { + RLC_TRY { + /* Empty block just to test overhead of error triggering mechanism. */ + } + RLC_CATCH_ANY { + /* Exceptions are thrown here. */ + } + RLC_FINALLY { + /* This is executed after exception handling. */ + } +} + +static void error(void) { + BENCH_RUN("empty function") { + BENCH_ADD(dummy2()); + } + BENCH_END; + + BENCH_RUN("try-catch-finnaly") { + BENCH_ADD(dummy()); + } + BENCH_END; +} + +int main(void) { + if (core_init() != RLC_OK) { + core_clean(); + return 1; + } + + conf_print(); + util_banner("Benchmarks for the ERR module:\n", 0); + error(); + core_clean(); + return 0; +} diff --git a/depends/relic/bench/bench_fb.c b/depends/relic/bench/bench_fb.c new file mode 100644 index 00000000000000..41fbb026ed02d3 --- /dev/null +++ b/depends/relic/bench/bench_fb.c @@ -0,0 +1,569 @@ +/* + * RELIC is an Efficient LIbrary for Cryptography + * Copyright (c) 2009 RELIC Authors + * + * This file is part of RELIC. RELIC is legal property of its developers, + * whose names are not listed here. Please refer to the COPYRIGHT file + * for contact information. + * + * RELIC is free software; you can redistribute it and/or modify it under the + * terms of the version 2.1 (or later) of the GNU Lesser General Public License + * as published by the Free Software Foundation; or version 2.0 of the Apache + * License as published by the Apache Software Foundation. See the LICENSE files + * for more details. + * + * RELIC is distributed in the hope that it will be useful, but WITHOUT ANY + * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + * A PARTICULAR PURPOSE. See the LICENSE files for more details. + * + * You should have received a copy of the GNU Lesser General Public or the + * Apache License along with RELIC. If not, see + * or . + */ + +/** + * @file + * + * Benchmarks for binary field arithmetic. + * + * @ingroup bench + */ + +#include + +#include "relic.h" +#include "relic_bench.h" + +static void memory(void) { + fb_t a[BENCH]; + + BENCH_FEW("fb_null", fb_null(a[i]), 1); + + BENCH_FEW("fb_new", fb_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + fb_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + fb_new(a[i]); + } + BENCH_FEW("fb_free", fb_free(a[i]), 1); + + (void)a; +} + +static void util(void) { + char str[2 * RLC_FB_BYTES + 1]; + uint8_t bin[RLC_FB_BYTES]; + fb_t a, b; + + fb_null(a); + fb_null(b); + + fb_new(a); + fb_new(b); + + BENCH_RUN("fb_copy") { + fb_rand(a); + BENCH_ADD(fb_copy(b, a)); + } + BENCH_END; + + BENCH_RUN("fb_zero") { + fb_rand(a); + BENCH_ADD(fb_zero(a)); + } + BENCH_END; + + BENCH_RUN("fb_is_zero") { + fb_rand(a); + BENCH_ADD(fb_is_zero(a)); + } + BENCH_END; + + BENCH_RUN("fb_get_bit") { + fb_rand(a); + BENCH_ADD(fb_get_bit(a, RLC_DIG / 2)); + } + BENCH_END; + + BENCH_RUN("fb_set_bit") { + fb_rand(a); + BENCH_ADD(fb_set_bit(a, RLC_DIG / 2, 1)); + } + BENCH_END; + + BENCH_RUN("fb_set_dig") { + fb_rand(a); + fb_rand(b); + BENCH_ADD(fb_set_dig(a, b[0])); + } + BENCH_END; + + BENCH_RUN("fb_bits") { + fb_rand(a); + BENCH_ADD(fb_bits(a)); + } + BENCH_END; + + BENCH_RUN("fb_rand") { + BENCH_ADD(fb_rand(a)); + } + BENCH_END; + + BENCH_RUN("fb_size_str (16)") { + fb_rand(a); + BENCH_ADD(fb_size_str(a, 16)); + } + BENCH_END; + + BENCH_RUN("fb_write_str (16)") { + fb_rand(a); + BENCH_ADD(fb_write_str(str, sizeof(str), a, 16)); + } + BENCH_END; + + BENCH_RUN("fb_read_str (16)") { + fb_rand(a); + fb_write_str(str, sizeof(str), a, 16); + BENCH_ADD(fb_read_str(a, str, sizeof(str), 16)); + } + BENCH_END; + + BENCH_RUN("fb_write_bin") { + fb_rand(a); + BENCH_ADD(fb_write_bin(bin, sizeof(bin), a)); + } + BENCH_END; + + BENCH_RUN("fb_read_bin") { + fb_rand(a); + fb_write_bin(bin, sizeof(bin), a); + BENCH_ADD(fb_read_bin(a, bin, sizeof(bin))); + } + BENCH_END; + + BENCH_RUN("fb_cmp_dig") { + fb_rand(a); + BENCH_ADD(fb_cmp_dig(a, (dig_t)0)); + } + BENCH_END; + + BENCH_RUN("fb_cmp") { + fb_rand(a); + fb_rand(b); + BENCH_ADD(fb_cmp(b, a)); + } + BENCH_END; + + fb_free(a); + fb_free(b); +} + +static void arith(void) { + fb_t a, b, c, d[2]; + fb_st t[RLC_FB_TABLE_MAX]; + dv_t e; + bn_t f; + int bits; + + fb_null(a); + fb_null(b); + fb_null(c); + fb_null(d[0]); + fb_null(d[1]); + dv_null(e); + bn_null(f); + + fb_new(a); + fb_new(b); + fb_new(c); + fb_new(d[0]); + fb_new(d[1]); + dv_new(e); + dv_zero(e, 2 * RLC_FB_DIGS); + bn_new(f); + + BENCH_RUN("fb_add") { + fb_rand(a); + fb_rand(b); + BENCH_ADD(fb_add(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fb_add_dig") { + fb_rand(a); + fb_rand(b); + BENCH_ADD(fb_add_dig(c, a, b[0])); + } + BENCH_END; + + BENCH_RUN("fb_poly_add") { + fb_rand(a); + BENCH_ADD(fb_poly_add(c, a)); + } + BENCH_END; + + BENCH_RUN("fb_mul") { + fb_rand(a); + fb_rand(b); + BENCH_ADD(fb_mul(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fb_mul_dig") { + fb_rand(a); + fb_rand(b); + BENCH_ADD(fb_mul_dig(c, a, b[0])); + } + BENCH_END; + +#if FB_MUL == BASIC || !defined(STRIP) + BENCH_RUN("fb_mul_basic") { + fb_rand(a); + fb_rand(b); + BENCH_ADD(fb_mul_basic(c, a, b)); + } + BENCH_END; +#endif + +#if FB_MUL == INTEG || !defined(STRIP) + BENCH_RUN("fb_mul_integ") { + fb_rand(a); + fb_rand(b); + BENCH_ADD(fb_mul_integ(c, a, b)); + } + BENCH_END; +#endif + +#if FB_MUL == LODAH || !defined(STRIP) + BENCH_RUN("fb_mul_lodah") { + fb_rand(a); + fb_rand(b); + BENCH_ADD(fb_mul_lodah(c, a, b)); + } + BENCH_END; +#endif + +#if FB_KARAT > 0 || !defined(STRIP) + BENCH_RUN("fb_mul_karat") { + fb_rand(a); + fb_rand(b); + BENCH_ADD(fb_mul_karat(c, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("fb_sqr") { + fb_rand(a); + BENCH_ADD(fb_sqr(c, a)); + } + BENCH_END; + +#if FB_SQR == BASIC || !defined(STRIP) + BENCH_RUN("fb_sqr_basic") { + fb_rand(a); + BENCH_ADD(fb_sqr_basic(c, a)); + } + BENCH_END; +#endif + +#if FB_SQR == INTEG || !defined(STRIP) + BENCH_RUN("fb_sqr_integ") { + fb_rand(a); + BENCH_ADD(fb_sqr_integ(c, a)); + } + BENCH_END; +#endif + +#if FB_SQR == QUICK || !defined(STRIP) + BENCH_RUN("fb_sqr_quick") { + fb_rand(a); + BENCH_ADD(fb_sqr_quick(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fb_lsh") { + fb_rand(a); + a[RLC_FB_DIGS - 1] = 0; + bits = a[0] & RLC_MASK(RLC_DIG_LOG); + BENCH_ADD(fb_lsh(c, a, bits)); + } + BENCH_END; + + BENCH_RUN("fb_rsh") { + fb_rand(a); + a[RLC_FB_DIGS - 1] = 0; + bits = a[0] & RLC_MASK(RLC_DIG_LOG); + BENCH_ADD(fb_rsh(c, a, bits)); + + } + BENCH_END; + + BENCH_RUN("fb_rdc") { + fb_rand(a); + fb_lsh(e, a, RLC_FB_BITS); + fb_rand(e); + BENCH_ADD(fb_rdc(c, e)); + } + BENCH_END; + +#if FB_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fb_rdc_basic") { + fb_rand(a); + fb_lsh(e, a, RLC_FB_BITS); + fb_rand(e); + BENCH_ADD(fb_rdc_basic(c, e)); + } + BENCH_END; +#endif + +#if FB_RDC == QUICK || !defined(STRIP) + BENCH_RUN("fb_rdc_quick") { + fb_rand(a); + fb_lsh(e, a, RLC_FB_BITS); + fb_rand(e); + BENCH_ADD(fb_rdc_quick(c, e)); + } + BENCH_END; +#endif + + BENCH_RUN("fb_srt") { + fb_rand(a); + fb_sqr(e, a); + BENCH_ADD(fb_srt(c, e)); + } + BENCH_END; + +#if FB_SRT == BASIC || !defined(STRIP) + BENCH_RUN("fb_srt_basic") { + fb_rand(a); + fb_sqr(e, a); + BENCH_ADD(fb_srt_basic(c, e)); + } + BENCH_END; +#endif + +#if FB_SRT == QUICK || !defined(STRIP) + BENCH_RUN("fb_srt_quick") { + fb_rand(a); + fb_sqr(e, a); + BENCH_ADD(fb_srt_quick(c, e)); + } + BENCH_END; +#endif + + BENCH_RUN("fb_trc") { + fb_rand(a); + BENCH_ADD(fb_trc(a)); + } + BENCH_END; + +#if FB_TRC == BASIC || !defined(STRIP) + BENCH_RUN("fb_trc_basic") { + fb_rand(a); + BENCH_ADD(fb_trc_basic(a)); + } + BENCH_END; +#endif + +#if FB_TRC == QUICK || !defined(STRIP) + BENCH_RUN("fb_trc_quick") { + fb_rand(a); + BENCH_ADD(fb_trc_quick(a)); + } + BENCH_END; +#endif + + if (RLC_FB_BITS % 2 != 0) { + BENCH_RUN("fb_slv") { + fb_rand(a); + BENCH_ADD(fb_slv(c, a)); + } + BENCH_END; + +#if FB_SLV == BASIC || !defined(STRIP) + BENCH_RUN("fb_slv_basic") { + fb_rand(a); + BENCH_ADD(fb_slv_basic(c, a)); + } + BENCH_END; +#endif + +#if FB_SLV == QUICK || !defined(STRIP) + BENCH_RUN("fb_slv_quick") { + fb_rand(a); + BENCH_ADD(fb_slv_quick(c, a)); + } + BENCH_END; +#endif + } + + BENCH_RUN("fb_inv") { + fb_rand(a); + BENCH_ADD(fb_inv(c, a)); + } + BENCH_END; + +#if FB_INV == BASIC || !defined(STRIP) + BENCH_RUN("fb_inv_basic") { + fb_rand(a); + BENCH_ADD(fb_inv_basic(c, a)); + } + BENCH_END; +#endif + +#if FB_INV == BINAR || !defined(STRIP) + BENCH_RUN("fb_inv_binar") { + fb_rand(a); + BENCH_ADD(fb_inv_binar(c, a)); + } + BENCH_END; +#endif + +#if FB_INV == ALMOS || !defined(STRIP) + BENCH_RUN("fb_inv_almos") { + fb_rand(a); + BENCH_ADD(fb_inv_almos(c, a)); + } + BENCH_END; +#endif + +#if FB_INV == EXGCD || !defined(STRIP) + BENCH_RUN("fb_inv_exgcd") { + fb_rand(a); + BENCH_ADD(fb_inv_exgcd(c, a)); + } + BENCH_END; +#endif + +#if FB_INV == BRUCH || !defined(STRIP) + BENCH_RUN("fb_inv_bruch") { + fb_rand(a); + BENCH_ADD(fb_inv_bruch(c, a)); + } + BENCH_END; +#endif + +#if FB_INV == ITOHT || !defined(STRIP) + BENCH_RUN("fb_inv_itoht") { + fb_rand(a); + BENCH_ADD(fb_inv_itoht(c, a)); + } + BENCH_END; +#endif + +#if FB_INV == CTAIA || !defined(STRIP) + BENCH_RUN("fb_inv_ctaia") { + fb_rand(a); + BENCH_ADD(fb_inv_ctaia(c, a)); + } + BENCH_END; +#endif + +#if FB_INV == LOWER || !defined(STRIP) + BENCH_RUN("fb_inv_lower") { + fb_rand(a); + BENCH_ADD(fb_inv_lower(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fb_inv_sim (2)") { + fb_rand(d[0]); + fb_rand(d[1]); + BENCH_ADD(fb_inv_sim(d, (const fb_t *)d, 2)); + } + BENCH_END; + + BENCH_RUN("fb_exp") { + fb_rand(a); + bn_rand(f, RLC_POS, RLC_FB_BITS); + BENCH_ADD(fb_exp(c, a, f)); + } + BENCH_END; + +#if FB_EXP == BASIC || !defined(STRIP) + BENCH_RUN("fb_exp_basic") { + fb_rand(a); + bn_rand(f, RLC_POS, RLC_FB_BITS); + BENCH_ADD(fb_exp_basic(c, a, f)); + } + BENCH_END; +#endif + +#if FB_EXP == SLIDE || !defined(STRIP) + BENCH_RUN("fb_exp_slide") { + fb_rand(a); + bn_rand(f, RLC_POS, RLC_FB_BITS); + BENCH_ADD(fb_exp_slide(c, a, f)); + } + BENCH_END; +#endif + +#if FB_EXP == MONTY || !defined(STRIP) + BENCH_RUN("fb_exp_monty") { + fb_rand(a); + bn_rand(f, RLC_POS, RLC_FB_BITS); + BENCH_ADD(fb_exp_monty(c, a, f)); + } + BENCH_END; +#endif + + BENCH_RUN("fb_itr") { + fb_rand(a); + bn_rand(f, RLC_POS, 8); + fb_itr_pre(t, f->dp[0]); + BENCH_ADD(fb_itr(c, a, f->dp[0], t)); + } + BENCH_END; + +#if FB_ITR == BASIC || !defined(STRIP) + BENCH_RUN("fb_itr_basic") { + fb_rand(a); + bn_rand(f, RLC_POS, 8); + BENCH_ADD(fb_itr_basic(c, a, f->dp[0])); + } + BENCH_END; +#endif + +#if FB_ITR == QUICK || !defined(STRIP) + BENCH_RUN("fb_itr_quick") { + fb_rand(a); + bn_rand(f, RLC_POS, 8); + fb_itr_pre_quick(t, f->dp[0]); + BENCH_ADD(fb_itr_quick(c, a, t)); + } + BENCH_END; +#endif + + fb_free(a); + fb_free(b); + fb_free(c); + fb_free(d[0]); + fb_free(d[1]); + dv_free(e); + bn_free(f); +} + +int main(void) { + if (core_init() != RLC_OK) { + core_clean(); + return 1; + } + + conf_print(); + util_banner("Benchmarks for the FB module:", 0); + + fb_param_set_any(); + fb_param_print(); + util_banner("Utilities:\n", 0); + memory(); + util(); + util_banner("Arithmetic:\n", 0); + arith(); + + core_clean(); + return 0; +} diff --git a/depends/relic/bench/bench_fbx.c b/depends/relic/bench/bench_fbx.c new file mode 100644 index 00000000000000..d3c9f59761dafa --- /dev/null +++ b/depends/relic/bench/bench_fbx.c @@ -0,0 +1,165 @@ +/* + * RELIC is an Efficient LIbrary for Cryptography + * Copyright (c) 2012 RELIC Authors + * + * This file is part of RELIC. RELIC is legal property of its developers, + * whose names are not listed here. Please refer to the COPYRIGHT file + * for contact information. + * + * RELIC is free software; you can redistribute it and/or modify it under the + * terms of the version 2.1 (or later) of the GNU Lesser General Public License + * as published by the Free Software Foundation; or version 2.0 of the Apache + * License as published by the Apache Software Foundation. See the LICENSE files + * for more details. + * + * RELIC is distributed in the hope that it will be useful, but WITHOUT ANY + * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + * A PARTICULAR PURPOSE. See the LICENSE files for more details. + * + * You should have received a copy of the GNU Lesser General Public or the + * Apache License along with RELIC. If not, see + * or . + */ + +/** + * @file + * + * Benchmarks for extensions defined over binary fields. + * + * @ingroup bench + */ + +#include + +#include "relic.h" +#include "relic_bench.h" + +static void memory2(void) { + fb2_t a[BENCH]; + + BENCH_FEW("fb2_null", fb2_null(a[i]), 1); + + BENCH_FEW("fb2_new", fb2_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + fb2_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + fb2_new(a[i]); + } + BENCH_FEW("fb2_free", fb2_free(a[i]), 1); + + (void)a; +} + +static void util2(void) { + fb2_t a, b; + + fb2_null(a); + fb2_null(b); + + fb2_new(a); + fb2_new(b); + + BENCH_RUN("fb2_copy") { + fb2_rand(a); + BENCH_ADD(fb2_copy(b, a)); + } + BENCH_END; + + BENCH_RUN("fb2_zero") { + fb2_rand(a); + BENCH_ADD(fb2_zero(a)); + } + BENCH_END; + + BENCH_RUN("fb2_is_zero") { + fb2_rand(a); + BENCH_ADD((void)fb2_is_zero(a)); + } + BENCH_END; + + BENCH_RUN("fb2_rand") { + BENCH_ADD(fb2_rand(a)); + } + BENCH_END; + + BENCH_RUN("fb2_cmp") { + fb2_rand(a); + fb2_rand(b); + BENCH_ADD((void)fb2_cmp(b, a)); + } + BENCH_END; + + fb2_free(a); + fb2_free(b); +} + +static void arith2(void) { + fb2_t a, b, c; + + fb2_new(a); + fb2_new(b); + fb2_new(c); + + BENCH_RUN("fb2_add") { + fb2_rand(a); + fb2_rand(b); + BENCH_ADD(fb2_add(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fb2_mul") { + fb2_rand(a); + fb2_rand(b); + BENCH_ADD(fb2_mul(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fb2_sqr") { + fb2_rand(a); + BENCH_ADD(fb2_sqr(c, a)); + } + BENCH_END; + + BENCH_RUN("fb2_slv") { + fb2_rand(a); + BENCH_ADD(fb2_slv(c, a)); + } + BENCH_END; + + BENCH_RUN("fb2_inv") { + fb2_rand(a); + BENCH_ADD(fb2_inv(c, a)); + } + BENCH_END; + + fb2_free(a); + fb2_free(b); + fb2_free(c); +} + +int main(void) { + if (core_init() != RLC_OK) { + core_clean(); + return 1; + } + + conf_print(); + + util_banner("Benchmarks for the FBX module:", 0); + + fb_param_set_any(); + fb_param_print(); + + util_banner("Quadratic extension:", 0); + util_banner("Utilities:", 1); + memory2(); + util2(); + + util_banner("Arithmetic:", 1); + arith2(); + + core_clean(); + return 0; +} diff --git a/depends/relic/bench/bench_fp.c b/depends/relic/bench/bench_fp.c new file mode 100644 index 00000000000000..c2887f650f7c7a --- /dev/null +++ b/depends/relic/bench/bench_fp.c @@ -0,0 +1,632 @@ +/* + * RELIC is an Efficient LIbrary for Cryptography + * Copyright (c) 2009 RELIC Authors + * + * This file is part of RELIC. RELIC is legal property of its developers, + * whose names are not listed here. Please refer to the COPYRIGHT file + * for contact information. + * + * RELIC is free software; you can redistribute it and/or modify it under the + * terms of the version 2.1 (or later) of the GNU Lesser General Public License + * as published by the Free Software Foundation; or version 2.0 of the Apache + * License as published by the Apache Software Foundation. See the LICENSE files + * for more details. + * + * RELIC is distributed in the hope that it will be useful, but WITHOUT ANY + * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + * A PARTICULAR PURPOSE. See the LICENSE files for more details. + * + * You should have received a copy of the GNU Lesser General Public or the + * Apache License along with RELIC. If not, see + * or . + */ + +/** + * @file + * + * Benchmarks for prime field arithmetic. + * + * @ingroup bench + */ + +#include + +#include "relic.h" +#include "relic_bench.h" + +static void memory(void) { + fp_t a[BENCH]; + + BENCH_FEW("fp_null", fp_null(a[i]), 1); + + BENCH_FEW("fp_new", fp_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + fp_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + fp_new(a[i]); + } + BENCH_FEW("fp_free", fp_free(a[i]), 1); + + (void)a; +} + +static void util(void) { + char str[2 * RLC_FP_BYTES + 1]; + uint8_t bin[RLC_FP_BYTES]; + fp_t a, b; + + fp_null(a); + fp_null(b); + + fp_new(a); + fp_new(b); + + BENCH_RUN("fp_copy") { + fp_rand(a); + BENCH_ADD(fp_copy(b, a)); + } + BENCH_END; + + BENCH_RUN("fp_zero") { + fp_rand(a); + BENCH_ADD(fp_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp_is_zero") { + fp_rand(a); + BENCH_ADD(fp_is_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp_get_bit") { + fp_rand(a); + BENCH_ADD(fp_get_bit(a, RLC_DIG / 2)); + } + BENCH_END; + + BENCH_RUN("fp_set_bit") { + fp_rand(a); + BENCH_ADD(fp_set_bit(a, RLC_DIG / 2, 1)); + } + BENCH_END; + + BENCH_RUN("fp_set_dig (1)") { + fp_rand(a); + BENCH_ADD(fp_set_dig(a, 1)); + } + BENCH_END; + + BENCH_RUN("fp_set_dig") { + fp_rand(a); + BENCH_ADD(fp_set_dig(a, a[0])); + } + BENCH_END; + + BENCH_RUN("fp_bits") { + fp_rand(a); + BENCH_ADD(fp_bits(a)); + } + BENCH_END; + + BENCH_RUN("fp_rand") { + BENCH_ADD(fp_rand(a)); + } + BENCH_END; + + BENCH_RUN("fp_size_str (16)") { + fp_rand(a); + BENCH_ADD(fp_size_str(a, 16)); + } + BENCH_END; + + BENCH_RUN("fp_write_str (16)") { + fp_rand(a); + BENCH_ADD(fp_write_str(str, sizeof(str), a, 16)); + } + BENCH_END; + + BENCH_RUN("fp_read_str (16)") { + fp_rand(a); + fp_write_str(str, sizeof(str), a, 16); + BENCH_ADD(fp_read_str(a, str, sizeof(str), 16)); + } + BENCH_END; + + BENCH_RUN("fp_write_bin") { + fp_rand(a); + BENCH_ADD(fp_write_bin(bin, sizeof(bin), a)); + } + BENCH_END; + + BENCH_RUN("fp_read_bin") { + fp_rand(a); + fp_write_bin(bin, sizeof(bin), a); + BENCH_ADD(fp_read_bin(a, bin, sizeof(bin))); + } + BENCH_END; + + BENCH_RUN("fp_cmp") { + fp_rand(a); + fp_rand(b); + BENCH_ADD(fp_cmp(b, a)); + } + BENCH_END; + + BENCH_RUN("fp_cmp_dig") { + fp_rand(a); + BENCH_ADD(fp_cmp_dig(a, (dig_t)0)); + } + BENCH_END; + + fp_free(a); + fp_free(b); +} + +static void arith(void) { + fp_t a, b, c, f[2]; + dv_t d; + bn_t e; + + fp_null(a); + fp_null(b); + fp_null(c); + dv_null(d); + bn_null(e); + fp_null(f[0]); + fp_null(f[1]); + + fp_new(a); + fp_new(b); + fp_new(c); + dv_new(d); + bn_new(e); + fp_new(f[0]); + fp_new(f[1]); + + dv_zero(d, RLC_DV_DIGS); + + BENCH_RUN("fp_add") { + fp_rand(a); + fp_rand(b); + BENCH_ADD(fp_add(c, a, b)); + } + BENCH_END; + +#if FP_ADD == BASIC || !defined(STRIP) + BENCH_RUN("fp_add_basic") { + fp_rand(a); + fp_rand(b); + BENCH_ADD(fp_add_basic(c, a, b)); + } + BENCH_END; +#endif + +#if FP_ADD == INTEG || !defined(STRIP) + BENCH_RUN("fp_add_integ") { + fp_rand(a); + fp_rand(b); + BENCH_ADD(fp_add_integ(c, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("fp_add_dig (1)") { + fp_rand(a); + fp_rand(b); + BENCH_ADD(fp_add_dig(c, a, 1)); + } + BENCH_END; + + BENCH_RUN("fp_add_dig") { + fp_rand(a); + fp_rand(b); + BENCH_ADD(fp_add_dig(c, a, b[0])); + } + BENCH_END; + + BENCH_RUN("fp_sub") { + fp_rand(a); + fp_rand(b); + BENCH_ADD(fp_sub(c, a, b)); + } + BENCH_END; + +#if FP_ADD == BASIC || !defined(STRIP) + BENCH_RUN("fp_sub_basic") { + fp_rand(a); + fp_rand(b); + BENCH_ADD(fp_sub_basic(c, a, b)); + } + BENCH_END; +#endif + +#if FP_ADD == INTEG || !defined(STRIP) + BENCH_RUN("fp_sub_integ") { + fp_rand(a); + fp_rand(b); + BENCH_ADD(fp_sub_integ(c, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("fp_sub_dig (1)") { + fp_rand(a); + fp_rand(b); + BENCH_ADD(fp_sub_dig(c, a, 1)); + } + BENCH_END; + + BENCH_RUN("fp_sub_dig") { + fp_rand(a); + fp_rand(b); + BENCH_ADD(fp_sub_dig(c, a, b[0])); + } + BENCH_END; + + BENCH_RUN("fp_neg") { + fp_rand(a); + BENCH_ADD(fp_neg(b, a)); + } + BENCH_END; + +#if FP_ADD == BASIC || !defined(STRIP) + BENCH_RUN("fp_neg_basic") { + fp_rand(a); + BENCH_ADD(fp_neg_basic(c, a)); + } + BENCH_END; +#endif + +#if FP_ADD == INTEG || !defined(STRIP) + BENCH_RUN("fp_neg_integ") { + fp_rand(a); + BENCH_ADD(fp_neg_integ(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fp_mul") { + fp_rand(a); + fp_rand(b); + BENCH_ADD(fp_mul(c, a, b)); + } + BENCH_END; + +#if FP_MUL == BASIC || !defined(STRIP) + BENCH_RUN("fp_mul_basic") { + fp_rand(a); + fp_rand(b); + BENCH_ADD(fp_mul_basic(c, a, b)); + } + BENCH_END; +#endif + +#if FP_MUL == INTEG || !defined(STRIP) + BENCH_RUN("fp_mul_integ") { + fp_rand(a); + fp_rand(b); + BENCH_ADD(fp_mul_integ(c, a, b)); + } + BENCH_END; +#endif + +#if FP_MUL == COMBA || !defined(STRIP) + BENCH_RUN("fp_mul_comba") { + fp_rand(a); + fp_rand(b); + BENCH_ADD(fp_mul_comba(c, a, b)); + } + BENCH_END; +#endif + +#if FP_KARAT > 0 || !defined(STRIP) + BENCH_RUN("fp_mul_karat") { + fp_rand(a); + fp_rand(b); + BENCH_ADD(fp_mul_karat(c, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("fp_mul_dig") { + fp_rand(a); + fp_rand(b); + BENCH_ADD(fp_mul_dig(c, a, b[0])); + } + BENCH_END; + + BENCH_RUN("fp_sqr") { + fp_rand(a); + BENCH_ADD(fp_sqr(c, a)); + } + BENCH_END; + +#if FP_SQR == BASIC || !defined(STRIP) + BENCH_RUN("fp_sqr_basic") { + fp_rand(a); + BENCH_ADD(fp_sqr_basic(c, a)); + } + BENCH_END; +#endif + +#if FP_SQR == INTEG || !defined(STRIP) + BENCH_RUN("fp_sqr_integ") { + fp_rand(a); + BENCH_ADD(fp_sqr_integ(c, a)); + } + BENCH_END; +#endif + +#if FP_SQR == COMBA || !defined(STRIP) + BENCH_RUN("fp_sqr_comba") { + fp_rand(a); + BENCH_ADD(fp_sqr_comba(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fp_dbl") { + fp_rand(a); + BENCH_ADD(fp_dbl(c, a)); + } + BENCH_END; + +#if FP_ADD == BASIC || !defined(STRIP) + BENCH_RUN("fp_dbl_basic") { + fp_rand(a); + BENCH_ADD(fp_dbl_basic(c, a)); + } + BENCH_END; +#endif + +#if FP_ADD == INTEG || !defined(STRIP) + BENCH_RUN("fp_dbl_integ") { + fp_rand(a); + BENCH_ADD(fp_dbl_integ(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fp_hlv") { + fp_rand(a); + BENCH_ADD(fp_hlv(c, a)); + } + BENCH_END; + +#if FP_ADD == BASIC || !defined(STRIP) + BENCH_RUN("fp_hlv_basic") { + fp_rand(a); + BENCH_ADD(fp_hlv_basic(c, a)); + } + BENCH_END; +#endif + +#if FP_ADD == INTEG || !defined(STRIP) + BENCH_RUN("fp_hlv_integ") { + fp_rand(a); + BENCH_ADD(fp_hlv_integ(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fp_lsh") { + fp_rand(a); + a[RLC_FP_DIGS - 1] = 0; + BENCH_ADD(fp_lsh(c, a, RLC_DIG / 2)); + } + BENCH_END; + + BENCH_RUN("fp_rsh") { + fp_rand(a); + a[RLC_FP_DIGS - 1] = 0; + BENCH_ADD(fp_rsh(c, a, RLC_FP_BITS / 2)); + } + BENCH_END; + + BENCH_RUN("fp_rdc") { + fp_rand(a); + fp_lsh(d, a, RLC_FP_BITS); + BENCH_ADD(fp_rdc(c, d)); + } + BENCH_END; + +#if FP_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp_rdc_basic") { + fp_rand(a); + fp_lsh(d, a, RLC_FP_BITS); + BENCH_ADD(fp_rdc_basic(c, d)); + } + BENCH_END; +#endif + +#if FP_RDC == MONTY || !defined(STRIP) + BENCH_RUN("fp_rdc_monty") { + fp_rand(a); + fp_lsh(d, a, RLC_FP_BITS); + BENCH_ADD(fp_rdc_monty(c, d)); + } + BENCH_END; + +#if FP_MUL == BASIC || !defined(STRIP) + BENCH_RUN("fp_rdc_monty_basic") { + fp_rand(a); + fp_lsh(d, a, RLC_FP_BITS); + BENCH_ADD(fp_rdc_monty_basic(c, d)); + } + BENCH_END; +#endif + +#if FP_MUL == COMBA || !defined(STRIP) + BENCH_RUN("fp_rdc_monty_comba") { + fp_rand(a); + fp_lsh(d, a, RLC_FP_BITS); + BENCH_ADD(fp_rdc_monty_comba(c, d)); + } + BENCH_END; +#endif +#endif + +#if FP_RDC == QICK || !defined(STRIP) + if (fp_prime_get_sps(NULL) != NULL) { + BENCH_RUN("fp_rdc_quick") { + fp_rand(a); + fp_lsh(d, a, RLC_FP_BITS); + BENCH_ADD(fp_rdc_quick(c, d)); + } + BENCH_END; + } +#endif + + BENCH_RUN("fp_inv") { + fp_rand(a); + BENCH_ADD(fp_inv(c, a)); + } + BENCH_END; + +#if FP_INV == BASIC || !defined(STRIP) + BENCH_RUN("fp_inv_basic") { + fp_rand(a); + BENCH_ADD(fp_inv_basic(c, a)); + } + BENCH_END; +#endif + +#if FP_INV == BINAR || !defined(STRIP) + BENCH_RUN("fp_inv_binar") { + fp_rand(a); + BENCH_ADD(fp_inv_binar(c, a)); + } + BENCH_END; +#endif + +#if FP_INV == MONTY || !defined(STRIP) + BENCH_RUN("fp_inv_monty") { + fp_rand(a); + BENCH_ADD(fp_inv_monty(c, a)); + } + BENCH_END; +#endif + +#if FP_INV == EXGCD || !defined(STRIP) + BENCH_RUN("fp_inv_exgcd") { + fp_rand(a); + BENCH_ADD(fp_inv_exgcd(c, a)); + } + BENCH_END; +#endif + +#if FP_INV == DIVST || !defined(STRIP) + BENCH_RUN("fp_inv_divst") { + fp_rand(a); + BENCH_ADD(fp_inv_divst(c, a)); + } + BENCH_END; +#endif + +#if FP_INV == LOWER || !defined(STRIP) + BENCH_RUN("fp_inv_lower") { + fp_rand(a); + BENCH_ADD(fp_inv_lower(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fp_inv_sim (2)") { + fp_rand(f[0]); + fp_rand(f[1]); + BENCH_ADD(fp_inv_sim(f, (const fp_t *)f, 2)); + } + BENCH_END; + + BENCH_RUN("fp_exp") { + fp_rand(a); + bn_rand(e, RLC_POS, RLC_FP_BITS); + BENCH_ADD(fp_exp(c, a, e)); + } + BENCH_END; + +#if FP_EXP == BASIC || !defined(STRIP) + BENCH_RUN("fp_exp_basic") { + fp_rand(a); + bn_rand(e, RLC_POS, RLC_FP_BITS); + BENCH_ADD(fp_exp_basic(c, a, e)); + } + BENCH_END; +#endif + +#if FP_EXP == SLIDE || !defined(STRIP) + BENCH_RUN("fp_exp_slide") { + fp_rand(a); + bn_rand(e, RLC_POS, RLC_FP_BITS); + BENCH_ADD(fp_exp_slide(c, a, e)); + } + BENCH_END; +#endif + +#if FP_EXP == MONTY || !defined(STRIP) + BENCH_RUN("fp_exp_monty") { + fp_rand(a); + bn_rand(e, RLC_POS, RLC_FP_BITS); + BENCH_ADD(fp_exp_monty(c, a, e)); + } + BENCH_END; +#endif + + BENCH_RUN("fp_srt") { + fp_rand(a); + fp_sqr(a, a); + BENCH_ADD(fp_srt(c, a)); + } + BENCH_END; + + BENCH_RUN("fp_prime_conv") { + bn_rand(e, RLC_POS, RLC_FP_BITS); + BENCH_ADD(fp_prime_conv(a, e)); + } + BENCH_END; + + BENCH_RUN("fp_prime_conv_dig") { + bn_rand(e, RLC_POS, RLC_FP_BITS); + BENCH_ADD(fp_prime_conv_dig(a, e->dp[0])); + } + BENCH_END; + + BENCH_RUN("fp_prime_back") { + fp_rand(c); + BENCH_ADD(fp_prime_back(e, c)); + } + BENCH_END; + + fp_free(a); + fp_free(b); + fp_free(c); + dv_free(d); + bn_free(e); + fp_free(f[0]); + fp_free(f[1]); +} + +int main(void) { + if (core_init() != RLC_OK) { + core_clean(); + return 1; + } + + conf_print(); + util_banner("Benchmarks for the FP module:", 0); + + fp_param_set_any(); + fp_param_print(); + + util_banner("Utilities:\n", 0); + memory(); + util(); + util_banner("Arithmetic:\n", 0); + arith(); + + core_clean(); + return 0; +} diff --git a/depends/relic/bench/bench_fpx.c b/depends/relic/bench/bench_fpx.c new file mode 100644 index 00000000000000..62ee13cc37cb9b --- /dev/null +++ b/depends/relic/bench/bench_fpx.c @@ -0,0 +1,3340 @@ +/* + * RELIC is an Efficient LIbrary for Cryptography + * Copyright (c) 2012 RELIC Authors + * + * This file is part of RELIC. RELIC is legal property of its developers, + * whose names are not listed here. Please refer to the COPYRIGHT file + * for contact information. + * + * RELIC is free software; you can redistribute it and/or modify it under the + * terms of the version 2.1 (or later) of the GNU Lesser General Public License + * as published by the Free Software Foundation; or version 2.0 of the Apache + * License as published by the Apache Software Foundation. See the LICENSE files + * for more details. + * + * RELIC is distributed in the hope that it will be useful, but WITHOUT ANY + * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + * A PARTICULAR PURPOSE. See the LICENSE files for more details. + * + * You should have received a copy of the GNU Lesser General Public or the + * Apache License along with RELIC. If not, see + * or . + */ + +/** + * @file + * + * Benchmarks for extensions of prime fields + * + * @ingroup bench + */ + +#include "relic.h" +#include "relic_bench.h" + +static void memory2(void) { + fp2_t a[BENCH]; + + BENCH_FEW("fp2_null", fp2_null(a[i]), 1); + + BENCH_FEW("fp2_new", fp2_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + fp2_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + fp2_new(a[i]); + } + BENCH_FEW("fp2_free", fp2_free(a[i]), 1); + + (void)a; +} + +static void util2(void) { + uint8_t bin[2 * RLC_FP_BYTES]; + fp2_t a, b; + + fp2_null(a); + fp2_null(b); + + fp2_new(a); + fp2_new(b); + + BENCH_RUN("fp2_copy") { + fp2_rand(a); + BENCH_ADD(fp2_copy(b, a)); + } + BENCH_END; + + BENCH_RUN("fp2_neg") { + fp2_rand(a); + BENCH_ADD(fp2_neg(b, a)); + } + BENCH_END; + + BENCH_RUN("fp2_zero") { + fp2_rand(a); + BENCH_ADD(fp2_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp2_is_zero") { + fp2_rand(a); + BENCH_ADD((void)fp2_is_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp2_set_dig (1)") { + fp2_rand(a); + BENCH_ADD(fp2_set_dig(a, 1)); + } + BENCH_END; + + BENCH_RUN("fp2_set_dig") { + fp2_rand(a); + BENCH_ADD(fp2_set_dig(a, a[0][0])); + } + BENCH_END; + + BENCH_RUN("fp2_rand") { + BENCH_ADD(fp2_rand(a)); + } + BENCH_END; + + BENCH_RUN("fp2_size_bin (0)") { + fp2_rand(a); + BENCH_ADD(fp2_size_bin(a, 0)); + } + BENCH_END; + + BENCH_RUN("fp2_size_bin (1)") { + fp2_rand(a); + fp2_conv_cyc(a, a); + BENCH_ADD(fp2_size_bin(a, 1)); + } + BENCH_END; + + BENCH_RUN("fp2_write_bin (0)") { + fp2_rand(a); + BENCH_ADD(fp2_write_bin(bin, sizeof(bin), a, 0)); + } + BENCH_END; + + BENCH_RUN("fp2_write_bin (1)") { + fp2_rand(a); + fp2_conv_cyc(a, a); + BENCH_ADD(fp2_write_bin(bin, sizeof(bin), a, 1)); + } + BENCH_END; + + BENCH_RUN("fp2_read_bin (0)") { + fp2_rand(a); + fp2_write_bin(bin, sizeof(bin), a, 0); + BENCH_ADD(fp2_read_bin(a, bin, sizeof(bin))); + } + BENCH_END; + + BENCH_RUN("fp2_read_bin") { + fp2_rand(a); + fp2_conv_cyc(a, a); + fp2_write_bin(bin, sizeof(bin), a, 1); + BENCH_ADD(fp2_read_bin(a, bin, sizeof(bin))); + } + BENCH_END; + + BENCH_RUN("fp2_cmp") { + fp2_rand(a); + fp2_rand(b); + BENCH_ADD(fp2_cmp(b, a)); + } + BENCH_END; + + BENCH_RUN("fp2_cmp_dig") { + fp2_rand(a); + BENCH_ADD(fp2_cmp_dig(a, (dig_t)0)); + } + BENCH_END; + + fp2_free(a); + fp2_free(b); +} + +static void arith2(void) { + fp2_t a, b, c, d[2]; + bn_t e; + + fp2_new(a); + fp2_new(b); + fp2_new(c); + fp2_new(d[0]); + fp2_new(d[1]); + bn_new(e); + + BENCH_RUN("fp2_add") { + fp2_rand(a); + fp2_rand(b); + BENCH_ADD(fp2_add(c, a, b)); + } + BENCH_END; + +#if PP_QDR == BASIC || !defined(STRIP) + BENCH_RUN("fp2_add_basic") { + fp2_rand(a); + fp2_rand(b); + BENCH_ADD(fp2_add_basic(c, a, b)); + } + BENCH_END; +#endif + +#if PP_QDR == INTEG || !defined(STRIP) + BENCH_RUN("fp2_add_integ") { + fp2_rand(a); + fp2_rand(b); + BENCH_ADD(fp2_add_integ(c, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("fp2_sub") { + fp2_rand(a); + fp2_rand(b); + BENCH_ADD(fp2_sub(c, a, b)); + } + BENCH_END; + +#if PP_QDR == BASIC || !defined(STRIP) + BENCH_RUN("fp2_sub_basic") { + fp2_rand(a); + fp2_rand(b); + BENCH_ADD(fp2_sub_basic(c, a, b)); + } + BENCH_END; +#endif + +#if PP_QDR == INTEG || !defined(STRIP) + BENCH_RUN("fp2_sub_integ") { + fp2_rand(a); + fp2_rand(b); + BENCH_ADD(fp2_sub_integ(c, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("fp2_dbl") { + fp2_rand(a); + BENCH_ADD(fp2_dbl(c, a)); + } + BENCH_END; + +#if PP_QDR == BASIC || !defined(STRIP) + BENCH_RUN("fp2_dbl_basic") { + fp2_rand(a); + BENCH_ADD(fp2_dbl_basic(c, a)); + } + BENCH_END; +#endif + +#if PP_QDR == INTEG || !defined(STRIP) + BENCH_RUN("fp2_dbl_integ") { + fp2_rand(a); + BENCH_ADD(fp2_dbl_integ(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fp2_mul") { + fp2_rand(a); + fp2_rand(b); + BENCH_ADD(fp2_mul(c, a, b)); + } + BENCH_END; + +#if PP_QDR == BASIC || !defined(STRIP) + BENCH_RUN("fp2_mul_basic") { + fp2_rand(a); + fp2_rand(b); + BENCH_ADD(fp2_mul_basic(c, a, b)); + } + BENCH_END; +#endif + +#if PP_QDR == INTEG || !defined(STRIP) + BENCH_RUN("fp2_mul_integ") { + fp2_rand(a); + fp2_rand(b); + BENCH_ADD(fp2_mul_integ(c, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("fp2_mul_art") { + fp2_rand(a); + BENCH_ADD(fp2_mul_art(c, a)); + } + BENCH_END; + + BENCH_RUN("fp2_mul_nor") { + fp2_rand(a); + BENCH_ADD(fp2_mul_nor(c, a)); + } + BENCH_END; + +#if PP_QDR == BASIC || !defined(STRIP) + BENCH_RUN("fp2_mul_nor_basic") { + fp2_rand(a); + BENCH_ADD(fp2_mul_nor_basic(c, a)); + } + BENCH_END; +#endif + +#if PP_QDR == INTEG || !defined(STRIP) + BENCH_RUN("fp2_mul_nor_integ") { + fp2_rand(a); + BENCH_ADD(fp2_mul_nor_integ(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fp2_sqr") { + fp2_rand(a); + BENCH_ADD(fp2_sqr(c, a)); + } + BENCH_END; + +#if PP_QDR == BASIC || !defined(STRIP) + BENCH_RUN("fp2_sqr_basic") { + fp2_rand(a); + BENCH_ADD(fp2_sqr_basic(c, a)); + } + BENCH_END; +#endif + +#if PP_QDR == INTEG || !defined(STRIP) + BENCH_RUN("fp2_sqr_integ") { + fp2_rand(a); + BENCH_ADD(fp2_sqr_integ(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fp2_test_cyc") { + fp2_rand(a); + fp2_conv_cyc(a, a); + BENCH_ADD(fp2_test_cyc(a)); + } + BENCH_END; + + BENCH_RUN("fp2_conv_cyc") { + fp2_rand(a); + BENCH_ADD(fp2_conv_cyc(c, a)); + } + BENCH_END; + + BENCH_RUN("fp2_inv") { + fp2_rand(a); + BENCH_ADD(fp2_inv(c, a)); + } + BENCH_END; + + BENCH_RUN("fp2_inv_cyc") { + fp2_rand(a); + BENCH_ADD(fp2_inv_cyc(c, a)); + } + BENCH_END; + + BENCH_RUN("fp2_inv_sim (2)") { + fp2_rand(d[0]); + fp2_rand(d[1]); + BENCH_ADD(fp2_inv_sim(d, d, 2)); + } + BENCH_END; + + BENCH_RUN("fp2_exp") { + fp2_rand(a); + e->used = RLC_FP_DIGS; + dv_copy(e->dp, fp_prime_get(), RLC_FP_DIGS); + BENCH_ADD(fp2_exp(c, a, e)); + } + BENCH_END; + + BENCH_RUN("fp2_exp_dig") { + fp2_rand(a); + bn_rand(e, RLC_POS, RLC_DIG); + BENCH_ADD(fp2_exp_dig(c, a, e->dp[0])); + } + BENCH_END; + + BENCH_RUN("fp2_exp_cyc") { + fp2_rand(a); + e->used = RLC_FP_DIGS; + dv_copy(e->dp, fp_prime_get(), RLC_FP_DIGS); + BENCH_ADD(fp2_exp_cyc(c, a, e)); + } + BENCH_END; + + BENCH_RUN("fp2_frb") { + fp2_rand(a); + BENCH_ADD(fp2_frb(c, a, 1)); + } + BENCH_END; + + BENCH_RUN("fp2_mul_frb") { + fp2_rand(a); + BENCH_ADD(fp2_mul_frb(c, a, 1, 0)); + } + BENCH_END; + + BENCH_RUN("fp2_srt") { + fp2_rand(a); + fp2_sqr(a, a); + BENCH_ADD(fp2_srt(c, a)); + } + BENCH_END; + + BENCH_RUN("fp2_pck") { + fp2_rand(a); + fp2_conv_cyc(a, a); + BENCH_ADD(fp2_pck(c, a)); + } + BENCH_END; + + BENCH_RUN("fp2_upk") { + fp2_rand(a); + fp2_conv_cyc(a, a); + fp2_pck(a, a); + BENCH_ADD(fp2_upk(c, a)); + } + BENCH_END; + + fp2_free(a); + fp2_free(b); + fp2_free(c); + fp2_free(d[0]); + fp2_free(d[1]); + bn_free(e); +} + +static void memory3(void) { + fp3_t a[BENCH]; + + BENCH_FEW("fp3_null", fp3_null(a[i]), 1); + + BENCH_FEW("fp3_new", fp3_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + fp3_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + fp3_new(a[i]); + } + BENCH_FEW("fp3_free", fp3_free(a[i]), 1); + + (void)a; +} + +static void util3(void) { + uint8_t bin[3 * RLC_FP_BYTES]; + fp3_t a, b; + + fp3_null(a); + fp3_null(b); + + fp3_new(a); + fp3_new(b); + + BENCH_RUN("fp3_copy") { + fp3_rand(a); + BENCH_ADD(fp3_copy(b, a)); + } + BENCH_END; + + BENCH_RUN("fp3_neg") { + fp3_rand(a); + BENCH_ADD(fp3_neg(b, a)); + } + BENCH_END; + + BENCH_RUN("fp3_zero") { + fp3_rand(a); + BENCH_ADD(fp3_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp3_is_zero") { + fp3_rand(a); + BENCH_ADD((void)fp3_is_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp3_set_dig (1)") { + fp3_rand(a); + BENCH_ADD(fp3_set_dig(a, 1)); + } + BENCH_END; + + BENCH_RUN("fp3_set_dig") { + fp3_rand(a); + BENCH_ADD(fp3_set_dig(a, a[0][0])); + } + BENCH_END; + + BENCH_RUN("fp3_rand") { + BENCH_ADD(fp3_rand(a)); + } + BENCH_END; + + BENCH_RUN("fp3_size_bin") { + fp3_rand(a); + BENCH_ADD(fp3_size_bin(a)); + } + BENCH_END; + + BENCH_RUN("fp3_write_bin") { + fp3_rand(a); + BENCH_ADD(fp3_write_bin(bin, sizeof(bin), a)); + } + BENCH_END; + + BENCH_RUN("fp3_read_bin") { + fp3_rand(a); + fp3_write_bin(bin, sizeof(bin), a); + BENCH_ADD(fp3_read_bin(a, bin, sizeof(bin))); + } + BENCH_END; + + BENCH_RUN("fp3_cmp") { + fp3_rand(a); + fp3_rand(b); + BENCH_ADD(fp3_cmp(b, a)); + } + BENCH_END; + + BENCH_RUN("fp3_cmp_dig") { + fp3_rand(a); + BENCH_ADD(fp3_cmp_dig(a, (dig_t)0)); + } + BENCH_END; + + fp3_free(a); + fp3_free(b); +} + +static void arith3(void) { + fp3_t a, b, c, d[2]; + bn_t e; + + fp3_new(a); + fp3_new(b); + fp3_new(c); + fp3_new(d[0]); + fp3_new(d[1]); + bn_new(e); + + BENCH_RUN("fp3_add") { + fp3_rand(a); + fp3_rand(b); + BENCH_ADD(fp3_add(c, a, b)); + } + BENCH_END; + +#if PP_CBC == BASIC || !defined(STRIP) + BENCH_RUN("fp3_add_basic") { + fp3_rand(a); + fp3_rand(b); + BENCH_ADD(fp3_add_basic(c, a, b)); + } + BENCH_END; +#endif + +#if PP_CBC == INTEG || !defined(STRIP) + BENCH_RUN("fp3_add_integ") { + fp3_rand(a); + fp3_rand(b); + BENCH_ADD(fp3_add_integ(c, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("fp3_sub") { + fp3_rand(a); + fp3_rand(b); + BENCH_ADD(fp3_sub(c, a, b)); + } + BENCH_END; + +#if PP_CBC == BASIC || !defined(STRIP) + BENCH_RUN("fp3_sub_basic") { + fp3_rand(a); + fp3_rand(b); + BENCH_ADD(fp3_sub_basic(c, a, b)); + } + BENCH_END; +#endif + +#if PP_CBC == INTEG || !defined(STRIP) + BENCH_RUN("fp3_sub_integ") { + fp3_rand(a); + fp3_rand(b); + BENCH_ADD(fp3_sub_integ(c, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("fp3_dbl") { + fp3_rand(a); + BENCH_ADD(fp3_dbl(c, a)); + } + BENCH_END; + +#if PP_CBC == BASIC || !defined(STRIP) + BENCH_RUN("fp3_dbl_basic") { + fp3_rand(a); + BENCH_ADD(fp3_dbl_basic(c, a)); + } + BENCH_END; +#endif + +#if PP_CBC == INTEG || !defined(STRIP) + BENCH_RUN("fp3_dbl_integ") { + fp3_rand(a); + BENCH_ADD(fp3_dbl_integ(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fp3_mul") { + fp3_rand(a); + fp3_rand(b); + BENCH_ADD(fp3_mul(c, a, b)); + } + BENCH_END; + +#if PP_CBC == BASIC || !defined(STRIP) + BENCH_RUN("fp3_mul_basic") { + fp3_rand(a); + fp3_rand(b); + BENCH_ADD(fp3_mul_basic(c, a, b)); + } + BENCH_END; +#endif + +#if PP_CBC == INTEG || !defined(STRIP) + BENCH_RUN("fp3_mul_integ") { + fp3_rand(a); + fp3_rand(b); + BENCH_ADD(fp3_mul_integ(c, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("fp3_mul_nor") { + fp3_rand(a); + BENCH_ADD(fp3_mul_nor(c, a)); + } + BENCH_END; + + BENCH_RUN("fp3_sqr") { + fp3_rand(a); + BENCH_ADD(fp3_sqr(c, a)); + } + BENCH_END; + +#if PP_CBC == BASIC || !defined(STRIP) + BENCH_RUN("fp3_sqr_basic") { + fp3_rand(a); + BENCH_ADD(fp3_sqr_basic(c, a)); + } + BENCH_END; +#endif + +#if PP_CBC == INTEG || !defined(STRIP) + BENCH_RUN("fp3_sqr_integ") { + fp3_rand(a); + BENCH_ADD(fp3_sqr_integ(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fp3_inv") { + fp3_rand(a); + BENCH_ADD(fp3_inv(c, a)); + } + BENCH_END; + + BENCH_RUN("fp3_inv_sim (2)") { + fp3_rand(d[0]); + fp3_rand(d[1]); + BENCH_ADD(fp3_inv_sim(d, d, 2)); + } + BENCH_END; + + BENCH_RUN("fp3_exp") { + fp3_rand(a); + e->used = RLC_FP_DIGS; + dv_copy(e->dp, fp_prime_get(), RLC_FP_DIGS); + BENCH_ADD(fp3_exp(c, a, e)); + } + BENCH_END; + + BENCH_RUN("fp3_frb") { + fp3_rand(a); + BENCH_ADD(fp3_frb(c, a, 1)); + } + BENCH_END; + + BENCH_RUN("fp3_mul_frb (0,1)") { + fp3_rand(a); + BENCH_ADD(fp3_mul_frb(c, a, 0, 1)); + } + BENCH_END; + + BENCH_RUN("fp3_mul_frb (1,1)") { + fp3_rand(a); + BENCH_ADD(fp3_mul_frb(c, a, 1, 1)); + } + BENCH_END; + + fp3_free(a); + fp3_free(b); + fp3_free(c); + fp3_free(d[0]); + fp3_free(d[1]); + bn_free(e); +} + +static void memory4(void) { + fp4_t a[BENCH]; + + BENCH_FEW("fp4_null", fp4_null(a[i]), 1); + + BENCH_FEW("fp4_new", fp4_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + fp4_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + fp4_new(a[i]); + } + BENCH_FEW("fp4_free", fp4_free(a[i]), 1); + + (void)a; +} + +static void util4(void) { + uint8_t bin[4 * RLC_FP_BYTES]; + fp4_t a, b; + + fp4_null(a); + fp4_null(b); + + fp4_new(a); + fp4_new(b); + + BENCH_RUN("fp4_copy") { + fp4_rand(a); + BENCH_ADD(fp4_copy(b, a)); + } + BENCH_END; + + BENCH_RUN("fp4_neg") { + fp4_rand(a); + BENCH_ADD(fp4_neg(b, a)); + } + BENCH_END; + + BENCH_RUN("fp4_zero") { + fp4_rand(a); + BENCH_ADD(fp4_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp4_is_zero") { + fp4_rand(a); + BENCH_ADD((void)fp4_is_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp4_set_dig (1)") { + fp4_rand(a); + BENCH_ADD(fp4_set_dig(a, 1)); + } + BENCH_END; + + BENCH_RUN("fp4_set_dig") { + fp4_rand(a); + BENCH_ADD(fp4_set_dig(a, a[0][0][0])); + } + BENCH_END; + + BENCH_RUN("fp4_rand") { + BENCH_ADD(fp4_rand(a)); + } + BENCH_END; + + BENCH_RUN("fp4_size_bin") { + fp4_rand(a); + BENCH_ADD(fp4_size_bin(a)); + } + BENCH_END; + + BENCH_RUN("fp4_write_bin") { + fp4_rand(a); + BENCH_ADD(fp4_write_bin(bin, sizeof(bin), a)); + } + BENCH_END; + + BENCH_RUN("fp4_read_bin") { + fp4_rand(a); + fp4_write_bin(bin, sizeof(bin), a); + BENCH_ADD(fp4_read_bin(a, bin, sizeof(bin))); + } + BENCH_END; + + BENCH_RUN("fp4_cmp") { + fp4_rand(a); + fp4_rand(b); + BENCH_ADD(fp4_cmp(b, a)); + } + BENCH_END; + + BENCH_RUN("fp4_cmp_dig") { + fp4_rand(a); + BENCH_ADD(fp4_cmp_dig(a, (dig_t)0)); + } + BENCH_END; + + fp4_free(a); + fp4_free(b); +} + +static void arith4(void) { + fp4_t a, b, c; + bn_t d; + + fp4_new(a); + fp4_new(b); + fp4_new(c); + bn_new(d); + + BENCH_RUN("fp4_add") { + fp4_rand(a); + fp4_rand(b); + BENCH_ADD(fp4_add(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fp4_sub") { + fp4_rand(a); + fp4_rand(b); + BENCH_ADD(fp4_sub(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fp4_dbl") { + fp4_rand(a); + BENCH_ADD(fp4_dbl(c, a)); + } + BENCH_END; + + BENCH_RUN("fp4_mul") { + fp4_rand(a); + fp4_rand(b); + BENCH_ADD(fp4_mul(c, a, b)); + } + BENCH_END; + +#if FPX_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp4_mul_basic") { + fp4_rand(a); + fp4_rand(b); + BENCH_ADD(fp4_mul_basic(c, a, b)); + } + BENCH_END; +#endif + +#if FPX_RDC == LAZYR || !defined(STRIP) + BENCH_RUN("fp4_mul_lazyr") { + fp4_rand(a); + fp4_rand(b); + BENCH_ADD(fp4_mul_lazyr(c, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("fp4_mul_art") { + fp4_rand(a); + BENCH_ADD(fp4_mul_art(c, a)); + } + BENCH_END; + + BENCH_RUN("fp4_sqr") { + fp4_rand(a); + BENCH_ADD(fp4_sqr(c, a)); + } + BENCH_END; + +#if FPX_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp4_sqr_basic") { + fp4_rand(a); + BENCH_ADD(fp4_sqr_basic(c, a)); + } + BENCH_END; +#endif + +#if FPX_RDC == LAZYR || !defined(STRIP) + BENCH_RUN("fp4_sqr_lazyr") { + fp4_rand(a); + BENCH_ADD(fp4_sqr_lazyr(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fp4_inv") { + fp4_rand(a); + BENCH_ADD(fp4_inv(c, a)); + } + BENCH_END; + + BENCH_RUN("fp4_exp") { + fp4_rand(a); + d->used = RLC_FP_DIGS; + dv_copy(d->dp, fp_prime_get(), RLC_FP_DIGS); + BENCH_ADD(fp4_exp(c, a, d)); + } + BENCH_END; + + BENCH_RUN("fp4_frb") { + fp4_rand(a); + BENCH_ADD(fp4_frb(c, a, 1)); + } + BENCH_END; + + BENCH_RUN("fp4_srt") { + fp4_rand(a); + fp4_sqr(a, a); + BENCH_ADD(fp4_srt(c, a)); + } + BENCH_END; + + fp4_free(a); + fp4_free(b); + fp4_free(c); + bn_free(d); +} + +static void memory6(void) { + fp6_t a[BENCH]; + + BENCH_FEW("fp6_null", fp6_null(a[i]), 1); + + BENCH_FEW("fp6_new", fp6_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + fp6_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + fp6_new(a[i]); + } + BENCH_FEW("fp6_free", fp6_free(a[i]), 1); + + (void)a; +} + +static void util6(void) { + uint8_t bin[6 * RLC_FP_BYTES]; + fp6_t a, b; + + fp6_null(a); + fp6_null(b); + + fp6_new(a); + fp6_new(b); + + BENCH_RUN("fp6_copy") { + fp6_rand(a); + BENCH_ADD(fp6_copy(b, a)); + } + BENCH_END; + + BENCH_RUN("fp6_neg") { + fp6_rand(a); + BENCH_ADD(fp6_neg(b, a)); + } + BENCH_END; + + BENCH_RUN("fp6_zero") { + fp6_rand(a); + BENCH_ADD(fp6_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp6_is_zero") { + fp6_rand(a); + BENCH_ADD((void)fp6_is_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp6_set_dig (1)") { + fp6_rand(a); + BENCH_ADD(fp6_set_dig(a, 1)); + } + BENCH_END; + + BENCH_RUN("fp6_set_dig") { + fp6_rand(a); + BENCH_ADD(fp6_set_dig(a, a[0][0][0])); + } + BENCH_END; + + BENCH_RUN("fp6_rand") { + BENCH_ADD(fp6_rand(a)); + } + BENCH_END; + + BENCH_RUN("fp6_size_bin") { + fp6_rand(a); + BENCH_ADD(fp6_size_bin(a)); + } + BENCH_END; + + BENCH_RUN("fp6_write_bin") { + fp6_rand(a); + BENCH_ADD(fp6_write_bin(bin, sizeof(bin), a)); + } + BENCH_END; + + BENCH_RUN("fp6_read_bin") { + fp6_rand(a); + fp6_write_bin(bin, sizeof(bin), a); + BENCH_ADD(fp6_read_bin(a, bin, sizeof(bin))); + } + BENCH_END; + + BENCH_RUN("fp6_cmp") { + fp6_rand(a); + fp6_rand(b); + BENCH_ADD(fp6_cmp(b, a)); + } + BENCH_END; + + BENCH_RUN("fp6_cmp_dig") { + fp6_rand(a); + BENCH_ADD(fp6_cmp_dig(a, (dig_t)0)); + } + BENCH_END; + + fp6_free(a); + fp6_free(b); +} + +static void arith6(void) { + fp6_t a, b, c; + bn_t d; + + fp6_new(a); + fp6_new(b); + fp6_new(c); + bn_new(d); + + BENCH_RUN("fp6_add") { + fp6_rand(a); + fp6_rand(b); + BENCH_ADD(fp6_add(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fp6_sub") { + fp6_rand(a); + fp6_rand(b); + BENCH_ADD(fp6_sub(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fp6_dbl") { + fp6_rand(a); + BENCH_ADD(fp6_dbl(c, a)); + } + BENCH_END; + + BENCH_RUN("fp6_mul") { + fp6_rand(a); + fp6_rand(b); + BENCH_ADD(fp6_mul(c, a, b)); + } + BENCH_END; + +#if FPX_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp6_mul_basic") { + fp6_rand(a); + fp6_rand(b); + BENCH_ADD(fp6_mul_basic(c, a, b)); + } + BENCH_END; +#endif + +#if FPX_RDC == LAZYR || !defined(STRIP) + BENCH_RUN("fp6_mul_lazyr") { + fp6_rand(a); + fp6_rand(b); + BENCH_ADD(fp6_mul_lazyr(c, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("fp6_mul_art") { + fp6_rand(a); + BENCH_ADD(fp6_mul_art(c, a)); + } + BENCH_END; + + BENCH_RUN("fp6_sqr") { + fp6_rand(a); + BENCH_ADD(fp6_sqr(c, a)); + } + BENCH_END; + +#if FPX_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp6_sqr_basic") { + fp6_rand(a); + BENCH_ADD(fp6_sqr_basic(c, a)); + } + BENCH_END; +#endif + +#if FPX_RDC == LAZYR || !defined(STRIP) + BENCH_RUN("fp6_sqr_lazyr") { + fp6_rand(a); + BENCH_ADD(fp6_sqr_lazyr(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fp6_inv") { + fp6_rand(a); + BENCH_ADD(fp6_inv(c, a)); + } + BENCH_END; + + BENCH_RUN("fp6_exp") { + fp6_rand(a); + d->used = RLC_FP_DIGS; + dv_copy(d->dp, fp_prime_get(), RLC_FP_DIGS); + BENCH_ADD(fp6_exp(c, a, d)); + } + BENCH_END; + + BENCH_RUN("fp6_frb") { + fp6_rand(a); + BENCH_ADD(fp6_frb(c, a, 1)); + } + BENCH_END; + + fp6_free(a); + fp6_free(b); + fp6_free(c); +} + +static void memory8(void) { + fp8_t a[BENCH]; + + BENCH_FEW("fp8_null", fp8_null(a[i]), 1); + + BENCH_FEW("fp8_new", fp8_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + fp8_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + fp8_new(a[i]); + } + BENCH_FEW("fp8_free", fp8_free(a[i]), 1); + + (void)a; +} + +static void util8(void) { + fp8_t a, b; + uint8_t bin[8 * RLC_FP_BYTES]; + + fp8_null(a); + fp8_null(b); + + fp8_new(a); + fp8_new(b); + + BENCH_RUN("fp8_copy") { + fp8_rand(a); + BENCH_ADD(fp8_copy(b, a)); + } + BENCH_END; + + BENCH_RUN("fp8_neg") { + fp8_rand(a); + BENCH_ADD(fp8_neg(b, a)); + } + BENCH_END; + + BENCH_RUN("fp8_zero") { + fp8_rand(a); + BENCH_ADD(fp8_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp8_is_zero") { + fp8_rand(a); + BENCH_ADD((void)fp8_is_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp8_set_dig (1)") { + fp8_rand(a); + BENCH_ADD(fp8_set_dig(a, 1)); + } + BENCH_END; + + BENCH_RUN("fp8_set_dig") { + fp8_rand(a); + BENCH_ADD(fp8_set_dig(a, a[0][0][0][0])); + } + BENCH_END; + + BENCH_RUN("fp8_rand") { + BENCH_ADD(fp8_rand(a)); + } + BENCH_END; + + BENCH_RUN("fp8_size_bin (0)") { + fp8_rand(a); + BENCH_ADD(fp8_size_bin(a, 0)); + } + BENCH_END; + + BENCH_RUN("fp8_size_bin (1)") { + fp8_rand(a); + fp8_conv_cyc(a, a); + BENCH_ADD(fp8_size_bin(a, 1)); + } + BENCH_END; + + BENCH_RUN("fp8_write_bin") { + fp8_rand(a); + BENCH_ADD(fp8_write_bin(bin, sizeof(bin), a)); + } + BENCH_END; + + BENCH_RUN("fp8_read_bin") { + fp8_rand(a); + fp8_write_bin(bin, sizeof(bin), a); + BENCH_ADD(fp8_read_bin(a, bin, sizeof(bin))); + } + BENCH_END; + + BENCH_RUN("fp8_cmp") { + fp8_rand(a); + fp8_rand(b); + BENCH_ADD(fp8_cmp(b, a)); + } + BENCH_END; + + BENCH_RUN("fp8_cmp_dig") { + fp8_rand(a); + BENCH_ADD(fp8_cmp_dig(a, (dig_t)0)); + } + BENCH_END; + + fp8_free(a); + fp8_free(b); +} + +static void arith8(void) { + fp8_t a, b, c, d[2]; + bn_t e; + + fp8_new(a); + fp8_new(b); + fp8_new(c); + fp8_new(d[0]); + fp8_new(d[1]); + bn_new(e); + + BENCH_RUN("fp8_add") { + fp8_rand(a); + fp8_rand(b); + BENCH_ADD(fp8_add(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fp8_sub") { + fp8_rand(a); + fp8_rand(b); + BENCH_ADD(fp8_sub(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fp8_mul") { + fp8_rand(a); + fp8_rand(b); + BENCH_ADD(fp8_mul(c, a, b)); + } + BENCH_END; + +#if FPX_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp8_mul_basic") { + fp8_rand(a); + fp8_rand(b); + BENCH_ADD(fp8_mul_basic(c, a, b)); + } + BENCH_END; +#endif + +#if FPX_RDC == LAZYR || !defined(STRIP) + BENCH_RUN("fp8_mul_lazyr") { + fp8_rand(a); + fp8_rand(b); + BENCH_ADD(fp8_mul_lazyr(c, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("fp8_mul_dxs") { + fp8_rand(a); + fp8_rand(b); + BENCH_ADD(fp8_mul_dxs(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fp8_sqr") { + fp8_rand(a); + BENCH_ADD(fp8_sqr(c, a)); + } + BENCH_END; + +#if FPX_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp8_sqr_basic") { + fp8_rand(a); + BENCH_ADD(fp8_sqr_basic(c, a)); + } + BENCH_END; +#endif + +#if FPX_RDC == LAZYR || !defined(STRIP) + BENCH_RUN("fp8_sqr_lazyr") { + fp8_rand(a); + BENCH_ADD(fp8_sqr_lazyr(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fp8_sqr_cyc") { + fp8_rand(a); + BENCH_ADD(fp8_sqr_cyc(c, a)); + } + BENCH_END; + + BENCH_RUN("fp8_test_cyc") { + fp8_rand(a); + fp8_conv_cyc(a, a); + BENCH_ADD(fp8_test_cyc(a)); + } + BENCH_END; + + BENCH_RUN("fp8_conv_cyc") { + fp8_rand(a); + BENCH_ADD(fp8_conv_cyc(c, a)); + } + BENCH_END; + + BENCH_RUN("fp8_inv") { + fp8_rand(a); + BENCH_ADD(fp8_inv(c, a)); + } + BENCH_END; + + BENCH_RUN("fp8_inv_sim (2)") { + fp8_rand(d[0]); + fp8_rand(d[1]); + BENCH_ADD(fp8_inv_sim(d, d, 2)); + } + BENCH_END; + + BENCH_RUN("fp8_inv_sim (2)") { + fp8_rand(d[0]); + fp8_rand(d[1]); + BENCH_ADD(fp8_inv_sim(d, d, 2)); + } + BENCH_END; + + BENCH_RUN("fp8_inv_cyc") { + fp8_rand(a); + BENCH_ADD(fp8_inv_cyc(c, a)); + } + BENCH_END; + + BENCH_RUN("fp8_exp") { + fp8_rand(a); + bn_rand(e, RLC_POS, RLC_FP_BITS); + BENCH_ADD(fp8_exp(c, a, e)); + } + BENCH_END; + + BENCH_RUN("fp8_exp (cyc)") { + fp8_rand(a); + fp8_conv_cyc(a, a); + bn_rand(e, RLC_POS, RLC_FP_BITS); + BENCH_ADD(fp8_exp(c, a, e)); + } + BENCH_END; + + BENCH_RUN("fp8_exp_cyc (param or sparse)") { + fp8_rand(a); + fp8_conv_cyc(a, a); + bn_zero(e); + fp_prime_get_par(e); + if (bn_is_zero(e)) { + bn_set_2b(e, RLC_FP_BITS - 1); + bn_set_bit(e, RLC_FP_BITS / 2, 1); + bn_set_bit(e, 0, 1); + } + BENCH_ADD(fp8_exp_cyc(c, a, e)); + } + BENCH_END; + + BENCH_RUN("fp8_frb") { + fp8_rand(a); + BENCH_ADD(fp8_frb(c, a, 1)); + } + BENCH_END; + + fp8_free(a); + fp8_free(b); + fp8_free(c); + fp8_free(d[0]); + fp8_free(d[1]); + bn_free(e); +} + +static void memory9(void) { + fp9_t a[BENCH]; + + BENCH_FEW("fp9_null", fp9_null(a[i]), 1); + + BENCH_FEW("fp9_new", fp9_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + fp9_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + fp9_new(a[i]); + } + BENCH_FEW("fp9_free", fp9_free(a[i]), 1); + + (void)a; +} + +static void util9(void) { + uint8_t bin[9 * RLC_FP_BYTES]; + fp9_t a, b; + + fp9_null(a); + fp9_null(b); + + fp9_new(a); + fp9_new(b); + + BENCH_RUN("fp9_copy") { + fp9_rand(a); + BENCH_ADD(fp9_copy(b, a)); + } + BENCH_END; + + BENCH_RUN("fp9_neg") { + fp9_rand(a); + BENCH_ADD(fp9_neg(b, a)); + } + BENCH_END; + + BENCH_RUN("fp9_zero") { + fp9_rand(a); + BENCH_ADD(fp9_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp9_is_zero") { + fp9_rand(a); + BENCH_ADD((void)fp9_is_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp9_set_dig (1)") { + fp9_rand(a); + BENCH_ADD(fp9_set_dig(a, 1)); + } + BENCH_END; + + BENCH_RUN("fp9_set_dig") { + fp9_rand(a); + BENCH_ADD(fp9_set_dig(a, a[0][0][0])); + } + BENCH_END; + + BENCH_RUN("fp9_rand") { + BENCH_ADD(fp9_rand(a)); + } + BENCH_END; + + BENCH_RUN("fp9_size_bin") { + fp9_rand(a); + BENCH_ADD(fp9_size_bin(a)); + } + BENCH_END; + + BENCH_RUN("fp9_write_bin") { + fp9_rand(a); + BENCH_ADD(fp9_write_bin(bin, sizeof(bin), a)); + } + BENCH_END; + + BENCH_RUN("fp9_read_bin") { + fp9_rand(a); + fp9_write_bin(bin, sizeof(bin), a); + BENCH_ADD(fp9_read_bin(a, bin, sizeof(bin))); + } + BENCH_END; + + BENCH_RUN("fp9_cmp") { + fp9_rand(a); + fp9_rand(b); + BENCH_ADD(fp9_cmp(b, a)); + } + BENCH_END; + + BENCH_RUN("fp9_cmp_dig") { + fp9_rand(a); + BENCH_ADD(fp9_cmp_dig(a, (dig_t)0)); + } + BENCH_END; + + fp9_free(a); + fp9_free(b); +} + +static void arith9(void) { + fp9_t a, b, c; + bn_t d; + + fp9_new(a); + fp9_new(b); + fp9_new(c); + bn_new(d); + + BENCH_RUN("fp9_add") { + fp9_rand(a); + fp9_rand(b); + BENCH_ADD(fp9_add(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fp9_sub") { + fp9_rand(a); + fp9_rand(b); + BENCH_ADD(fp9_sub(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fp9_dbl") { + fp9_rand(a); + BENCH_ADD(fp9_dbl(c, a)); + } + BENCH_END; + + BENCH_RUN("fp9_mul") { + fp9_rand(a); + fp9_rand(b); + BENCH_ADD(fp9_mul(c, a, b)); + } + BENCH_END; + +#if FPX_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp9_mul_basic") { + fp9_rand(a); + fp9_rand(b); + BENCH_ADD(fp9_mul_basic(c, a, b)); + } + BENCH_END; +#endif + +#if FPX_RDC == LAZYR || !defined(STRIP) + BENCH_RUN("fp9_mul_lazyr") { + fp9_rand(a); + fp9_rand(b); + BENCH_ADD(fp9_mul_lazyr(c, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("fp9_mul_art") { + fp9_rand(a); + BENCH_ADD(fp9_mul_art(c, a)); + } + BENCH_END; + + BENCH_RUN("fp9_sqr") { + fp9_rand(a); + BENCH_ADD(fp9_sqr(c, a)); + } + BENCH_END; + +#if FPX_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp9_sqr_basic") { + fp9_rand(a); + BENCH_ADD(fp9_sqr_basic(c, a)); + } + BENCH_END; +#endif + +#if FPX_RDC == LAZYR || !defined(STRIP) + BENCH_RUN("fp9_sqr_lazyr") { + fp9_rand(a); + BENCH_ADD(fp9_sqr_lazyr(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fp9_inv") { + fp9_rand(a); + BENCH_ADD(fp9_inv(c, a)); + } + BENCH_END; + + BENCH_RUN("fp9_exp") { + fp9_rand(a); + d->used = RLC_FP_DIGS; + dv_copy(d->dp, fp_prime_get(), RLC_FP_DIGS); + BENCH_ADD(fp9_exp(c, a, d)); + } + BENCH_END; + + BENCH_RUN("fp9_frb") { + fp9_rand(a); + BENCH_ADD(fp9_frb(c, a, 1)); + } + BENCH_END; + + fp9_free(a); + fp9_free(b); + fp9_free(c); +} + +static void memory12(void) { + fp12_t a[BENCH]; + + BENCH_FEW("fp12_null", fp12_null(a[i]), 1); + + BENCH_FEW("fp12_new", fp12_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + fp12_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + fp12_new(a[i]); + } + BENCH_FEW("fp12_free", fp12_free(a[i]), 1); + + (void)a; +} + +static void util12(void) { + fp12_t a, b; + uint8_t bin[12 * RLC_FP_BYTES]; + + fp12_null(a); + fp12_null(b); + + fp12_new(a); + fp12_new(b); + + BENCH_RUN("fp12_copy") { + fp12_rand(a); + BENCH_ADD(fp12_copy(b, a)); + } + BENCH_END; + + BENCH_RUN("fp12_neg") { + fp12_rand(a); + BENCH_ADD(fp12_neg(b, a)); + } + BENCH_END; + + BENCH_RUN("fp12_zero") { + fp12_rand(a); + BENCH_ADD(fp12_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp12_is_zero") { + fp12_rand(a); + BENCH_ADD((void)fp12_is_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp12_set_dig (1)") { + fp12_rand(a); + BENCH_ADD(fp12_set_dig(a, 1)); + } + BENCH_END; + + BENCH_RUN("fp12_set_dig") { + fp12_rand(a); + BENCH_ADD(fp12_set_dig(a, a[0][0][0][0])); + } + BENCH_END; + + BENCH_RUN("fp12_rand") { + BENCH_ADD(fp12_rand(a)); + } + BENCH_END; + + BENCH_RUN("fp12_size_bin (0)") { + fp12_rand(a); + BENCH_ADD(fp12_size_bin(a, 0)); + } + BENCH_END; + + BENCH_RUN("fp12_size_bin (1)") { + fp12_rand(a); + fp12_conv_cyc(a, a); + BENCH_ADD(fp12_size_bin(a, 1)); + } + BENCH_END; + + BENCH_RUN("fp12_write_bin (0)") { + fp12_rand(a); + BENCH_ADD(fp12_write_bin(bin, sizeof(bin), a, 0)); + } + BENCH_END; + + BENCH_RUN("fp12_write_bin (1)") { + fp12_rand(a); + fp12_conv_cyc(a, a); + BENCH_ADD(fp12_write_bin(bin, 8 * RLC_FP_BYTES, a, 1)); + } + BENCH_END; + + BENCH_RUN("fp12_read_bin (0)") { + fp12_rand(a); + fp12_write_bin(bin, sizeof(bin), a, 0); + BENCH_ADD(fp12_read_bin(a, bin, sizeof(bin))); + } + BENCH_END; + + BENCH_RUN("fp12_read_bin (1)") { + fp12_rand(a); + fp12_conv_cyc(a, a); + fp12_write_bin(bin, fp12_size_bin(a, 1), a, 1); + BENCH_ADD(fp12_read_bin(a, bin, 8 * RLC_FP_BYTES)); + } + BENCH_END; + + BENCH_RUN("fp12_cmp") { + fp12_rand(a); + fp12_rand(b); + BENCH_ADD(fp12_cmp(b, a)); + } + BENCH_END; + + BENCH_RUN("fp12_cmp_dig") { + fp12_rand(a); + BENCH_ADD(fp12_cmp_dig(a, (dig_t)0)); + } + BENCH_END; + + fp12_free(a); + fp12_free(b); +} + +static void arith12(void) { + fp12_t a, b, c, d[2]; + bn_t e; + + fp12_new(a); + fp12_new(b); + fp12_new(c); + fp12_new(d[0]); + fp12_new(d[1]); + bn_new(e); + + BENCH_RUN("fp12_add") { + fp12_rand(a); + fp12_rand(b); + BENCH_ADD(fp12_add(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fp12_sub") { + fp12_rand(a); + fp12_rand(b); + BENCH_ADD(fp12_sub(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fp12_mul") { + fp12_rand(a); + fp12_rand(b); + BENCH_ADD(fp12_mul(c, a, b)); + } + BENCH_END; + +#if FPX_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp12_mul_basic") { + fp12_rand(a); + fp12_rand(b); + BENCH_ADD(fp12_mul_basic(c, a, b)); + } + BENCH_END; +#endif + +#if FPX_RDC == LAZYR || !defined(STRIP) + BENCH_RUN("fp12_mul_lazyr") { + fp12_rand(a); + fp12_rand(b); + BENCH_ADD(fp12_mul_lazyr(c, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("fp12_mul_dxs") { + fp12_rand(a); + fp12_rand(b); + BENCH_ADD(fp12_mul_dxs(c, a, b)); + } + BENCH_END; + +#if FPX_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp12_mul_dxs_basic") { + fp12_rand(a); + fp12_rand(b); + BENCH_ADD(fp12_mul_dxs_basic(c, a, b)); + } + BENCH_END; +#endif + +#if FPX_RDC == LAZYR || !defined(STRIP) + BENCH_RUN("fp12_mul_dxs_lazyr") { + fp12_rand(a); + fp12_rand(b); + BENCH_ADD(fp12_mul_dxs_lazyr(c, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("fp12_sqr") { + fp12_rand(a); + BENCH_ADD(fp12_sqr(c, a)); + } + BENCH_END; + + BENCH_RUN("fp12_sqr_cyc") { + fp12_rand(a); + BENCH_ADD(fp12_sqr_cyc(c, a)); + } + BENCH_END; + +#if FPX_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp12_sqr_cyc_basic") { + fp12_rand(a); + fp12_rand(b); + BENCH_ADD(fp12_sqr_cyc_basic(c, a)); + } + BENCH_END; +#endif + +#if FPX_RDC == LAZYR || !defined(STRIP) + BENCH_RUN("fp12_sqr_cyc_lazyr") { + fp12_rand(a); + fp12_rand(b); + BENCH_ADD(fp12_sqr_cyc_lazyr(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fp12_sqr_pck") { + fp12_rand(a); + BENCH_ADD(fp12_sqr_pck(c, a)); + } + BENCH_END; + +#if FPX_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp12_sqr_pck_basic") { + fp12_rand(a); + fp12_rand(b); + BENCH_ADD(fp12_sqr_pck_basic(c, a)); + } + BENCH_END; +#endif + +#if FPX_RDC == LAZYR || !defined(STRIP) + BENCH_RUN("fp12_sqr_pck_lazyr") { + fp12_rand(a); + fp12_rand(b); + BENCH_ADD(fp12_sqr_pck_lazyr(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fp12_test_cyc") { + fp12_rand(a); + fp12_conv_cyc(a, a); + BENCH_ADD(fp12_test_cyc(a)); + } + BENCH_END; + + BENCH_RUN("fp12_conv_cyc") { + fp12_rand(a); + BENCH_ADD(fp12_conv_cyc(c, a)); + } + BENCH_END; + + BENCH_RUN("fp12_back_cyc") { + fp12_rand(a); + BENCH_ADD(fp12_back_cyc(c, a)); + } + BENCH_END; + + BENCH_RUN("fp12_back_cyc (2)") { + fp12_rand(d[0]); + fp12_rand(d[1]); + BENCH_ADD(fp12_back_cyc_sim(d, d, 2)); + } + BENCH_END; + + BENCH_RUN("fp12_conv_cyc") { + fp12_rand(a); + BENCH_ADD(fp12_conv_cyc(c, a)); + } + BENCH_END; + + BENCH_RUN("fp12_inv") { + fp12_rand(a); + BENCH_ADD(fp12_inv(c, a)); + } + BENCH_END; + + BENCH_RUN("fp12_inv_cyc") { + fp12_rand(a); + BENCH_ADD(fp12_inv_cyc(c, a)); + } + BENCH_END; + + BENCH_RUN("fp12_exp") { + fp12_rand(a); + bn_rand(e, RLC_POS, RLC_FP_BITS); + BENCH_ADD(fp12_exp(c, a, e)); + } + BENCH_END; + + BENCH_RUN("fp12_exp (cyc)") { + fp12_rand(a); + fp12_conv_cyc(a, a); + bn_rand(e, RLC_POS, RLC_FP_BITS); + BENCH_ADD(fp12_exp(c, a, e)); + } + BENCH_END; + + BENCH_RUN("fp12_exp_cyc (param or sparse)") { + fp12_rand(a); + fp12_conv_cyc(a, a); + bn_zero(e); + fp_prime_get_par(e); + if (bn_is_zero(e)) { + bn_set_2b(e, RLC_FP_BITS - 1); + bn_set_bit(e, RLC_FP_BITS / 2, 1); + bn_set_bit(e, 0, 1); + } + BENCH_ADD(fp12_exp_cyc(c, a, e)); + } + BENCH_END; + + BENCH_RUN("fp12_exp_cyc_sps (param)") { + const int *k; + int l; + k = fp_prime_get_par_sps(&l); + fp12_rand(a); + BENCH_ADD(fp12_exp_cyc_sps(c, a, k, l, RLC_POS)); + } + BENCH_END; + + BENCH_RUN("fp12_exp_dig") { + fp12_rand(a); + bn_rand(e, RLC_POS, RLC_DIG); + BENCH_ADD(fp12_exp_dig(c, a, e->dp[0])); + } + BENCH_END; + + BENCH_RUN("fp12_frb") { + fp12_rand(a); + BENCH_ADD(fp12_frb(c, a, 1)); + } + BENCH_END; + + BENCH_RUN("fp12_pck") { + fp12_rand(a); + fp12_conv_cyc(a, a); + BENCH_ADD(fp12_pck(c, a)); + } + BENCH_END; + + BENCH_RUN("fp12_upk") { + fp12_rand(a); + fp12_conv_cyc(a, a); + fp12_pck(a, a); + BENCH_ADD(fp12_upk(c, a)); + } + BENCH_END; + + BENCH_RUN("fp12_pck_max") { + fp12_rand(a); + fp12_conv_cyc(a, a); + BENCH_ADD(fp12_pck_max(c, a)); + } + BENCH_END; + + BENCH_RUN("fp12_upk_max") { + fp12_rand(a); + fp12_conv_cyc(a, a); + fp12_pck_max(a, a); + BENCH_ADD(fp12_upk_max(c, a)); + } + BENCH_END; + + fp12_free(a); + fp12_free(b); + fp12_free(c); + fp12_free(d[0]); + fp12_free(d[1]); + bn_free(e); +} + +static void memory18(void) { + fp18_t a[BENCH]; + + BENCH_FEW("fp18_null", fp18_null(a[i]), 1); + + BENCH_FEW("fp18_new", fp18_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + fp18_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + fp18_new(a[i]); + } + BENCH_FEW("fp18_free", fp18_free(a[i]), 1); + + (void)a; +} + +static void util18(void) { + fp18_t a, b; + + fp18_null(a); + fp18_null(b); + + fp18_new(a); + fp18_new(b); + + BENCH_RUN("fp18_copy") { + fp18_rand(a); + BENCH_ADD(fp18_copy(b, a)); + } + BENCH_END; + + BENCH_RUN("fp18_neg") { + fp18_rand(a); + BENCH_ADD(fp18_neg(b, a)); + } + BENCH_END; + + BENCH_RUN("fp18_zero") { + fp18_rand(a); + BENCH_ADD(fp18_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp18_is_zero") { + fp18_rand(a); + BENCH_ADD((void)fp18_is_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp18_set_dig (1)") { + fp18_rand(a); + BENCH_ADD(fp18_set_dig(a, 1)); + } + BENCH_END; + + BENCH_RUN("fp18_set_dig") { + fp18_rand(a); + BENCH_ADD(fp18_set_dig(a, a[0][0][0][0])); + } + BENCH_END; + + BENCH_RUN("fp18_rand") { + BENCH_ADD(fp18_rand(a)); + } + BENCH_END; + + BENCH_RUN("fp18_cmp") { + fp18_rand(a); + fp18_rand(b); + BENCH_ADD(fp18_cmp(b, a)); + } + BENCH_END; + + BENCH_RUN("fp18_cmp_dig") { + fp18_rand(a); + BENCH_ADD(fp18_cmp_dig(a, (dig_t)0)); + } + BENCH_END; + + fp18_free(a); + fp18_free(b); +} + +static void arith18(void) { + fp18_t a, b, c; + bn_t e; + + fp18_new(a); + fp18_new(b); + fp18_new(c); + bn_new(e); + + BENCH_RUN("fp18_add") { + fp18_rand(a); + fp18_rand(b); + BENCH_ADD(fp18_add(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fp18_sub") { + fp18_rand(a); + fp18_rand(b); + BENCH_ADD(fp18_sub(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fp18_mul") { + fp18_rand(a); + fp18_rand(b); + BENCH_ADD(fp18_mul(c, a, b)); + } + BENCH_END; + +#if FPX_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp18_mul_basic") { + fp18_rand(a); + fp18_rand(b); + BENCH_ADD(fp18_mul_basic(c, a, b)); + } + BENCH_END; +#endif + +#if FPX_RDC == LAZYR || !defined(STRIP) + BENCH_RUN("fp18_mul_lazyr") { + fp18_rand(a); + fp18_rand(b); + BENCH_ADD(fp18_mul_lazyr(c, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("fp18_sqr") { + fp18_rand(a); + BENCH_ADD(fp18_sqr(c, a)); + } + BENCH_END; + +#if FPX_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp18_sqr_basic") { + fp18_rand(a); + BENCH_ADD(fp18_sqr_basic(c, a)); + } + BENCH_END; +#endif + +#if FPX_RDC == LAZYR || !defined(STRIP) + BENCH_RUN("fp18_sqr_lazyr") { + fp18_rand(a); + BENCH_ADD(fp18_sqr_lazyr(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fp18_inv") { + fp18_rand(a); + BENCH_ADD(fp18_inv(c, a)); + } + BENCH_END; + + BENCH_RUN("fp18_exp") { + fp18_rand(a); + e->used = RLC_FP_DIGS; + dv_copy(e->dp, fp_prime_get(), RLC_FP_DIGS); + BENCH_ADD(fp18_exp(c, a, e)); + } + BENCH_END; + + BENCH_RUN("fp18_frb") { + fp18_rand(a); + BENCH_ADD(fp18_frb(c, a, 1)); + } + BENCH_END; + + fp18_free(a); + fp18_free(b); + fp18_free(c); + bn_free(e); +} + +static void memory24(void) { + fp24_t a[BENCH]; + + BENCH_FEW("fp24_null", fp24_null(a[i]), 1); + + BENCH_FEW("fp24_new", fp24_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + fp24_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + fp24_new(a[i]); + } + BENCH_FEW("fp24_free", fp24_free(a[i]), 1); + + (void)a; +} + +static void util24(void) { + fp24_t a, b; + uint8_t bin[24 * RLC_FP_BYTES]; + + fp24_null(a); + fp24_null(b); + + fp24_new(a); + fp24_new(b); + + BENCH_RUN("fp24_copy") { + fp24_rand(a); + BENCH_ADD(fp24_copy(b, a)); + } + BENCH_END; + + BENCH_RUN("fp24_neg") { + fp24_rand(a); + BENCH_ADD(fp24_neg(b, a)); + } + BENCH_END; + + BENCH_RUN("fp24_zero") { + fp24_rand(a); + BENCH_ADD(fp24_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp24_is_zero") { + fp24_rand(a); + BENCH_ADD((void)fp24_is_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp24_set_dig (1)") { + fp24_rand(a); + BENCH_ADD(fp24_set_dig(a, 1)); + } + BENCH_END; + + BENCH_RUN("fp24_set_dig") { + fp24_rand(a); + BENCH_ADD(fp24_set_dig(a, a[0][0][0][0][0])); + } + BENCH_END; + + BENCH_RUN("fp24_rand") { + BENCH_ADD(fp24_rand(a)); + } + BENCH_END; + + BENCH_RUN("fp24_size_bin (0)") { + fp24_rand(a); + BENCH_ADD(fp24_size_bin(a, 0)); + } + BENCH_END; + + BENCH_RUN("fp24_size_bin (1)") { + fp24_rand(a); + fp24_conv_cyc(a, a); + BENCH_ADD(fp24_size_bin(a, 1)); + } + BENCH_END; + + BENCH_RUN("fp24_write_bin (0)") { + fp24_rand(a); + BENCH_ADD(fp24_write_bin(bin, sizeof(bin), a, 0)); + } + BENCH_END; + + BENCH_RUN("fp24_write_bin (1)") { + fp24_rand(a); + fp24_conv_cyc(a, a); + BENCH_ADD(fp24_write_bin(bin, 32 * RLC_FP_BYTES, a, 1)); + } + BENCH_END; + + BENCH_RUN("fp24_read_bin (0)") { + fp24_rand(a); + fp24_write_bin(bin, sizeof(bin), a, 0); + BENCH_ADD(fp24_read_bin(a, bin, sizeof(bin))); + } + BENCH_END; + + BENCH_RUN("fp24_read_bin (1)") { + fp24_rand(a); + fp24_conv_cyc(a, a); + fp24_write_bin(bin, fp24_size_bin(a, 1), a, 1); + BENCH_ADD(fp24_read_bin(a, bin, 32 * RLC_FP_BYTES)); + } + BENCH_END; + + BENCH_RUN("fp24_cmp") { + fp24_rand(a); + fp24_rand(b); + BENCH_ADD(fp24_cmp(b, a)); + } + BENCH_END; + + BENCH_RUN("fp24_cmp_dig") { + fp24_rand(a); + BENCH_ADD(fp24_cmp_dig(a, (dig_t)0)); + } + BENCH_END; + + fp24_free(a); + fp24_free(b); +} + +static void arith24(void) { + fp24_t a, b, c, d[2]; + bn_t e; + + fp24_new(a); + fp24_new(b); + fp24_new(c); + fp24_new(d[0]); + fp24_new(d[1]); + bn_new(e); + + BENCH_RUN("fp24_add") { + fp24_rand(a); + fp24_rand(b); + BENCH_ADD(fp24_add(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fp24_sub") { + fp24_rand(a); + fp24_rand(b); + BENCH_ADD(fp24_sub(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fp24_mul") { + fp24_rand(a); + fp24_rand(b); + BENCH_ADD(fp24_mul(c, a, b)); + } + BENCH_END; + +#if FPX_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp24_mul_basic") { + fp24_rand(a); + fp24_rand(b); + BENCH_ADD(fp24_mul_basic(c, a, b)); + } + BENCH_END; +#endif + +#if FPX_RDC == LAZYR || !defined(STRIP) + BENCH_RUN("fp24_mul_lazyr") { + fp24_rand(a); + fp24_rand(b); + BENCH_ADD(fp24_mul_lazyr(c, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("fp24_sqr") { + fp24_rand(a); + BENCH_ADD(fp24_sqr(c, a)); + } + BENCH_END; + +#if FPX_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp24_sqr_basic") { + fp24_rand(a); + BENCH_ADD(fp24_sqr_basic(c, a)); + } + BENCH_END; +#endif + +#if FPX_RDC == LAZYR || !defined(STRIP) + BENCH_RUN("fp24_sqr_lazyr") { + fp24_rand(a); + BENCH_ADD(fp24_sqr_lazyr(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fp24_test_cyc") { + fp24_rand(a); + fp24_conv_cyc(a, a); + BENCH_ADD(fp24_test_cyc(a)); + } + BENCH_END; + + BENCH_RUN("fp24_conv_cyc") { + fp24_rand(a); + BENCH_ADD(fp24_conv_cyc(c, a)); + } + BENCH_END; + + BENCH_RUN("fp24_back_cyc") { + fp24_rand(a); + BENCH_ADD(fp24_back_cyc(c, a)); + } + BENCH_END; + + BENCH_RUN("fp24_back_cyc (2)") { + fp24_rand(d[0]); + fp24_rand(d[1]); + BENCH_ADD(fp24_back_cyc_sim(d, d, 2)); + } + BENCH_END; + + BENCH_RUN("fp24_conv_cyc") { + fp24_rand(a); + BENCH_ADD(fp24_conv_cyc(c, a)); + } + BENCH_END; + + BENCH_RUN("fp24_inv") { + fp24_rand(a); + BENCH_ADD(fp24_inv(c, a)); + } + BENCH_END; + + BENCH_RUN("fp24_exp") { + fp24_rand(a); + bn_rand(e, RLC_POS, RLC_FP_BITS); + BENCH_ADD(fp24_exp(c, a, e)); + } + BENCH_END; + + BENCH_RUN("fp24_exp (cyc)") { + fp24_rand(a); + fp24_conv_cyc(a, a); + bn_rand(e, RLC_POS, RLC_FP_BITS); + BENCH_ADD(fp24_exp(c, a, e)); + } + BENCH_END; + + BENCH_RUN("fp24_exp_cyc (param or sparse)") { + fp24_rand(a); + fp24_conv_cyc(a, a); + bn_zero(e); + fp_prime_get_par(e); + if (bn_is_zero(e)) { + bn_set_2b(e, RLC_FP_BITS - 1); + bn_set_bit(e, RLC_FP_BITS / 2, 1); + bn_set_bit(e, 0, 1); + } + BENCH_ADD(fp24_exp_cyc(c, a, e)); + } + BENCH_END; + + BENCH_RUN("fp24_exp_cyc_sps (param)") { + const int *k; + int l; + k = fp_prime_get_par_sps(&l); + fp24_rand(a); + BENCH_ADD(fp24_exp_cyc_sps(c, a, k, l, RLC_POS)); + } + BENCH_END; + + BENCH_RUN("fp24_exp_dig") { + fp24_rand(a); + bn_rand(e, RLC_POS, RLC_DIG); + BENCH_ADD(fp24_exp_dig(c, a, e->dp[0])); + } + BENCH_END; + + BENCH_RUN("fp24_frb") { + fp24_rand(a); + BENCH_ADD(fp24_frb(c, a, 1)); + } + BENCH_END; + + BENCH_RUN("fp24_pck") { + fp24_rand(a); + fp24_conv_cyc(a, a); + BENCH_ADD(fp24_pck(c, a)); + } + BENCH_END; + + BENCH_RUN("fp24_upk") { + fp24_rand(a); + fp24_conv_cyc(a, a); + fp24_pck(a, a); + BENCH_ADD(fp24_upk(c, a)); + } + BENCH_END; + + fp24_free(a); + fp24_free(b); + fp24_free(c); + fp24_free(d[0]); + fp24_free(d[1]); + bn_free(e); +} + +static void memory48(void) { + fp48_t a[BENCH]; + + BENCH_FEW("fp48_null", fp48_null(a[i]), 1); + + BENCH_FEW("fp48_new", fp48_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + fp48_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + fp48_new(a[i]); + } + BENCH_FEW("fp48_free", fp48_free(a[i]), 1); + + (void)a; +} + +static void util48(void) { + fp48_t a, b; + uint8_t bin[48 * RLC_FP_BYTES]; + + fp48_null(a); + fp48_null(b); + + fp48_new(a); + fp48_new(b); + + BENCH_RUN("fp48_copy") { + fp48_rand(a); + BENCH_ADD(fp48_copy(b, a)); + } + BENCH_END; + + BENCH_RUN("fp48_neg") { + fp48_rand(a); + BENCH_ADD(fp48_neg(b, a)); + } + BENCH_END; + + BENCH_RUN("fp48_zero") { + fp48_rand(a); + BENCH_ADD(fp48_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp48_is_zero") { + fp48_rand(a); + BENCH_ADD((void)fp48_is_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp48_set_dig (1)") { + fp48_rand(a); + BENCH_ADD(fp48_set_dig(a, 1)); + } + BENCH_END; + + BENCH_RUN("fp48_set_dig") { + fp48_rand(a); + BENCH_ADD(fp48_set_dig(a, a[0][0][0][0][0][0])); + } + BENCH_END; + + BENCH_RUN("fp48_rand") { + BENCH_ADD(fp48_rand(a)); + } + BENCH_END; + + BENCH_RUN("fp48_size_bin (0)") { + fp48_rand(a); + BENCH_ADD(fp48_size_bin(a, 0)); + } + BENCH_END; + + BENCH_RUN("fp48_size_bin (1)") { + fp48_rand(a); + fp48_conv_cyc(a, a); + BENCH_ADD(fp48_size_bin(a, 1)); + } + BENCH_END; + + BENCH_RUN("fp48_write_bin (0)") { + fp48_rand(a); + BENCH_ADD(fp48_write_bin(bin, sizeof(bin), a, 0)); + } + BENCH_END; + + BENCH_RUN("fp48_write_bin (1)") { + fp48_rand(a); + fp48_conv_cyc(a, a); + BENCH_ADD(fp48_write_bin(bin, 32 * RLC_FP_BYTES, a, 1)); + } + BENCH_END; + + BENCH_RUN("fp48_read_bin (0)") { + fp48_rand(a); + fp48_write_bin(bin, sizeof(bin), a, 0); + BENCH_ADD(fp48_read_bin(a, bin, sizeof(bin))); + } + BENCH_END; + + BENCH_RUN("fp48_read_bin (1)") { + fp48_rand(a); + fp48_conv_cyc(a, a); + fp48_write_bin(bin, fp48_size_bin(a, 1), a, 1); + BENCH_ADD(fp48_read_bin(a, bin, 32 * RLC_FP_BYTES)); + } + BENCH_END; + + BENCH_RUN("fp48_cmp") { + fp48_rand(a); + fp48_rand(b); + BENCH_ADD(fp48_cmp(b, a)); + } + BENCH_END; + + BENCH_RUN("fp48_cmp_dig") { + fp48_rand(a); + BENCH_ADD(fp48_cmp_dig(a, (dig_t)0)); + } + BENCH_END; + + fp48_free(a); + fp48_free(b); +} + +static void arith48(void) { + fp48_t a, b, c, d[2]; + bn_t e; + + fp48_new(a); + fp48_new(b); + fp48_new(c); + fp48_new(d[0]); + fp48_new(d[1]); + bn_new(e); + + BENCH_RUN("fp48_add") { + fp48_rand(a); + fp48_rand(b); + BENCH_ADD(fp48_add(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fp48_sub") { + fp48_rand(a); + fp48_rand(b); + BENCH_ADD(fp48_sub(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fp48_mul") { + fp48_rand(a); + fp48_rand(b); + BENCH_ADD(fp48_mul(c, a, b)); + } + BENCH_END; + +#if FPX_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp48_mul_basic") { + fp48_rand(a); + fp48_rand(b); + BENCH_ADD(fp48_mul_basic(c, a, b)); + } + BENCH_END; +#endif + +#if FPX_RDC == LAZYR || !defined(STRIP) + BENCH_RUN("fp48_mul_lazyr") { + fp48_rand(a); + fp48_rand(b); + BENCH_ADD(fp48_mul_lazyr(c, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("fp48_mul_dxs") { + fp48_rand(a); + fp48_rand(b); + BENCH_ADD(fp48_mul_dxs(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fp48_sqr") { + fp48_rand(a); + BENCH_ADD(fp48_sqr(c, a)); + } + BENCH_END; + + BENCH_RUN("fp48_sqr_cyc") { + fp48_rand(a); + BENCH_ADD(fp48_sqr_cyc(c, a)); + } + BENCH_END; + +#if FPX_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp48_sqr_cyc_basic") { + fp48_rand(a); + fp48_rand(b); + BENCH_ADD(fp48_sqr_cyc_basic(c, a)); + } + BENCH_END; +#endif + +#if FPX_RDC == LAZYR || !defined(STRIP) + BENCH_RUN("fp48_sqr_cyc_lazyr") { + fp48_rand(a); + fp48_rand(b); + BENCH_ADD(fp48_sqr_cyc_lazyr(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fp48_sqr_pck") { + fp48_rand(a); + BENCH_ADD(fp48_sqr_pck(c, a)); + } + BENCH_END; + +#if FPX_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp48_sqr_pck_basic") { + fp48_rand(a); + fp48_rand(b); + BENCH_ADD(fp48_sqr_pck_basic(c, a)); + } + BENCH_END; +#endif + +#if FPX_RDC == LAZYR || !defined(STRIP) + BENCH_RUN("fp48_sqr_pck_lazyr") { + fp48_rand(a); + fp48_rand(b); + BENCH_ADD(fp48_sqr_pck_lazyr(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fp48_test_cyc") { + fp48_rand(a); + fp48_conv_cyc(a, a); + BENCH_ADD(fp48_test_cyc(a)); + } + BENCH_END; + + BENCH_RUN("fp48_conv_cyc") { + fp48_rand(a); + BENCH_ADD(fp48_conv_cyc(c, a)); + } + BENCH_END; + + BENCH_RUN("fp48_back_cyc") { + fp48_rand(a); + BENCH_ADD(fp48_back_cyc(c, a)); + } + BENCH_END; + + BENCH_RUN("fp48_back_cyc (2)") { + fp48_rand(d[0]); + fp48_rand(d[1]); + BENCH_ADD(fp48_back_cyc_sim(d, d, 2)); + } + BENCH_END; + + BENCH_RUN("fp48_conv_cyc") { + fp48_rand(a); + BENCH_ADD(fp48_conv_cyc(c, a)); + } + BENCH_END; + + BENCH_RUN("fp48_inv") { + fp48_rand(a); + BENCH_ADD(fp48_inv(c, a)); + } + BENCH_END; + + BENCH_RUN("fp48_inv_cyc") { + fp48_rand(a); + BENCH_ADD(fp48_inv_cyc(c, a)); + } + BENCH_END; + + BENCH_RUN("fp48_exp") { + fp48_rand(a); + bn_rand(e, RLC_POS, RLC_FP_BITS); + BENCH_ADD(fp48_exp(c, a, e)); + } + BENCH_END; + + BENCH_RUN("fp48_exp (cyc)") { + fp48_rand(a); + fp48_conv_cyc(a, a); + bn_rand(e, RLC_POS, RLC_FP_BITS); + BENCH_ADD(fp48_exp(c, a, e)); + } + BENCH_END; + + BENCH_RUN("fp48_exp_cyc (param or sparse)") { + fp48_rand(a); + fp48_conv_cyc(a, a); + bn_zero(e); + fp_prime_get_par(e); + if (bn_is_zero(e)) { + bn_set_2b(e, RLC_FP_BITS - 1); + bn_set_bit(e, RLC_FP_BITS / 2, 1); + bn_set_bit(e, 0, 1); + } + BENCH_ADD(fp48_exp_cyc(c, a, e)); + } + BENCH_END; + + BENCH_RUN("fp48_exp_cyc_sps (param)") { + const int *k; + int l; + k = fp_prime_get_par_sps(&l); + fp48_rand(a); + BENCH_ADD(fp48_exp_cyc_sps(c, a, k, l, RLC_POS)); + } + BENCH_END; + + BENCH_RUN("fp48_exp_dig") { + fp48_rand(a); + bn_rand(e, RLC_POS, RLC_DIG); + BENCH_ADD(fp48_exp_dig(c, a, e->dp[0])); + } + BENCH_END; + + BENCH_RUN("fp48_frb") { + fp48_rand(a); + BENCH_ADD(fp48_frb(c, a, 1)); + } + BENCH_END; + + BENCH_RUN("fp48_pck") { + fp48_rand(a); + fp48_conv_cyc(a, a); + BENCH_ADD(fp48_pck(c, a)); + } + BENCH_END; + + BENCH_RUN("fp48_upk") { + fp48_rand(a); + fp48_conv_cyc(a, a); + fp48_pck(a, a); + BENCH_ADD(fp48_upk(c, a)); + } + BENCH_END; + + fp48_free(a); + fp48_free(b); + fp48_free(c); + fp48_free(d[0]); + fp48_free(d[1]); + bn_free(e); +} + +static void memory54(void) { + fp54_t a[BENCH]; + + BENCH_FEW("fp54_null", fp54_null(a[i]), 1); + + BENCH_FEW("fp54_new", fp54_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + fp54_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + fp54_new(a[i]); + } + BENCH_FEW("fp54_free", fp54_free(a[i]), 1); + + (void)a; +} + +static void util54(void) { + fp54_t a, b; + uint8_t bin[54 * RLC_FP_BYTES]; + + fp54_null(a); + fp54_null(b); + + fp54_new(a); + fp54_new(b); + + BENCH_RUN("fp54_copy") { + fp54_rand(a); + BENCH_ADD(fp54_copy(b, a)); + } + BENCH_END; + + BENCH_RUN("fp54_neg") { + fp54_rand(a); + BENCH_ADD(fp54_neg(b, a)); + } + BENCH_END; + + BENCH_RUN("fp54_zero") { + fp54_rand(a); + BENCH_ADD(fp54_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp54_is_zero") { + fp54_rand(a); + BENCH_ADD((void)fp54_is_zero(a)); + } + BENCH_END; + + BENCH_RUN("fp54_set_dig (1)") { + fp54_rand(a); + BENCH_ADD(fp54_set_dig(a, 1)); + } + BENCH_END; + + BENCH_RUN("fp54_set_dig") { + fp54_rand(a); + BENCH_ADD(fp54_set_dig(a, a[0][0][0][0][0])); + } + BENCH_END; + + BENCH_RUN("fp54_rand") { + BENCH_ADD(fp54_rand(a)); + } + BENCH_END; + + BENCH_RUN("fp54_size_bin (0)") { + fp54_rand(a); + BENCH_ADD(fp54_size_bin(a, 0)); + } + BENCH_END; + + BENCH_RUN("fp54_size_bin (1)") { + fp54_rand(a); + fp54_conv_cyc(a, a); + BENCH_ADD(fp54_size_bin(a, 1)); + } + BENCH_END; + + BENCH_RUN("fp54_write_bin (0)") { + fp54_rand(a); + BENCH_ADD(fp54_write_bin(bin, sizeof(bin), a, 0)); + } + BENCH_END; + + BENCH_RUN("fp54_write_bin (1)") { + fp54_rand(a); + fp54_conv_cyc(a, a); + BENCH_ADD(fp54_write_bin(bin, 32 * RLC_FP_BYTES, a, 1)); + } + BENCH_END; + + BENCH_RUN("fp54_read_bin (0)") { + fp54_rand(a); + fp54_write_bin(bin, sizeof(bin), a, 0); + BENCH_ADD(fp54_read_bin(a, bin, sizeof(bin))); + } + BENCH_END; + + BENCH_RUN("fp54_read_bin (1)") { + fp54_rand(a); + fp54_conv_cyc(a, a); + fp54_write_bin(bin, fp54_size_bin(a, 1), a, 1); + BENCH_ADD(fp54_read_bin(a, bin, 32 * RLC_FP_BYTES)); + } + BENCH_END; + + BENCH_RUN("fp54_cmp") { + fp54_rand(a); + fp54_rand(b); + BENCH_ADD(fp54_cmp(b, a)); + } + BENCH_END; + + BENCH_RUN("fp54_cmp_dig") { + fp54_rand(a); + BENCH_ADD(fp54_cmp_dig(a, (dig_t)0)); + } + BENCH_END; + + fp54_free(a); + fp54_free(b); +} + +static void arith54(void) { + fp54_t a, b, c, d[2]; + bn_t e; + + fp54_new(a); + fp54_new(b); + fp54_new(c); + fp54_new(d[0]); + fp54_new(d[1]); + bn_new(e); + + BENCH_RUN("fp54_add") { + fp54_rand(a); + fp54_rand(b); + BENCH_ADD(fp54_add(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fp54_sub") { + fp54_rand(a); + fp54_rand(b); + BENCH_ADD(fp54_sub(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fp54_mul") { + fp54_rand(a); + fp54_rand(b); + BENCH_ADD(fp54_mul(c, a, b)); + } + BENCH_END; + +#if FPX_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp54_mul_basic") { + fp54_rand(a); + fp54_rand(b); + BENCH_ADD(fp54_mul_basic(c, a, b)); + } + BENCH_END; +#endif + +#if FPX_RDC == LAZYR || !defined(STRIP) + BENCH_RUN("fp54_mul_lazyr") { + fp54_rand(a); + fp54_rand(b); + BENCH_ADD(fp54_mul_lazyr(c, a, b)); + } + BENCH_END; +#endif + + BENCH_RUN("fp54_mul_dxs") { + fp54_rand(a); + fp54_rand(b); + BENCH_ADD(fp54_mul_dxs(c, a, b)); + } + BENCH_END; + + BENCH_RUN("fp54_sqr") { + fp54_rand(a); + BENCH_ADD(fp54_sqr(c, a)); + } + BENCH_END; + + BENCH_RUN("fp54_sqr_cyc") { + fp54_rand(a); + BENCH_ADD(fp54_sqr_cyc(c, a)); + } + BENCH_END; + +#if FPX_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp54_sqr_cyc_basic") { + fp54_rand(a); + fp54_rand(b); + BENCH_ADD(fp54_sqr_cyc_basic(c, a)); + } + BENCH_END; +#endif + +#if FPX_RDC == LAZYR || !defined(STRIP) + BENCH_RUN("fp54_sqr_cyc_lazyr") { + fp54_rand(a); + fp54_rand(b); + BENCH_ADD(fp54_sqr_cyc_lazyr(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fp54_sqr_pck") { + fp54_rand(a); + BENCH_ADD(fp54_sqr_pck(c, a)); + } + BENCH_END; + +#if FPX_RDC == BASIC || !defined(STRIP) + BENCH_RUN("fp54_sqr_pck_basic") { + fp54_rand(a); + fp54_rand(b); + BENCH_ADD(fp54_sqr_pck_basic(c, a)); + } + BENCH_END; +#endif + +#if FPX_RDC == LAZYR || !defined(STRIP) + BENCH_RUN("fp54_sqr_pck_lazyr") { + fp54_rand(a); + fp54_rand(b); + BENCH_ADD(fp54_sqr_pck_lazyr(c, a)); + } + BENCH_END; +#endif + + BENCH_RUN("fp54_test_cyc") { + fp54_rand(a); + fp54_conv_cyc(a, a); + BENCH_ADD(fp54_test_cyc(a)); + } + BENCH_END; + + BENCH_RUN("fp54_conv_cyc") { + fp54_rand(a); + BENCH_ADD(fp54_conv_cyc(c, a)); + } + BENCH_END; + + BENCH_RUN("fp54_back_cyc") { + fp54_rand(a); + BENCH_ADD(fp54_back_cyc(c, a)); + } + BENCH_END; + + BENCH_RUN("fp54_back_cyc (2)") { + fp54_rand(d[0]); + fp54_rand(d[1]); + BENCH_ADD(fp54_back_cyc_sim(d, d, 2)); + } + BENCH_END; + + BENCH_RUN("fp54_conv_cyc") { + fp54_rand(a); + BENCH_ADD(fp54_conv_cyc(c, a)); + } + BENCH_END; + + BENCH_RUN("fp54_inv") { + fp54_rand(a); + BENCH_ADD(fp54_inv(c, a)); + } + BENCH_END; + + BENCH_RUN("fp54_inv_cyc") { + fp54_rand(a); + BENCH_ADD(fp54_inv_cyc(c, a)); + } + BENCH_END; + + BENCH_RUN("fp54_exp") { + fp54_rand(a); + bn_rand(e, RLC_POS, RLC_FP_BITS); + BENCH_ADD(fp54_exp(c, a, e)); + } + BENCH_END; + + BENCH_RUN("fp54_exp (cyc)") { + fp54_rand(a); + fp54_conv_cyc(a, a); + bn_rand(e, RLC_POS, RLC_FP_BITS); + BENCH_ADD(fp54_exp(c, a, e)); + } + BENCH_END; + + BENCH_RUN("fp54_exp_cyc (param or sparse)") { + fp54_rand(a); + fp54_conv_cyc(a, a); + bn_zero(e); + fp_prime_get_par(e); + if (bn_is_zero(e)) { + bn_set_2b(e, RLC_FP_BITS - 1); + bn_set_bit(e, RLC_FP_BITS / 2, 1); + bn_set_bit(e, 0, 1); + } + BENCH_ADD(fp54_exp_cyc(c, a, e)); + } + BENCH_END; + + BENCH_RUN("fp54_exp_cyc_sps (param)") { + const int *k; + int l; + k = fp_prime_get_par_sps(&l); + fp54_rand(a); + BENCH_ADD(fp54_exp_cyc_sps(c, a, k, l, RLC_POS)); + } + BENCH_END; + + BENCH_RUN("fp54_exp_dig") { + fp54_rand(a); + bn_rand(e, RLC_POS, RLC_DIG); + BENCH_ADD(fp54_exp_dig(c, a, e->dp[0])); + } + BENCH_END; + + BENCH_RUN("fp54_frb") { + fp54_rand(a); + BENCH_ADD(fp54_frb(c, a, 1)); + } + BENCH_END; + + BENCH_RUN("fp54_pck") { + fp54_rand(a); + fp54_conv_cyc(a, a); + BENCH_ADD(fp54_pck(c, a)); + } + BENCH_END; + + BENCH_RUN("fp54_upk") { + fp54_rand(a); + fp54_conv_cyc(a, a); + fp54_pck(a, a); + BENCH_ADD(fp54_upk(c, a)); + } + BENCH_END; + + fp54_free(a); + fp54_free(b); + fp54_free(c); + fp54_free(d[0]); + fp54_free(d[1]); + bn_free(e); +} + +int main(void) { + if (core_init() != RLC_OK) { + core_clean(); + return 1; + } + + conf_print(); + + util_banner("Benchmarks for the FPX module:", 0); + + /* Try using a pairing-friendly curve for faster exponentiation method. */ + if (pc_param_set_any() != RLC_OK) { + /* If it does not work, try a tower-friendly field. */ + if (fp_param_set_any_tower() == RLC_ERR) { + RLC_THROW(ERR_NO_FIELD); + core_clean(); + return 0; + } + } + + fp_param_print(); + + if (fp_prime_get_qnr()) { + util_banner("Quadratic extension:", 0); + util_banner("Utilities:", 1); + memory2(); + util2(); + + util_banner("Arithmetic:", 1); + arith2(); + } + + if (fp_prime_get_cnr()) { + util_banner("Cubic extension:", 0); + util_banner("Utilities:", 1); + memory3(); + util3(); + util_banner("Arithmetic:", 1); + arith3(); + } + + if (fp_prime_get_qnr()) { + util_banner("Quartic extension:", 0); + util_banner("Utilities:", 1); + memory4(); + util4(); + util_banner("Arithmetic:", 1); + arith4(); + + util_banner("Sextic extension:", 0); + util_banner("Utilities:", 1); + memory6(); + util6(); + util_banner("Arithmetic:", 1); + arith6(); + + util_banner("Octic extension:", 0); + util_banner("Utilities:", 1); + memory8(); + util8(); + util_banner("Arithmetic:", 1); + arith8(); + } + + if (fp_prime_get_cnr()) { + util_banner("Nonic extension:", 0); + util_banner("Utilities:", 1); + memory9(); + util9(); + util_banner("Arithmetic:", 1); + arith9(); + } + + if (fp_prime_get_qnr()) { + util_banner("Dodecic extension:", 0); + util_banner("Utilities:", 1); + memory12(); + util12(); + util_banner("Arithmetic:", 1); + arith12(); + } + + if (fp_prime_get_cnr()) { + util_banner("Octodecic extension:", 0); + util_banner("Utilities:", 1); + memory18(); + util18(); + + util_banner("Arithmetic:", 1); + arith18(); + } + + if (fp_prime_get_qnr()) { + util_banner("Extension of degree 24:", 0); + util_banner("Utilities:", 1); + memory24(); + util24(); + util_banner("Arithmetic:", 1); + arith24(); + + util_banner("Extension of degree 48:", 0); + util_banner("Utilities:", 1); + memory48(); + util48(); + util_banner("Arithmetic:", 1); + arith48(); + } + + if (fp_prime_get_cnr()) { + util_banner("Extension of degree 54:", 0); + util_banner("Utilities:", 1); + memory54(); + util54(); + util_banner("Arithmetic:", 1); + arith54(); + } + + core_clean(); + return 0; +} diff --git a/depends/relic/bench/bench_md.c b/depends/relic/bench/bench_md.c new file mode 100644 index 00000000000000..118afc0c4d20e5 --- /dev/null +++ b/depends/relic/bench/bench_md.c @@ -0,0 +1,63 @@ +/* + * RELIC is an Efficient LIbrary for Cryptography + * Copyright (c) 2021 RELIC Authors + * + * This file is part of RELIC. RELIC is legal property of its developers, + * whose names are not listed here. Please refer to the COPYRIGHT file + * for contact information. + * + * RELIC is free software; you can redistribute it and/or modify it under the + * terms of the version 2.1 (or later) of the GNU Lesser General Public License + * as published by the Free Software Foundation; or version 2.0 of the Apache + * License as published by the Apache Software Foundation. See the LICENSE files + * for more details. + * + * RELIC is distributed in the hope that it will be useful, but WITHOUT ANY + * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + * A PARTICULAR PURPOSE. See the LICENSE files for more details. + * + * You should have received a copy of the GNU Lesser General Public or the + * Apache License along with RELIC. If not, see + * or . + */ + +/** + * @file + * + * Benchmarks for hash functions. + * + * @ingroup md + */ + +#include + +#include "relic.h" +#include "relic_bench.h" + +static void hash(void) { + uint8_t hash[RLC_MD_LEN], buf[256]; + const uint8_t *dst = (const uint8_t *)"RELIC"; + + BENCH_RUN("md_map (256)") { + rand_bytes(buf, sizeof(buf)); + BENCH_ADD(md_map(hash, buf, sizeof(buf))); + } BENCH_END; + + BENCH_RUN("md_xmd (256)") { + rand_bytes(buf, sizeof(buf)); + BENCH_ADD(md_xmd(buf, sizeof(buf), buf, sizeof(buf), dst, 5)); + } BENCH_END; +} + +int main(void) { + if (core_init() != RLC_OK) { + core_clean(); + return 1; + } + + conf_print(); + util_banner("Benchmarks for the MD module:\n", 0); + hash(); + core_clean(); + return 0; +} diff --git a/depends/relic/bench/bench_mpc.c b/depends/relic/bench/bench_mpc.c new file mode 100644 index 00000000000000..31cd1035948d6d --- /dev/null +++ b/depends/relic/bench/bench_mpc.c @@ -0,0 +1,311 @@ +/* + * RELIC is an Efficient LIbrary for Cryptography + * Copyright (c) 2020 RELIC Authors + * + * This file is part of RELIC. RELIC is legal property of its developers, + * whose names are not listed here. Please refer to the COPYRIGHT file + * for contact information. + * + * RELIC is free software; you can redistribute it and/or modify it under the + * terms of the version 2.1 (or later) of the GNU Lesser General Public License + * as published by the Free Software Foundation; or version 2.0 of the Apache + * License as published by the Apache Software Foundation. See the LICENSE files + * for more details. + * + * RELIC is distributed in the hope that it will be useful, but WITHOUT ANY + * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + * A PARTICULAR PURPOSE. See the LICENSE files for more details. + * + * You should have received a copy of the GNU Lesser General Public or the + * Apache License along with RELIC. If not, see + * or . + */ + +/** + * @file + * + * Benchmarks for random number generation. + * + * @ingroup rand + */ + +#include + +#include "relic.h" +#include "relic_bench.h" + +static void mul_triple(void) { + bn_t order, d[2], e[2], x[2], y[2]; + mt_t tri[2]; + + bn_null(order); + mt_null(tri[0]); + mt_null(tri[1]); + + bn_new(order); + mt_new(tri[0]); + mt_new(tri[1]); + for (int j = 0; j < 2; j++) { + bn_null(d[j]); + bn_null(e[j]); + bn_null(x[j]); + bn_null(y[j]); + bn_new(d[j]); + bn_new(e[j]); + bn_new(x[j]); + bn_new(y[j]); + } + + bn_gen_prime(order, RLC_BN_BITS); + + BENCH_RUN("mt_gen") { + BENCH_ADD(mt_gen(tri, order)); + } BENCH_END; + + BENCH_RUN("mt_mul_lcl") { + BENCH_ADD(mt_mul_lcl(d[0], e[0], x[0], y[0], order, tri[0])); + BENCH_ADD(mt_mul_lcl(d[1], e[1], x[1], y[1], order, tri[1])); + } BENCH_DIV(2); + + BENCH_RUN("mt_mul_bct") { + BENCH_ADD(mt_mul_bct(d, e, order);); + } BENCH_END; + + BENCH_RUN("mt_mul_mpc") { + BENCH_ADD(mt_mul_mpc(d[0], d[0], e[0], order, tri[0], 0);); + BENCH_ADD(mt_mul_mpc(d[1], d[1], e[1], order, tri[1], 1);); + } BENCH_DIV(2); + + bn_free(order); + mt_free(tri[0]); + mt_free(tri[1]); + for (int j = 0; j < 2; j++) { + bn_free(d[j]); + bn_free(e[j]); + bn_free(x[j]); + bn_free(y[j]); + } +} + +static void pair_triple(void) { + g1_t d[2], p[2], _p; + g2_t e[2], q[2], _q; + gt_t f[2], r[2], _r; + bn_t k[2], l[2], n; + mt_t tri[2]; + pt_t t[2]; + + g1_null(_p); + g2_null(_q); + gt_null(_r); + bn_null(n); + + g1_new(_p); + g2_new(_q); + gt_new(_r); + bn_new(n); + for (int j = 0; j < 2; j++) { + g1_null(d[j]); + g2_null(e[j]); + bn_null(k[j]); + bn_null(l[j]); + g1_null(p[j]); + g2_null(q[j]); + gt_null(r[j]); + mt_null(tri[j]); + pt_null(t[j]); + g1_new(d[j]); + g2_new(e[j]); + bn_new(k[j]); + bn_new(l[j]); + g1_new(p[j]); + g2_new(q[j]); + gt_new(r[j]); + gt_new(f[j]); + mt_new(tri[j]); + pt_new(t[j]); + } + + g1_get_ord(n); + + mt_gen(tri, n); + BENCH_RUN("g1_mul") { + /* Generate random inputs. */ + g1_rand(p[0]); + bn_rand_mod(k[0], n); + BENCH_ADD(g1_mul(_p, p[0], k[0])); + } BENCH_END; + + /* Secret share inputs. */ + g1_rand(p[1]); + g1_sub(p[0], p[0], p[1]); + g1_norm(p[0], p[0]); + bn_rand_mod(k[1], n); + bn_sub(k[0], k[0], k[1]); + if (bn_sign(k[0]) == RLC_NEG) { + bn_add(k[0], k[0], n); + } + bn_mod(k[0], k[0], n); + tri[0]->b1 = tri[0]->c1 = &p[0]; + tri[1]->b1 = tri[1]->c1 = &p[1]; + + BENCH_RUN("g1_mul_lcl") { + BENCH_ADD(g1_mul_lcl(l[0], d[0], k[0], p[0], tri[0])); + BENCH_ADD(g1_mul_lcl(l[1], d[1], k[1], p[1], tri[1])) + } BENCH_DIV(2); + + BENCH_RUN("g1_mul_bct") { + BENCH_ADD(g1_mul_bct(l, d)); + } BENCH_END; + + BENCH_RUN("g1_mul_mpc") { + BENCH_ADD(g1_mul_mpc(d[0], l[0], d[0], tri[0], 0)); + BENCH_ADD(g1_mul_mpc(d[1], l[1], d[1], tri[1], 1)); + } BENCH_DIV(2); + + mt_gen(tri, n); + BENCH_RUN("g2_mul") { + /* Generate random inputs. */ + g2_rand(q[0]); + bn_rand_mod(k[0], n); + BENCH_ADD(g2_mul(_q, q[0], k[0])); + } BENCH_END; + /* Secret share inputs. */ + g2_rand(q[1]); + g2_sub(q[0], q[0], q[1]); + g2_norm(q[0], q[0]); + bn_rand_mod(k[1], n); + bn_sub(k[0], k[0], k[1]); + if (bn_sign(k[0]) == RLC_NEG) { + bn_add(k[0], k[0], n); + } + bn_mod(k[0], k[0], n); + tri[0]->b2 = tri[0]->c2 = &q[0]; + tri[1]->b2 = tri[1]->c2 = &q[1]; + + BENCH_RUN("g2_mul_lcl") { + BENCH_ADD(g2_mul_lcl(l[0], e[0], k[0], q[0], tri[0])); + BENCH_ADD(g2_mul_lcl(l[1], e[1], k[1], q[1], tri[1])); + } BENCH_DIV(2); + + BENCH_RUN("g2_mul_bct") { + BENCH_ADD(g2_mul_bct(l, e)); + } BENCH_END; + + BENCH_RUN("g2_mul_mpc") { + BENCH_ADD(g2_mul_mpc(e[0], l[0], e[0], tri[0], 0)); + BENCH_ADD(g2_mul_mpc(e[1], l[1], e[1], tri[1], 1)); + } BENCH_DIV(2); + + mt_gen(tri, n); + BENCH_RUN("gt_exp") { + /* Generate random inputs. */ + gt_rand(r[0]); + bn_rand_mod(k[0], n); + BENCH_ADD(gt_exp(_r, r[0], k[0])); + } BENCH_END; + /* Secret share inputs. */ + gt_rand(r[1]); + gt_mul(r[0], r[0], r[1]); + gt_inv(r[1], r[1]); + bn_rand_mod(k[1], n); + bn_sub(k[0], k[0], k[1]); + if (bn_sign(k[0]) == RLC_NEG) { + bn_add(k[0], k[0], n); + } + bn_mod(k[0], k[0], n); + tri[0]->bt = tri[0]->ct = &r[0]; + tri[1]->bt = tri[1]->ct = &r[1]; + + BENCH_RUN("gt_exp_lcl") { + BENCH_ADD(gt_exp_lcl(l[0], f[0], k[0], r[0], tri[0])); + BENCH_ADD(gt_exp_lcl(l[1], f[1], k[1], r[1], tri[1])); + } BENCH_DIV(2); + + BENCH_RUN("gt_exp_bct") { + BENCH_ADD(gt_exp_bct(l, f)); + } BENCH_END; + + BENCH_RUN("gt_exp_mpc") { + BENCH_ADD(gt_exp_mpc(f[0], l[0], f[0], tri[0], 0)); + BENCH_ADD(gt_exp_mpc(f[1], l[1], f[1], tri[1], 1)); + } BENCH_DIV(2); + + /* Generate random inputs and triple. */ + pc_map_tri(t); + BENCH_RUN("pc_map") { + g1_rand(p[0]); + g2_rand(q[0]); + BENCH_ADD(pc_map(r[0], p[0], q[0])); + } BENCH_END; + /* Secret share inputs. */ + g1_rand(p[1]); + g1_sub(p[0], p[0], p[1]); + g1_norm(p[0], p[0]); + g2_rand(q[1]); + g2_sub(q[0], q[0], q[1]); + g2_norm(q[0], q[0]); + + BENCH_RUN("pc_map_lcl") { + BENCH_ADD(pc_map_lcl(d[0], e[0], p[0], q[0], t[0])); + BENCH_ADD(pc_map_lcl(d[1], e[1], p[1], q[1], t[1])); + } BENCH_DIV(2); + + BENCH_RUN("pc_map_bct") { + BENCH_ADD(pc_map_bct(d, e)); + } BENCH_END; + + BENCH_RUN("pc_map_mpc") { + BENCH_ADD(pc_map_mpc(r[0], d[0], e[0], t[0], 0)); + BENCH_ADD(pc_map_mpc(r[1], d[1], e[1], t[1], 1)); + } BENCH_DIV(2); + + g1_free(_p); + g2_free(_q); + gt_free(_r); + bn_free(n); + for (int j = 0; j < 2; j++) { + g1_free(d[j]); + g2_free(e[j]); + bn_free(k[j]); + bn_free(l[j]); + g1_free(p[j]); + g2_free(q[j]); + gt_free(r[j]); + gt_free(f[j]); + pt_free(t[j]); + mt_free(tri[j]); + } +} + +int main(void) { + if (core_init() != RLC_OK) { + core_clean(); + return 1; + } + + conf_print(); + util_banner("Benchmarks for the MPC module:", 0); + util_banner("Utilities:\n", 0); + +#if defined(WITH_BN) + mul_triple(); +#endif + +#if defined(WITH_PC) + if (pc_param_set_any() != RLC_OK) { + RLC_THROW(ERR_NO_CURVE); + core_clean(); + return 0; + } + + pc_param_print(); + + util_banner("Arithmetic:", 1); + + pair_triple(); +#endif + + core_clean(); + return 0; +} diff --git a/depends/relic/bench/bench_pc.c b/depends/relic/bench/bench_pc.c new file mode 100755 index 00000000000000..ed805a95394d34 --- /dev/null +++ b/depends/relic/bench/bench_pc.c @@ -0,0 +1,802 @@ +/* + * RELIC is an Efficient LIbrary for Cryptography + * Copyright (c) 2010 RELIC Authors + * + * This file is part of RELIC. RELIC is legal property of its developers, + * whose names are not listed here. Please refer to the COPYRIGHT file + * for contact information. + * + * RELIC is free software; you can redistribute it and/or modify it under the + * terms of the version 2.1 (or later) of the GNU Lesser General Public License + * as published by the Free Software Foundation; or version 2.0 of the Apache + * License as published by the Apache Software Foundation. See the LICENSE files + * for more details. + * + * RELIC is distributed in the hope that it will be useful, but WITHOUT ANY + * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + * A PARTICULAR PURPOSE. See the LICENSE files for more details. + * + * You should have received a copy of the GNU Lesser General Public or the + * Apache License along with RELIC. If not, see + * or . + */ + +/** + * @file + * + * Benchmarks for Pairing-Based Cryptography. + * + * @ingroup bench + */ + +#include + +#include "relic.h" +#include "relic_bench.h" + +static void memory1(void) { + g1_t a[BENCH]; + + BENCH_FEW("g1_null", g1_null(a[i]), 1); + + BENCH_FEW("g1_new", g1_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + g1_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + g1_new(a[i]); + } + BENCH_FEW("g1_free", g1_free(a[i]), 1); + + (void)a; +} + +static void util1(void) { + g1_t p, q; + uint8_t bin[2 * RLC_PC_BYTES + 1]; + int l; + + g1_null(p); + g1_null(q); + + g1_new(p); + g1_new(q); + + BENCH_RUN("g1_is_infty") { + g1_rand(p); + BENCH_ADD(g1_is_infty(p)); + } + BENCH_END; + + BENCH_RUN("g1_set_infty") { + g1_rand(p); + BENCH_ADD(g1_set_infty(p)); + } + BENCH_END; + + BENCH_RUN("g1_copy") { + g1_rand(p); + g1_rand(q); + BENCH_ADD(g1_copy(p, q)); + } + BENCH_END; + + BENCH_RUN("g1_cmp") { + g1_rand(p); + g1_dbl(p, p); + g1_rand(q); + g1_dbl(q, q); + BENCH_ADD(g1_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("g1_cmp (1 norm)") { + g1_rand(p); + g1_dbl(p, p); + g1_rand(q); + BENCH_ADD(g1_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("g1_cmp (2 norm)") { + g1_rand(p); + g1_rand(q); + BENCH_ADD(g1_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("g1_rand") { + BENCH_ADD(g1_rand(p)); + } + BENCH_END; + + BENCH_RUN("g1_is_valid") { + g1_rand(p); + BENCH_ADD(g1_is_valid(p)); + } BENCH_END; + + BENCH_RUN("g1_size_bin (0)") { + g1_rand(p); + BENCH_ADD(g1_size_bin(p, 0)); + } BENCH_END; + + BENCH_RUN("g1_size_bin (1)") { + g1_rand(p); + BENCH_ADD(g1_size_bin(p, 1)); + } BENCH_END; + + BENCH_RUN("g1_write_bin (0)") { + g1_rand(p); + l = g1_size_bin(p, 0); + BENCH_ADD(g1_write_bin(bin, l, p, 0)); + } BENCH_END; + + BENCH_RUN("g1_write_bin (1)") { + g1_rand(p); + l = g1_size_bin(p, 1); + BENCH_ADD(g1_write_bin(bin, l, p, 1)); + } BENCH_END; + + BENCH_RUN("g1_read_bin (0)") { + g1_rand(p); + l = g1_size_bin(p, 0); + g1_write_bin(bin, l, p, 0); + BENCH_ADD(g1_read_bin(p, bin, l)); + } BENCH_END; + + BENCH_RUN("g1_read_bin (1)") { + g1_rand(p); + l = g1_size_bin(p, 1); + g1_write_bin(bin, l, p, 1); + BENCH_ADD(g1_read_bin(p, bin, l)); + } BENCH_END; +} + +static void arith1(void) { + g1_t p, q, r, t[RLC_G1_TABLE]; + bn_t k, l, n; + + g1_null(p); + g1_null(q); + g1_null(r); + for (int i = 0; i < RLC_G1_TABLE; i++) { + g1_null(t[i]); + } + + g1_new(p); + g1_new(q); + g1_new(r); + bn_new(k); + bn_new(n); + bn_new(l); + + pc_get_ord(n); + + BENCH_RUN("g1_add") { + g1_rand(p); + g1_rand(q); + g1_add(p, p, q); + g1_rand(q); + g1_rand(p); + g1_add(q, q, p); + BENCH_ADD(g1_add(r, p, q)); + } + BENCH_END; + + BENCH_RUN("g1_sub") { + g1_rand(p); + g1_rand(q); + g1_add(p, p, q); + g1_rand(q); + g1_rand(p); + g1_add(q, q, p); + BENCH_ADD(g1_sub(r, p, q)); + } + BENCH_END; + + BENCH_RUN("g1_dbl") { + g1_rand(p); + g1_rand(q); + g1_add(p, p, q); + BENCH_ADD(g1_dbl(r, p)); + } + BENCH_END; + + BENCH_RUN("g1_neg") { + g1_rand(p); + g1_rand(q); + g1_add(p, p, q); + BENCH_ADD(g1_neg(r, p)); + } + BENCH_END; + + BENCH_RUN("g1_mul") { + bn_rand(k, RLC_POS, bn_bits(n)); + bn_rand_mod(k, n); + g1_rand(p); + BENCH_ADD(g1_mul(q, p, k)); + } + BENCH_END; + + BENCH_RUN("g1_mul_gen") { + bn_rand(k, RLC_POS, bn_bits(n)); + bn_rand_mod(k, n); + BENCH_ADD(g1_mul_gen(q, k)); + } + BENCH_END; + + for (int i = 0; i < RLC_G1_TABLE; i++) { + g1_new(t[i]); + } + + BENCH_RUN("g1_mul_pre") { + BENCH_ADD(g1_mul_pre(t, p)); + } + BENCH_END; + + BENCH_RUN("g1_mul_fix") { + bn_rand(k, RLC_POS, bn_bits(n)); + bn_rand_mod(k, n); + g1_mul_pre(t, p); + BENCH_ADD(g1_mul_fix(q, (const g1_t *)t, k)); + } + BENCH_END; + + BENCH_RUN("g1_mul_sim") { + bn_rand(k, RLC_POS, bn_bits(n)); + bn_rand_mod(k, n); + bn_rand_mod(l, n); + g1_rand(p); + g1_rand(q); + BENCH_ADD(g1_mul_sim(r, p, k, q, l)); + } + BENCH_END; + + BENCH_RUN("g1_mul_sim_gen") { + bn_rand(k, RLC_POS, bn_bits(n)); + bn_rand_mod(k, n); + bn_rand_mod(l, n); + g1_rand(q); + BENCH_ADD(g1_mul_sim_gen(r, k, q, l)); + } + BENCH_END; + + BENCH_RUN("g1_mul_dig") { + bn_rand(k, RLC_POS, bn_bits(n)); + bn_rand_mod(k, n); + g1_rand(p); + BENCH_ADD(g1_mul_dig(q, p, k->dp[0])); + } + BENCH_END; + + BENCH_RUN("g1_map") { + uint8_t msg[5]; + rand_bytes(msg, 5); + BENCH_ADD(g1_map(p, msg, 5)); + } BENCH_END; + + g1_free(p); + g1_free(q); + bn_free(k); + bn_free(l); + bn_free(n); + for (int i = 0; i < RLC_G1_TABLE; i++) { + g1_free(t[i]); + } +} + +static void memory2(void) { + g2_t a[BENCH]; + + BENCH_FEW("g2_null", g2_null(a[i]), 1); + + BENCH_FEW("g2_new", g2_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + g2_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + g2_new(a[i]); + } + BENCH_FEW("g2_free", g2_free(a[i]), 1); + + (void)a; +} + +static void util2(void) { + g2_t p, q; + uint8_t bin[8 * RLC_PC_BYTES + 1]; + int l; + + g2_null(p); + g2_null(q); + + g2_new(p); + g2_new(q); + + BENCH_RUN("g2_is_infty") { + g2_rand(p); + BENCH_ADD(g2_is_infty(p)); + } + BENCH_END; + + BENCH_RUN("g2_set_infty") { + g2_rand(p); + BENCH_ADD(g2_set_infty(p)); + } + BENCH_END; + + BENCH_RUN("g2_copy") { + g2_rand(p); + g2_rand(q); + BENCH_ADD(g2_copy(p, q)); + } + BENCH_END; + + BENCH_RUN("g2_cmp") { + g2_rand(p); + g2_dbl(p, p); + g2_rand(q); + g2_dbl(q, q); + BENCH_ADD(g2_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("g2_cmp (1 norm)") { + g2_rand(p); + g2_dbl(p, p); + g2_rand(q); + BENCH_ADD(g2_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("g2_cmp (2 norm)") { + g2_rand(p); + g2_rand(q); + BENCH_ADD(g2_cmp(p, q)); + } BENCH_END; + + BENCH_RUN("g2_rand") { + BENCH_ADD(g2_rand(p)); + } + BENCH_END; + + BENCH_RUN("g2_is_valid") { + BENCH_ADD(g2_is_valid(p)); + } + BENCH_END; + + BENCH_RUN("g2_size_bin (0)") { + g2_rand(p); + BENCH_ADD(g2_size_bin(p, 0)); + } BENCH_END; + + BENCH_RUN("g2_size_bin (1)") { + g2_rand(p); + BENCH_ADD(g2_size_bin(p, 1)); + } BENCH_END; + + BENCH_RUN("g2_write_bin (0)") { + g2_rand(p); + l = g2_size_bin(p, 0); + BENCH_ADD(g2_write_bin(bin, l, p, 0)); + } BENCH_END; + + BENCH_RUN("g2_write_bin (1)") { + g2_rand(p); + l = g2_size_bin(p, 1); + BENCH_ADD(g2_write_bin(bin, l, p, 1)); + } BENCH_END; + + BENCH_RUN("g2_read_bin (0)") { + g2_rand(p); + l = g2_size_bin(p, 0); + g2_write_bin(bin, l, p, 0); + BENCH_ADD(g2_read_bin(p, bin, l)); + } BENCH_END; + + BENCH_RUN("g2_read_bin (1)") { + g2_rand(p); + l = g2_size_bin(p, 1); + g2_write_bin(bin, l, p, 1); + BENCH_ADD(g2_read_bin(p, bin, l)); + } BENCH_END; + + g2_free(p) + g2_free(q); +} + +static void arith2(void) { + g2_t p, q, r, t[RLC_G2_TABLE]; + bn_t k, l, n; + + g2_null(p); + g2_null(q); + g2_null(r); + for (int i = 0; i < RLC_G2_TABLE; i++) { + g2_null(t[i]); + } + + g2_new(p); + g2_new(q); + g2_new(r); + bn_new(k); + bn_new(n); + bn_new(l); + + pc_get_ord(n); + + BENCH_RUN("g2_add") { + g2_rand(p); + g2_rand(q); + g2_add(p, p, q); + g2_rand(q); + g2_rand(p); + g2_add(q, q, p); + BENCH_ADD(g2_add(r, p, q)); + } + BENCH_END; + + BENCH_RUN("g2_sub") { + g2_rand(p); + g2_rand(q); + g2_add(p, p, q); + g2_rand(q); + g2_rand(p); + g2_add(q, q, p); + BENCH_ADD(g2_sub(r, p, q)); + } + BENCH_END; + + BENCH_RUN("g2_dbl") { + g2_rand(p); + g2_rand(q); + g2_add(p, p, q); + BENCH_ADD(g2_dbl(r, p)); + } + BENCH_END; + + BENCH_RUN("g2_neg") { + g2_rand(p); + g2_rand(q); + g2_add(p, p, q); + BENCH_ADD(g2_neg(r, p)); + } + BENCH_END; + + BENCH_RUN("g2_mul") { + bn_rand(k, RLC_POS, bn_bits(n)); + bn_rand_mod(k, n); + g2_rand(p); + BENCH_ADD(g2_mul(q, p, k)); + } + BENCH_END; + + BENCH_RUN("g2_mul_gen") { + bn_rand(k, RLC_POS, bn_bits(n)); + bn_rand_mod(k, n); + BENCH_ADD(g2_mul_gen(q, k)); + } + BENCH_END; + + for (int i = 0; i < RLC_G1_TABLE; i++) { + g2_new(t[i]); + } + + BENCH_RUN("g2_mul_pre") { + BENCH_ADD(g2_mul_pre(t, p)); + } + BENCH_END; + + BENCH_RUN("g2_mul_fix") { + bn_rand(k, RLC_POS, bn_bits(n)); + bn_rand_mod(k, n); + g2_mul_pre(t, p); + BENCH_ADD(g2_mul_fix(q, t, k)); + } + BENCH_END; + + BENCH_RUN("g2_mul_sim") { + bn_rand(k, RLC_POS, bn_bits(n)); + bn_rand_mod(k, n); + bn_rand_mod(l, n); + g2_rand(p); + g2_rand(q); + BENCH_ADD(g2_mul_sim(r, p, k, q, l)); + } + BENCH_END; + + BENCH_RUN("g2_mul_sim_gen") { + bn_rand(k, RLC_POS, bn_bits(n)); + bn_rand_mod(k, n); + bn_rand_mod(l, n); + g2_rand(q); + BENCH_ADD(g2_mul_sim_gen(r, k, q, l)); + } + BENCH_END; + + BENCH_RUN("g2_mul_dig") { + bn_rand(k, RLC_POS, bn_bits(n)); + bn_rand_mod(k, n); + g2_rand(p); + BENCH_ADD(g2_mul_dig(q, p, k->dp[0])); + } + BENCH_END; + +#if FP_PRIME != 509 + BENCH_RUN("g2_map") { + uint8_t msg[5]; + rand_bytes(msg, 5); + BENCH_ADD(g2_map(p, msg, 5)); + } BENCH_END; +#endif + + g2_free(p); + g2_free(q); + bn_free(k); + bn_free(l); + bn_free(n); + for (int i = 0; i < RLC_G1_TABLE; i++) { + g2_free(t[i]); + } +} + +static void memory(void) { + gt_t a[BENCH]; + + BENCH_FEW("gt_null", gt_null(a[i]), 1); + + BENCH_FEW("gt_new", gt_new(a[i]), 1); + for (int i = 0; i < BENCH; i++) { + gt_free(a[i]); + } + + for (int i = 0; i < BENCH; i++) { + gt_new(a[i]); + } + BENCH_FEW("gt_free", gt_free(a[i]), 1); + + (void)a; +} + +static void util(void) { + gt_t a, b; + uint8_t bin[12 * RLC_PC_BYTES]; + int l; + + gt_null(a); + gt_null(b); + + gt_new(a); + gt_new(b); + + BENCH_RUN("gt_copy") { + gt_rand(a); + BENCH_ADD(gt_copy(b, a)); + } + BENCH_END; + + BENCH_RUN("gt_zero") { + gt_rand(a); + BENCH_ADD(gt_zero(a)); + } + BENCH_END; + + BENCH_RUN("gt_set_unity") { + gt_rand(a); + BENCH_ADD(gt_set_unity(a)); + } + BENCH_END; + + BENCH_RUN("gt_is_unity") { + gt_rand(a); + BENCH_ADD((void)gt_is_unity(a)); + } + BENCH_END; + + BENCH_RUN("gt_rand") { + BENCH_ADD(gt_rand(a)); + } + BENCH_END; + + BENCH_RUN("gt_cmp") { + gt_rand(a); + gt_rand(b); + BENCH_ADD(gt_cmp(b, a)); + } + BENCH_END; + + BENCH_RUN("gt_size_bin (0)") { + gt_rand(a); + BENCH_ADD(gt_size_bin(a, 0)); + } BENCH_END; + + BENCH_RUN("gt_write_bin (0)") { + gt_rand(a); + l = gt_size_bin(a, 0); + BENCH_ADD(gt_write_bin(bin, l, a, 0)); + } BENCH_END; + + BENCH_RUN("gt_read_bin (0)") { + gt_rand(a); + l = gt_size_bin(a, 0); + gt_write_bin(bin, l, a, 0); + BENCH_ADD(gt_read_bin(a, bin, l)); + } BENCH_END; + + if (ep_param_embed() == 12) { + BENCH_RUN("gt_size_bin (1)") { + gt_rand(a); + BENCH_ADD(gt_size_bin(a, 1)); + } BENCH_END; + + BENCH_RUN("gt_write_bin (1)") { + gt_rand(a); + l = gt_size_bin(a, 1); + BENCH_ADD(gt_write_bin(bin, l, a, 1)); + } BENCH_END; + + BENCH_RUN("gt_read_bin (1)") { + gt_rand(a); + l = gt_size_bin(a, 1); + gt_write_bin(bin, l, a, 1); + BENCH_ADD(gt_read_bin(a, bin, l)); + } BENCH_END; + } + + BENCH_RUN("gt_is_valid") { + gt_rand(a); + BENCH_ADD(gt_is_valid(a)); + } BENCH_END; + + gt_free(a); + gt_free(b); +} + +static void arith(void) { + gt_t a, b, c; + bn_t d, e, f; + + gt_new(a); + gt_new(b); + gt_new(c); + bn_new(d); + bn_new(e); + bn_new(f); + + BENCH_RUN("gt_mul") { + gt_rand(a); + gt_rand(b); + BENCH_ADD(gt_mul(c, a, b)); + } + BENCH_END; + + BENCH_RUN("gt_sqr") { + gt_rand(a); + gt_rand(b); + BENCH_ADD(gt_sqr(c, a)); + } + BENCH_END; + + BENCH_RUN("gt_inv") { + gt_rand(a); + BENCH_ADD(gt_inv(c, a)); + } + BENCH_END; + + BENCH_RUN("gt_exp") { + gt_rand(a); + pc_get_ord(d); + bn_rand_mod(e, d); + BENCH_ADD(gt_exp(c, a, e)); + } + BENCH_END; + + BENCH_RUN("gt_exp_sim") { + gt_rand(a); + gt_rand(b); + gt_get_ord(d); + bn_rand_mod(e, d); + bn_rand_mod(f, d); + BENCH_ADD(gt_exp_sim(c, a, e, b, f)); + } + BENCH_END; + + BENCH_RUN("gt_exp_dig") { + gt_rand(a); + pc_get_ord(d); + bn_rand(e, RLC_POS, bn_bits(d)); + BENCH_ADD(gt_exp_dig(c, a, e->dp[0])); + } + BENCH_END; + + gt_free(a); + gt_free(b); + gt_free(c); + bn_free(d); + bn_free(e); + bn_free(f); +} + +static void pairing(void) { + g1_t p[2]; + g2_t q[2]; + gt_t r; + + g1_new(p[0]); + g2_new(q[0]); + g1_new(p[1]); + g2_new(q[1]); + gt_new(r); + + BENCH_RUN("pc_map") { + g1_rand(p[0]); + g2_rand(q[0]); + BENCH_ADD(pc_map(r, p[0], q[0])); + } + BENCH_END; + + BENCH_RUN("pc_exp") { + gt_rand(r); + BENCH_ADD(pc_exp(r, r)); + } + BENCH_END; + + BENCH_RUN("pc_map_sim (2)") { + g1_rand(p[1]); + g2_rand(q[1]); + BENCH_ADD(pc_map_sim(r, p, q, 2)); + } + BENCH_END; + + g1_free(p[0]); + g2_free(q[0]); + g1_free(p[1]); + g2_free(q[1]); + gt_free(r); +} + +int main(void) { + if (core_init() != RLC_OK) { + core_clean(); + return 1; + } + + conf_print(); + util_banner("Benchmarks for the PC module:", 0); + + if (pc_param_set_any() != RLC_OK) { + RLC_THROW(ERR_NO_CURVE); + core_clean(); + return 0; + } + + pc_param_print(); + + util_banner("Group G_1:", 0); + util_banner("Utilities:", 1); + memory1(); + util1(); + + util_banner("Arithmetic:", 1); + arith1(); + + util_banner("Group G_2:", 0); + util_banner("Utilities:", 1); + memory2(); + util2(); + + util_banner("Arithmetic:", 1); + arith2(); + + util_banner("Group G_T:", 0); + util_banner("Utilities:", 1); + memory(); + util(); + + util_banner("Arithmetic:", 1); + arith(); + + util_banner("Pairing:", 0); + util_banner("Arithmetic:", 1); + pairing(); + + core_clean(); + return 0; +} diff --git a/depends/relic/bench/bench_pp.c b/depends/relic/bench/bench_pp.c new file mode 100644 index 00000000000000..01bb27e77abc9b --- /dev/null +++ b/depends/relic/bench/bench_pp.c @@ -0,0 +1,794 @@ +/* + * RELIC is an Efficient LIbrary for Cryptography + * Copyright (c) 2010 RELIC Authors + * + * This file is part of RELIC. RELIC is legal property of its developers, + * whose names are not listed here. Please refer to the COPYRIGHT file + * for contact information. + * + * RELIC is free software; you can redistribute it and/or modify it under the + * terms of the version 2.1 (or later) of the GNU Lesser General Public License + * as published by the Free Software Foundation; or version 2.0 of the Apache + * License as published by the Apache Software Foundation. See the LICENSE files + * for more details. + * + * RELIC is distributed in the hope that it will be useful, but WITHOUT ANY + * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + * A PARTICULAR PURPOSE. See the LICENSE files for more details. + * + * You should have received a copy of the GNU Lesser General Public or the + * Apache License along with RELIC. If not, see + * or . + */ + +/** + * @file + * + * Benchmarks for pairings defined over prime elliptic curves. + * + * @ingroup bench + */ + +#include + +#include "relic.h" +#include "relic_bench.h" + +static void pairing2(void) { + bn_t k, n, l; + ep_t p[2], q[2]; + fp2_t e; + int j; + + bn_null(k); + bn_null(n); + bn_null(l); + fp2_null(e); + + bn_new(k); + bn_new(n); + bn_new(l); + fp2_new(e); + + for (j = 0; j < 2; j++) { + ep_null(p[j]); + ep_null(q[j]); + ep_new(p[0]); + ep_new(q[0]); + } + + ep_curve_get_ord(n); + + BENCH_RUN("pp_add_k2") { + ep_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_add_k2(e, p[0], p[0], q[0])); + } + BENCH_END; + +#if EP_ADD == BASIC || !defined(STRIP) + BENCH_RUN("pp_add_k2_basic") { + ep_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_add_k2_basic(e, p[0], p[0], q[0])); + } + BENCH_END; +#endif + +#if EP_ADD == PROJC || !defined(STRIP) + + BENCH_RUN("pp_add_k2_projc") { + ep_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_add_k2_projc(e, p[0], p[0], q[0])); + } + BENCH_END; + +#if PP_EXT == BASIC || !defined(STRIP) + BENCH_RUN("pp_add_k2_projc_basic") { + ep_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_add_k2_projc_basic(e, p[0], p[0], q[0])); + } + BENCH_END; +#endif + +#if PP_EXT == LAZYR || !defined(STRIP) + BENCH_RUN("pp_add_k2_projc_lazyr") { + ep_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_add_k2_projc_lazyr(e, p[0], p[0], q[0])); + } + BENCH_END; +#endif + +#endif + + BENCH_RUN("pp_dbl_k2") { + ep_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_dbl_k2(e, p[0], p[0], q[0])); + } + BENCH_END; + +#if EP_ADD == BASIC || !defined(STRIP) + BENCH_RUN("pp_dbl_k2_basic") { + ep_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_dbl_k2_basic(e, p[0], p[0], q[0])); + } + BENCH_END; +#endif + +#if EP_ADD == PROJC || !defined(STRIP) + + BENCH_RUN("pp_dbl_k2_projc") { + ep_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_dbl_k2_projc(e, p[0], p[0], q[0])); + } + BENCH_END; + +#if PP_EXT == BASIC || !defined(STRIP) + BENCH_RUN("pp_dbl_k2_projc_basic") { + ep_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_dbl_k2_projc_basic(e, p[0], p[0], q[0])); + } + BENCH_END; +#endif + +#if PP_EXT == LAZYR || !defined(STRIP) + BENCH_RUN("pp_dbl_k2_projc_lazyr") { + ep_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_dbl_k2_projc_lazyr(e, p[0], p[0], q[0])); + } + BENCH_END; +#endif + +#endif + BENCH_RUN("pp_exp_k2") { + fp2_rand(e); + BENCH_ADD(pp_exp_k2(e, e)); + } + BENCH_END; + + BENCH_RUN("pp_map_k2") { + ep_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_map_k2(e, q[0], p[0])); + } + BENCH_END; + +#if PP_MAP == TATEP || PP_MAP == OATEP || !defined(STRIP) + BENCH_RUN("pp_map_tatep_k2") { + ep_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_map_tatep_k2(e, q[0], p[0])); + } + BENCH_END; + + BENCH_RUN("pp_map_tatep_sim_k12 (2)") { + ep_rand(p[0]); + ep_rand(q[0]); + ep_rand(p[1]); + ep_rand(q[1]); + BENCH_ADD(pp_map_sim_tatep_k2(e, q, p, 2)); + } + BENCH_END; +#endif + +#if PP_MAP == WEILP || !defined(STRIP) + BENCH_RUN("pp_map_weilp_k2") { + ep_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_map_weilp_k2(e, q[0], p[0])); + } + BENCH_END; + + BENCH_RUN("pp_map_weilp_sim_k12 (2)") { + ep_rand(p[0]); + ep_rand(q[0]); + ep_rand(p[1]); + ep_rand(q[1]); + BENCH_ADD(pp_map_sim_weilp_k2(e, q, p, 2)); + } + BENCH_END; +#endif + + bn_free(k); + bn_free(n); + bn_free(l); + fp2_free(e); + for (j = 0; j < 2; j++) { + ep_free(p[j]); + ep_free(q[j]); + } +} + +static void pairing8(void) { + bn_t k, n, l; + ep2_t p[2], r; + ep_t q[2]; + fp8_t e; + int j; + + bn_null(k); + bn_null(n); + bn_null(l); + ep2_null(r); + fp8_null(e); + + bn_new(k); + bn_new(n); + bn_new(l); + ep2_new(r); + fp8_new(e); + + for (j = 0; j < 2; j++) { + ep2_null(p[j]); + ep_null(q[j]); + ep2_new(p[0]); + ep_new(q[0]); + } + + ep2_curve_get_ord(n); + + BENCH_RUN("pp_add_k8") { + ep2_rand(p[0]); + ep2_dbl(r, p[0]); + ep2_norm(r, r); + ep_rand(q[0]); + BENCH_ADD(pp_add_k8(e, r, p[0], q[0])); + } + BENCH_END; + +#if EP_ADD == BASIC || !defined(STRIP) + BENCH_RUN("pp_add_k8_basic") { + ep2_rand(p[0]); + ep2_dbl(r, p[0]); + ep2_norm(r, r); + ep_rand(q[0]); + BENCH_ADD(pp_add_k8_basic(e, r, p[0], q[0])); + } + BENCH_END; +#endif + +#if EP_ADD == PROJC || !defined(STRIP) + BENCH_RUN("pp_add_k8_projc") { + ep2_rand(p[0]); + ep2_dbl(r, p[0]); + ep2_norm(r, r); + ep_rand(q[0]); + BENCH_ADD(pp_add_k8_projc(e, r, p[0], q[0])); + } + BENCH_END; +#endif + + BENCH_RUN("pp_dbl_k8") { + ep2_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_dbl_k8(e, p[0], p[0], q[0])); + } + BENCH_END; + +#if EP_ADD == BASIC || !defined(STRIP) + BENCH_RUN("pp_dbl_k8_basic") { + ep2_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_dbl_k8_basic(e, p[0], p[0], q[0])); + } + BENCH_END; +#endif + +#if EP_ADD == PROJC || !defined(STRIP) + BENCH_RUN("pp_dbl_k8_projc") { + ep2_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_dbl_k8_projc(e, p[0], p[0], q[0])); + } + BENCH_END; + + #if PP_EXT == BASIC || !defined(STRIP) + BENCH_RUN("pp_dbl_k8_projc_basic") { + ep2_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_dbl_k8_projc_basic(e, p[0], p[0], q[0])); + } + BENCH_END; + #endif + + #if PP_EXT == LAZYR || !defined(STRIP) + BENCH_RUN("pp_dbl_k8_projc_lazyr") { + ep2_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_dbl_k8_projc_lazyr(e, p[0], p[0], q[0])); + } + BENCH_END; + #endif +#endif + + BENCH_RUN("pp_exp_k8") { + fp8_rand(e); + BENCH_ADD(pp_exp_k8(e, e)); + } + BENCH_END; + + BENCH_RUN("pp_map_oate_k8") { + ep2_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_map_oatep_k8(e, q[0], p[0])); + } + BENCH_END; + + bn_free(k); + bn_free(n); + bn_free(l); + fp8_free(e); + ep2_free(r); + for (j = 0; j < 2; j++) { + ep2_free(p[j]); + ep_free(q[j]); + } +} + +static void pairing12(void) { + bn_t k, n, l; + ep2_t p[2], r; + ep_t q[2]; + fp12_t e; + int j; + + bn_null(k); + bn_null(n); + bn_null(l); + ep2_null(r); + fp12_null(e); + + bn_new(k); + bn_new(n); + bn_new(l); + ep2_new(r); + fp12_new(e); + + for (j = 0; j < 2; j++) { + ep2_null(p[j]); + ep_null(q[j]); + ep2_new(p[j]); + ep_new(q[j]); + } + + ep2_curve_get_ord(n); + + BENCH_RUN("pp_add_k12") { + ep2_rand(p[0]); + ep2_dbl(r, p[0]); + ep2_norm(r, r); + ep_rand(q[0]); + BENCH_ADD(pp_add_k12(e, r, p[0], q[0])); + } + BENCH_END; + +#if EP_ADD == BASIC || !defined(STRIP) + BENCH_RUN("pp_add_k12_basic") { + ep2_rand(p[0]); + ep2_dbl(r, p[0]); + ep2_norm(r, r); + ep_rand(q[0]); + BENCH_ADD(pp_add_k12_basic(e, r, p[0], q[0])); + } + BENCH_END; +#endif + +#if EP_ADD == PROJC || !defined(STRIP) + + BENCH_RUN("pp_add_k12_projc") { + ep2_rand(p[0]); + ep2_dbl(r, p[0]); + ep2_norm(r, r); + ep_rand(q[0]); + BENCH_ADD(pp_add_k12_projc(e, r, p[0], q[0])); + } + BENCH_END; + +#if PP_EXT == BASIC || !defined(STRIP) + BENCH_RUN("pp_add_k12_projc_basic") { + ep2_rand(p[0]); + ep2_dbl(r, p[0]); + ep2_norm(r, r); + ep_rand(q[0]); + BENCH_ADD(pp_add_k12_projc_basic(e, r, p[0], q[0])); + } + BENCH_END; +#endif + +#if PP_EXT == LAZYR || !defined(STRIP) + BENCH_RUN("pp_add_k12_projc_lazyr") { + ep2_rand(p[0]); + ep2_dbl(r, p[0]); + ep2_norm(r, r); + ep_rand(q[0]); + BENCH_ADD(pp_add_k12_projc_lazyr(e, r, p[0], q[0])); + } + BENCH_END; +#endif + +#endif + + BENCH_RUN("pp_dbl_k12") { + ep2_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_dbl_k12(e, p[0], p[0], q[0])); + } + BENCH_END; + +#if EP_ADD == BASIC || !defined(STRIP) + BENCH_RUN("pp_dbl_k12_basic") { + ep2_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_dbl_k12_basic(e, p[0], p[0], q[0])); + } + BENCH_END; +#endif + +#if EP_ADD == PROJC || !defined(STRIP) + + BENCH_RUN("pp_dbl_k12_projc") { + ep2_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_dbl_k12_projc(e, p[0], p[0], q[0])); + } + BENCH_END; + +#if PP_EXT == BASIC || !defined(STRIP) + BENCH_RUN("pp_dbl_k12_projc_basic") { + ep2_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_dbl_k12_projc_basic(e, p[0], p[0], q[0])); + } + BENCH_END; +#endif + +#if PP_EXT == LAZYR || !defined(STRIP) + BENCH_RUN("pp_dbl_k12_projc_lazyr") { + ep2_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_dbl_k12_projc_lazyr(e, p[0], p[0], q[0])); + } + BENCH_END; +#endif + +#endif + + BENCH_RUN("pp_exp_k12") { + fp12_rand(e); + BENCH_ADD(pp_exp_k12(e, e)); + } + BENCH_END; + + BENCH_RUN("pp_map_k12") { + ep2_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_map_k12(e, q[0], p[0])); + } + BENCH_END; + + BENCH_RUN("pp_map_sim_k12 (2)") { + ep2_rand(p[0]); + ep_rand(q[0]); + ep2_rand(p[1]); + ep_rand(q[1]); + BENCH_ADD(pp_map_sim_k12(e, q, p, 2)); + } + BENCH_END; + +#if PP_MAP == TATEP || !defined(STRIP) + BENCH_RUN("pp_map_tatep_k12") { + ep2_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_map_tatep_k12(e, q[0], p[0])); + } + BENCH_END; + + BENCH_RUN("pp_map_tatep_sim_k12 (2)") { + ep2_rand(p[0]); + ep_rand(q[0]); + ep2_rand(p[1]); + ep_rand(q[1]); + BENCH_ADD(pp_map_sim_tatep_k12(e, q, p, 2)); + } + BENCH_END; +#endif + +#if PP_MAP == WEILP || !defined(STRIP) + BENCH_RUN("pp_map_weilp_k12") { + ep2_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_map_weilp_k12(e, q[0], p[0])); + } + BENCH_END; + + BENCH_RUN("pp_map_weilp_sim_k12 (2)") { + ep2_rand(p[0]); + ep_rand(q[0]); + ep2_rand(p[1]); + ep_rand(q[1]); + BENCH_ADD(pp_map_sim_weilp_k12(e, q, p, 2)); + } + BENCH_END; +#endif + +#if PP_MAP == OATEP || !defined(STRIP) + BENCH_RUN("pp_map_oatep_k12") { + ep2_rand(p[0]); + ep_rand(q[0]); + BENCH_ADD(pp_map_oatep_k12(e, q[0], p[0])); + } + BENCH_END; +#endif + +#if PP_MAP == OATEP || !defined(STRIP) + BENCH_RUN("pp_map_sim_oatep_k12 (2)") { + ep2_rand(p[0]); + ep_rand(q[0]); + ep2_rand(p[1]); + ep_rand(q[1]); + BENCH_ADD(pp_map_sim_oatep_k12(e, q, p, 2)); + } + BENCH_END; +#endif + + bn_free(k); + bn_free(n); + bn_free(l); + fp12_free(e); + ep2_free(r); + for (j = 0; j < 2; j++) { + ep2_free(p[j]); + ep_free(q[j]); + } +} + +static void pairing48(void) { + ep_t p; + fp8_t qx, qy, qz; + fp48_t e; + + ep_null(p); + fp8_null(qx); + fp8_null(qy); + fp8_null(qz); + fp48_null(e); + + ep_new(p); + fp8_new(qx); + fp8_new(qy); + fp8_new(qz); + fp48_new(e); + + BENCH_RUN("pp_add_k48") { + fp8_rand(qx); + fp8_rand(qy); + fp8_rand(qz); + ep_rand(p); + BENCH_ADD(pp_add_k48(e, qx, qy, qz, qy, qx, p)); + } + BENCH_END; + +#if EP_ADD == BASIC || !defined(STRIP) + BENCH_RUN("pp_add_k48_basic") { + fp8_rand(qx); + fp8_rand(qy); + fp8_rand(qz); + ep_rand(p); + BENCH_ADD(pp_add_k48_basic(e, qx, qy, qy, qx, p)); + } + BENCH_END; +#endif + +#if EP_ADD == PROJC || !defined(STRIP) + BENCH_RUN("pp_add_k48_projc") { + fp8_rand(qx); + fp8_rand(qy); + fp8_rand(qz); + ep_rand(p); + BENCH_ADD(pp_add_k48_projc(e, qx, qy, qz, qx, qy, p)); + } + BENCH_END; +#endif + + BENCH_RUN("pp_dbl_k48") { + fp8_rand(qx); + fp8_rand(qy); + fp8_rand(qz); + ep_rand(p); + BENCH_ADD(pp_dbl_k48(e, qx, qy, qz, p)); + } + BENCH_END; + + #if EP_ADD == BASIC || !defined(STRIP) + BENCH_RUN("pp_dbl_k48_basic") { + fp8_rand(qx); + fp8_rand(qy); + ep_rand(p); + BENCH_ADD(pp_dbl_k48_basic(e, qx, qy, p)); + } + BENCH_END; + #endif + + #if EP_ADD == PROJC || !defined(STRIP) + BENCH_RUN("pp_dbl_k48_projc") { + fp8_rand(qx); + fp8_rand(qy); + fp8_rand(qz); + ep_rand(p); + BENCH_ADD(pp_dbl_k48_projc(e, qx, qy, qz, p)); + } + BENCH_END; + #endif + + BENCH_RUN("pp_exp_k48") { + fp48_rand(e); + BENCH_ADD(pp_exp_k48(e, e)); + } + BENCH_END; + + BENCH_RUN("pp_map_k48") { + fp8_rand(qx); + fp8_rand(qy); + fp8_rand(qz); + ep_rand(p); + BENCH_ADD(pp_map_k48(e, p, qx, qy)); + } + BENCH_END; + + ep_free(p); + fp8_free(qx); + fp8_free(qy); + fp8_free(qz); + fp48_free(e); +} + +static void pairing54(void) { + ep_t p; + fp9_t qx, qy, qz; + fp54_t e; + + ep_null(p); + fp9_null(qx); + fp9_null(qy); + fp9_null(qz); + fp54_null(e); + + ep_new(p); + fp9_new(qx); + fp9_new(qy); + fp9_new(qz); + fp54_new(e); + + BENCH_RUN("pp_add_k54") { + fp9_rand(qx); + fp9_rand(qy); + fp9_rand(qz); + ep_rand(p); + BENCH_ADD(pp_add_k54(e, qx, qy, qz, qy, qx, p)); + } + BENCH_END; + +#if EP_ADD == BASIC || !defined(STRIP) + BENCH_RUN("pp_add_k54_basic") { + fp9_rand(qx); + fp9_rand(qy); + fp9_rand(qz); + ep_rand(p); + BENCH_ADD(pp_add_k54_basic(e, qx, qy, qy, qx, p)); + } + BENCH_END; +#endif + +#if EP_ADD == PROJC || !defined(STRIP) + BENCH_RUN("pp_add_k54_projc") { + fp9_rand(qx); + fp9_rand(qy); + fp9_rand(qz); + ep_rand(p); + BENCH_ADD(pp_add_k54_projc(e, qx, qy, qz, qx, qy, p)); + } + BENCH_END; +#endif + + BENCH_RUN("pp_dbl_k54") { + fp9_rand(qx); + fp9_rand(qy); + fp9_rand(qz); + ep_rand(p); + BENCH_ADD(pp_dbl_k54(e, qx, qy, qz, p)); + } + BENCH_END; + + #if EP_ADD == BASIC || !defined(STRIP) + BENCH_RUN("pp_dbl_k54_basic") { + fp9_rand(qx); + fp9_rand(qy); + ep_rand(p); + BENCH_ADD(pp_dbl_k54_basic(e, qx, qy, p)); + } + BENCH_END; + #endif + + #if EP_ADD == PROJC || !defined(STRIP) + BENCH_RUN("pp_dbl_k54_projc") { + fp9_rand(qx); + fp9_rand(qy); + fp9_rand(qz); + ep_rand(p); + BENCH_ADD(pp_dbl_k54_projc(e, qx, qy, qz, p)); + } + BENCH_END; + #endif + + BENCH_RUN("pp_exp_k54") { + fp54_rand(e); + BENCH_ADD(pp_exp_k54(e, e)); + } + BENCH_END; + + BENCH_RUN("pp_map_k54") { + fp9_rand(qx); + fp9_rand(qy); + fp9_rand(qz); + ep_rand(p); + BENCH_ADD(pp_map_k54(e, p, qx, qy)); + } + BENCH_END; + + ep_free(p); + fp9_free(qx); + fp9_free(qy); + fp9_free(qz); + fp54_free(e); +} + +int main(void) { + if (core_init() != RLC_OK) { + core_clean(); + return 1; + } + + conf_print(); + + util_banner("Benchmarks for the PP module:", 0); + + if (ep_param_set_any_pairf() != RLC_OK) { + RLC_THROW(ERR_NO_CURVE); + core_clean(); + return 0; + } + + ep_param_print(); + util_banner("Arithmetic:", 1); + + if (ep_param_embed() == 2) { + pairing2(); + } + + if (ep_param_embed() == 8) { + pairing8(); + } + + if (ep_param_embed() == 12) { + pairing12(); + } + + if (ep_param_embed() == 48) { + pairing48(); + } + + if (ep_param_embed() == 54) { + pairing54(); + } + + core_clean(); + return 0; +} diff --git a/depends/relic/bench/bench_rand.c b/depends/relic/bench/bench_rand.c new file mode 100644 index 00000000000000..4fd7625371ca4d --- /dev/null +++ b/depends/relic/bench/bench_rand.c @@ -0,0 +1,109 @@ +/* + * RELIC is an Efficient LIbrary for Cryptography + * Copyright (c) 2014 RELIC Authors + * + * This file is part of RELIC. RELIC is legal property of its developers, + * whose names are not listed here. Please refer to the COPYRIGHT file + * for contact information. + * + * RELIC is free software; you can redistribute it and/or modify it under the + * terms of the version 2.1 (or later) of the GNU Lesser General Public License + * as published by the Free Software Foundation; or version 2.0 of the Apache + * License as published by the Apache Software Foundation. See the LICENSE files + * for more details. + * + * RELIC is distributed in the hope that it will be useful, but WITHOUT ANY + * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + * A PARTICULAR PURPOSE. See the LICENSE files for more details. + * + * You should have received a copy of the GNU Lesser General Public or the + * Apache License along with RELIC. If not, see + * or . + */ + +/** + * @file + * + * Benchmarks for random number generation. + * + * @ingroup rand + */ + +#include + +#include "relic.h" +#include "relic_bench.h" + +#if RAND == CALL + +#include +#include +#include + +static void test_bytes(uint8_t *buf, int size, void *args) { + int c, l, fd = *(int *)args; + + if (fd == -1) { + RLC_THROW(ERR_NO_FILE); + } + + l = 0; + do { + c = read(fd, buf + l, size - l); + l += c; + if (c == -1) { + RLC_THROW(ERR_NO_READ); + } + } while (l < size); +} + +static void rng(void) { + uint8_t buffer[64]; + int fd = open("/dev/urandom", O_RDONLY); + + BENCH_RUN("rand_seed") { + rand_bytes(buffer, k); + BENCH_ADD(rand_seed(&test_bytes, (void *)&fd)); + } BENCH_END; + + for (int k = 1; k <= sizeof(buffer); k *= 2) { + BENCH_RUN("rand_bytes (from 1 to 256)") { + BENCH_ADD(rand_bytes(buffer, k)); + } BENCH_END; + } + + close(fd); +} + +#else + +static void rng(void) { + uint8_t buffer[256]; + + BENCH_RUN("rand_seed (20)") { + rand_bytes(buffer, 20); + BENCH_ADD(rand_seed(buffer, 20)); + } BENCH_END; + + for (int k = 1; k <= sizeof(buffer); k *= 2) { + BENCH_RUN("rand_bytes (from 1 to 256)") { + BENCH_ADD(rand_bytes(buffer, k)); + } BENCH_END; + } +} + +#endif + +int main(void) { + if (core_init() != RLC_OK) { + core_clean(); + return 1; + } + + conf_print(); + util_banner("Benchmarks for the RAND module:", 0); + util_banner("Utilities:\n", 0); + rng(); + core_clean(); + return 0; +} diff --git a/depends/relic/cmake/arch.cmake b/depends/relic/cmake/arch.cmake new file mode 100644 index 00000000000000..0b9df7e280a9c9 --- /dev/null +++ b/depends/relic/cmake/arch.cmake @@ -0,0 +1,52 @@ +message(STATUS "Available architectures (default = X64):\n") + +message(" ARCH= No specific architecture (disable some features).") +message(" ARCH=AVR Atmel AVR ATMega128 8-bit architecture.") +message(" ARCH=MSP TI MSP430 16-bit architecture.") +message(" ARCH=ARM ARM 32-bit architecture.") +message(" ARCH=X86 Intel x86-compatible 32-bit architecture.") +message(" ARCH=X64 AMD x86_64-compatible 64-bit architecture.\n") + +message(STATUS "Available word sizes (default = 64):\n") + +message(" WSIZE=8 Build a 8-bit library.") +message(" WSIZE=16 Build a 16-bit library.") +message(" WSIZE=32 Build a 32-bit library.") +message(" WSIZE=64 Build a 64-bit library.\n") + +message(STATUS "Byte boundary to align digit vectors (default = 1):\n") + +message(" ALIGN=1 Do not align digit vectors.") +message(" ALIGN=2 Align digit vectors into 16-bit boundaries.") +message(" ALIGN=8 Align digit vectors into 64-bit boundaries.") +message(" ALIGN=16 Align digit vectors into 128-bit boundaries.\n") + +# Architecture and memory layout. +if(CMAKE_SYSTEM_PROCESSOR STREQUAL "x86") + set(ARCH "X86" CACHE STRING "Architecture") +endif() +if(CMAKE_SYSTEM_PROCESSOR STREQUAL "x86_64" OR CMAKE_SYSTEM_PROCESSOR STREQUAL "AMD64") + set(ARCH "X64" CACHE STRING "Architecture") +endif() + +if(WORD AND NOT WSIZE) + message(FATAL_ERROR "WORD has been replaced with WSIZE. Please update your configuration") +endif() + +if(NOT WSIZE) + if(ARCH STREQUAL X86) + set(AFLAGS "-m32") + set(WSIZE 32) + endif() + if(ARCH STREQUAL X64) + set(AFLAGS "-m64") + set(WSIZE 64) + endif() +endif() + +set(WSIZE ${WSIZE} CACHE STRING "Processor word size") + +if(NOT ALIGN) + set(ALIGN 1) +endif(NOT ALIGN) +set(ALIGN ${ALIGN} CACHE STRING "Boundary to align digit vectors") diff --git a/depends/relic/cmake/bn.cmake b/depends/relic/cmake/bn.cmake new file mode 100644 index 00000000000000..793027ac447df6 --- /dev/null +++ b/depends/relic/cmake/bn.cmake @@ -0,0 +1,75 @@ +message(STATUS "Multiple precision arithmetic configuration (BN module):\n") + +message(" ** Options for the multiple precision module (default = 1024,DOUBLE,0):\n") + +message(" BN_PRECI=n The base precision in bits. Let w be n in words.") +message(" BN_MAGNI=DOUBLE A multiple precision integer can store 2w words.") +message(" BN_MAGNI=CARRY A multiple precision integer can store w+1 words.") +message(" BN_MAGNI=SINGLE A multiple precision integer can store w words.") +message(" BN_KARAT=n The number of Karatsuba steps.\n") + +message(" ** Available multiple precision arithmetic methods (default = COMBA;COMBA;MONTY;SLIDE;BASIC;BASIC):\n") + +message(" Integer multiplication:") +message(" BN_METHD=BASIC Schoolbook multiplication.") +message(" BN_METHD=COMBA Comba multiplication.\n") + +message(" Integer squaring:") +message(" BN_METHD=BASIC Schoolbook squaring.") +message(" BN_METHD=COMBA Comba squaring.") +message(" BN_METHD=MULTP Reuse multiplication for squaring.\n") + +message(" Modular reduction:") +message(" BN_METHD=BASIC Division-based modular reduction.") +message(" BN_METHD=BARRT Barrett modular reduction.") +message(" BN_METHD=MONTY Montgomery modular reduction.") +message(" BN_METHD=RADIX Diminished radix modular reduction.\n") + +message(" Modular exponentiation:") +message(" BN_METHD=BASIC Binary modular exponentiation.") +message(" BN_METHD=MONTY Montgomery powering ladder.") +message(" BN_METHD=SLIDE Sliding window modular exponentiation.\n") + +message(" Greatest Common Divisor:") +message(" BN_METHD=BASIC Euclid's standard GCD algorithm.") +message(" BN_METHD=LEHME Lehmer's fast GCD algorithm.") +message(" BN_METHD=STEIN Stein's binary GCD algorithm.\n") + +message(" Prime generation:") +message(" BN_METHD=BASIC Basic prime generation.") +message(" BN_METHD=SAFEP Safe prime generation.") +message(" BN_METHD=STRON Strong prime generation.\n") + +# Choose the arithmetic precision. +if (NOT BN_PRECI) + set(BN_PRECI 1024) +endif(NOT BN_PRECI) +set(BN_PRECI ${BN_PRECI} CACHE STRING "Arithmetic precision in bits") + +# Fix the number of Karatsuba instances +if (NOT BN_KARAT) + set(BN_KARAT 0) +endif(NOT BN_KARAT) +set(BN_KARAT ${BN_KARAT} CACHE STRING "Number of Karatsuba levels.") + +if (NOT BN_MAGNI) + set(BN_MAGNI "DOUBLE") +endif(NOT BN_MAGNI) +set(BN_MAGNI ${BN_MAGNI} CACHE STRING "Effective size in words") + +# Choose the arithmetic methods. +if (NOT BN_METHD) + set(BN_METHD "COMBA;COMBA;MONTY;SLIDE;BASIC;BASIC") +endif(NOT BN_METHD) +list(LENGTH BN_METHD BN_LEN) +if (BN_LEN LESS 6) + message(FATAL_ERROR "Incomplete BN_METHD specification: ${BN_METHD}") +endif(BN_LEN LESS 6) + +list(GET BN_METHD 0 BN_MUL) +list(GET BN_METHD 1 BN_SQR) +list(GET BN_METHD 2 BN_MOD) +list(GET BN_METHD 3 BN_MXP) +list(GET BN_METHD 4 BN_GCD) +list(GET BN_METHD 5 BN_GEN) +set(BN_METHD ${BN_METHD} CACHE STRING "Method for multiple precision arithmetic.") diff --git a/depends/relic/cmake/cp.cmake b/depends/relic/cmake/cp.cmake new file mode 100644 index 00000000000000..a665f680096de7 --- /dev/null +++ b/depends/relic/cmake/cp.cmake @@ -0,0 +1,16 @@ +message(STATUS "Cryptographic protocols configuration (CP module):\n") + +message(" ** Options for the cryptographic protocols module (default = on, PKCS2):\n") + +message(" CP_CRT=[off|on] Support for faster CRT-based exponentiation in factoring-based cryptosystems.\n") + +message(" CP_RSAPD=BASIC RSA with basic padding.") +message(" CP_RSAPD=PKCS1 RSA with PKCS#1 v1.5 padding.") +message(" CP_RSAPD=PKCS2 RSA with PKCS#1 v2.1 padding.\n") + +if (NOT CP_RSAPD) + set(CP_RSAPD "PKCS2") +endif(NOT CP_RSAPD) +set(CP_RSAPD ${CP_RSAPD} CACHE STRING "RSA padding") + +option(CP_CRT "Support for faster CRT-based exponentiation in factoring-based cryptosystems." on) diff --git a/depends/relic/cmake/doxygen.cmake b/depends/relic/cmake/doxygen.cmake new file mode 100644 index 00000000000000..f940bdeadb40b9 --- /dev/null +++ b/depends/relic/cmake/doxygen.cmake @@ -0,0 +1,39 @@ +# Helper macro to add a "doc" target with CMake build system. +# and configure doxy.config.in to doxy.config +# +# Please note, that the tools, e.g.: +# doxygen, dot, latex, dvips, makeindex, gswin32, etc. +# must be in path. +# +# adapted from work of Jan Woetzel 2004-2006 +# www.mip.informatik.uni-kiel.de/~jw + +find_package(Doxygen) + +if (DOXYGEN_FOUND) + if (OPSYS STREQUAL "MACOSX") + set(GENERATE_DOCSET "YES") + else (OPSYS STREQUAL "MACOSX") + set(GENERATE_DOCSET "NO") + endif (OPSYS STREQUAL "MACOSX") + if (EXISTS "${CMAKE_CURRENT_SOURCE_DIR}/doc/relic.doxygen.in") + message(STATUS "Configured ${CMAKE_CURRENT_SOURCE_DIR}/doc/relic.doxygen.in") + configure_file(${CMAKE_CURRENT_SOURCE_DIR}/doc/relic.doxygen.in + ${CMAKE_CURRENT_BINARY_DIR}/doc/relic.doxygen @ONLY ) + # use config from BUILD tree + set(DOXY_CONFIG "${CMAKE_CURRENT_BINARY_DIR}/doc/relic.doxygen") + else (EXISTS "${CMAKE_CURRENT_SOURCE_DIR}/doc/relic.doxygen.in") + # use config from SOURCE tree + if (EXISTS "${CMAKE_CURRENT_SOURCE_DIR}/doc/relic.doxygen") + message(STATUS "Using existing ${CMAKE_CURRENT_SOURCE_DIR}/doc/relic.doxygen") + set(DOXY_CONFIG "${CMAKE_CURRENT_SOURCE_DIR}/doc/relic.doxygen") + else (exists "${CMAKE_CURRENT_SOURCE_DIR}/doc/relic.doxygen") + # failed completely... + message(SEND_ERROR "Please create ${CMAKE_CURRENT_SOURCE_DIR}/doxy.config.in (or doxy.config as fallback)") + endif(EXISTS "${CMAKE_CURRENT_SOURCE_DIR}/doc/relic.doxygen") + + endif(EXISTS "${CMAKE_CURRENT_SOURCE_DIR}/doc/relic.doxygen.in") + + add_custom_target(doc ${DOXYGEN_EXECUTABLE} ${DOXY_CONFIG}) + +endif(DOXYGEN_FOUND) diff --git a/depends/relic/cmake/eb.cmake b/depends/relic/cmake/eb.cmake new file mode 100644 index 00000000000000..70c543c1409ee1 --- /dev/null +++ b/depends/relic/cmake/eb.cmake @@ -0,0 +1,64 @@ +message(STATUS "Binary elliptic curve arithmetic configuration (EB module):\n") + +message(" ** Options for the binary elliptic curve module (default = on, w = 4):\n") + +message(" EB_PLAIN=[off|on] Support for ordinary curves without endomorphisms.") +message(" EB_KBLTZ=[off|on] Support for Koblitz anomalous binary curves.") +message(" EB_MIXED=[off|on] Use mixed coordinates.") +message(" EB_PRECO=[off|on] Build precomputation table for generator.") +message(" EB_DEPTH=w Width w in [2,8] of precomputation table for fixed point methods.") +message(" EB_WIDTH=w Width w in [2,6] of window processing for unknown point methods.\n") + +message(" ** Available binary elliptic curve methods (default = PROJC;LWNAF;COMBS;INTER):\n") + +message(" Point representation:") +message(" EB_METHD=BASIC Affine coordinates.") +message(" EB_METHD=PROJC Projective coordinates (L�pez-Dahab for ordinary curves).\n") + +message(" Variable-base scalar multiplication:") +message(" EB_METHD=BASIC Binary double-and-add method.") +message(" EB_METHD=LODAH Lopez-Dahab constant-time point multiplication.") +message(" EB_METHD=LWNAF Left-to-right window (T)NAF method.") +message(" EB_METHD=RWNAF Right-to-left window (T)NAF method.") +message(" EB_METHD=HALVE Halving method.\n") + +message(" Fixed-base scalar multiplication:") +message(" EB_METHD=BASIC Binary method for fixed point multiplication.") +message(" EB_METHD=COMBS Single-table Comb method for fixed point multiplication.") +message(" EB_METHD=COMBD Double-table Comb method for fixed point multiplication.") +message(" EB_METHD=LWNAF Left-to-right window (T)NAF method.\n") + +message(" Variable-base simultaneous scalar multiplication:") +message(" EB_METHD=BASIC Multiplication-and-addition simultaneous multiplication.") +message(" EB_METHD=TRICK Shamir's trick for simultaneous multiplication.") +message(" EB_METHD=INTER Interleaving of window (T)NAFs.") +message(" EB_METHD=JOINT Joint sparse form.\n") + +if (NOT EB_DEPTH) + set(EB_DEPTH 4) +endif(NOT EB_DEPTH) +if (NOT EB_WIDTH) + set(EB_WIDTH 4) +endif(NOT EB_WIDTH) +set(EB_DEPTH "${EB_DEPTH}" CACHE STRING "Width of precomputation table for fixed point methods.") +set(EB_WIDTH "${EB_WIDTH}" CACHE STRING "Width of window processing for unknown point methods.") + +option(EB_PLAIN "Support for ordinary curves without endomorphisms" on) +option(EB_KBLTZ "Support for Koblitz anomalous binary curves" on) +option(EB_MIXED "Use mixed coordinates" on) +option(EB_PRECO "Build precomputation table for generator" on) + +# Choose the arithmetic methods. +if (NOT EB_METHD) + set(EB_METHD "PROJC;LWNAF;COMBS;INTER") +endif(NOT EB_METHD) +list(LENGTH EB_METHD EB_LEN) +if (EB_LEN LESS 4) + message(FATAL_ERROR "Incomplete EB_METHD specification: ${EB_METHD}") +endif(EB_LEN LESS 4) + +list(GET EB_METHD 0 EB_ADD) +list(GET EB_METHD 1 EB_MUL) +list(GET EB_METHD 2 EB_FIX) +list(GET EB_METHD 3 EB_SIM) +set(EB_METHD ${EB_METHD} CACHE STRING "Method for binary elliptic curve arithmetic.") diff --git a/depends/relic/cmake/ec.cmake b/depends/relic/cmake/ec.cmake new file mode 100644 index 00000000000000..9e9035478da0a7 --- /dev/null +++ b/depends/relic/cmake/ec.cmake @@ -0,0 +1,23 @@ +message(STATUS "Elliptic curve cryptography configuration (EC module):\n") + +message(" ** Options for the binary elliptic curve module (default = on):\n") +message(" EC_ENDOM=[off|on] Prefer (prime or binary) curves with endomorphisms.\n") + +message(" ** Available elliptic curve methods (default = PRIME):\n") +message(" EC_METHD=PRIME Use prime curves.") +message(" EC_METHD=CHAR2 Use binary curves.") +message(" EC_METHD=EDDIE Use prime Edwards curves.\n") + +option(EC_ENDOM "Prefer (prime or binary) curves with endomorphisms" off) + +# Choose the arithmetic methods. +if (NOT EC_METHD) + set(EC_METHD "PRIME") +endif(NOT EC_METHD) +list(LENGTH EC_METHD EC_LEN) +if (EC_LEN LESS 1) + message(FATAL_ERROR "Incomplete EC_METHD specification: ${EC_METHD}") +endif(EC_LEN LESS 1) + +list(GET EC_METHD 0 EC_CUR) +set(EC_METHD ${EC_METHD} CACHE STRING "Method for Elliptic Curve Cryptography.") diff --git a/depends/relic/cmake/ed.cmake b/depends/relic/cmake/ed.cmake new file mode 100644 index 00000000000000..fb22da2a844cfc --- /dev/null +++ b/depends/relic/cmake/ed.cmake @@ -0,0 +1,58 @@ +message(STATUS "Elliptic Edwards curve over prime fields arithmetic configuration (ED module):\n") + +message(" ** Options for the prime elliptic Edwards curve module (default = all on):") +message(" ED_PRECO=[off|on] Build precomputation table for generator.") +message(" ED_DEPTH=w Width w in [2,6] of precomputation table for fixed point methods.") +message(" ED_WIDTH=w Width w in [2,6] of window processing for unknown point methods.\n") + +message(" ** Available prime elliptic Edwards curve methods (default = PROJC;LWNAF;COMBS;INTER):") +message(" ED_METHD=BASIC Affine coordinates.") +message(" EP_METHD=PROJC Simple projective twisted Edwards coordinates.") +message(" EP_METHD=EXTND Extended projective twisted Edwards coordinates.\n") + +message(" *** variable-base multiplication method ***") +message(" ED_METHD=BASIC Binary method.") +message(" ED_METHD=SLIDE Sliding window method.") +message(" ED_METHD=MONTY Montgomery ladder method.") +message(" ED_METHD=LWNAF Left-to-right window NAF method.") +message(" EP_METHD=LWREG Left-to-right regular recoding method (GLV for curves with endomorphisms).\n") + +message(" *** fixed-base multiplication method ***") +message(" ED_METHD=BASIC Binary method for fixed point multiplication.") +message(" ED_METHD=COMBS Single-table Comb method for fixed point multiplication.") +message(" ED_METHD=COMBD Double-table Comb method for fixed point multiplication.") +message(" ED_METHD=LWNAF Left-to-right window NAF method.\n") + +message(" *** variable-base simultaneous multiplication method ***") +message(" ED_METHD=BASIC Multiplication-and-addition simultaneous multiplication.") +message(" ED_METHD=TRICK Shamir's trick for simultaneous multiplication.") +message(" ED_METHD=INTER Interleaving of window NAFs (GLV for Koblitz curves).") +message(" ED_METHD=JOINT Joint sparse form.\n") + +message(" Note: these methods must be given in order. Ex: ED_METHD=\"EXTND;LWNAF;COMBD;TRICK\"\n") + +if (NOT ED_DEPTH) + set(ED_DEPTH 4) +endif(NOT ED_DEPTH) +if (NOT ED_WIDTH) + set(ED_WIDTH 4) +endif(NOT ED_WIDTH) +set(ED_DEPTH "${ED_DEPTH}" CACHE STRING "Width of precomputation table for fixed point methods.") +set(ED_WIDTH "${ED_WIDTH}" CACHE STRING "Width of window processing for unknown point methods.") + +option(ED_PRECO "Build precomputation table for generator" on) + +# Choose the arithmetic methods. +if (NOT ED_METHD) + set(ED_METHD "PROJC;LWNAF;COMBS;INTER") +endif(NOT ED_METHD) +list(LENGTH ED_METHD ED_LEN) +if (ED_LEN LESS 4) + message(FATAL_ERROR "Incomplete ED_METHD specification: ${ED_METHD}") +endif(ED_LEN LESS 4) + +list(GET ED_METHD 0 ED_ADD) +list(GET ED_METHD 1 ED_MUL) +list(GET ED_METHD 2 ED_FIX) +list(GET ED_METHD 3 ED_SIM) +set(ED_METHD ${ED_METHD} CACHE STRING "Method for prime elliptic Edwards curve arithmetic.") diff --git a/depends/relic/cmake/ep.cmake b/depends/relic/cmake/ep.cmake new file mode 100644 index 00000000000000..ec7670804a4f4c --- /dev/null +++ b/depends/relic/cmake/ep.cmake @@ -0,0 +1,68 @@ +message(STATUS "Prime elliptic curve arithmetic configuration (EP module):\n") + +message(" ** Options for the prime elliptic curve module (default = all on):\n") + +message(" EP_PLAIN=[off|on] Support for ordinary curves without endomorphisms.") +message(" EP_SUPER=[off|on] Support for supersingular curves.") +message(" EP_ENDOM=[off|on] Support for ordinary curves with endomorphisms.") +message(" EP_MIXED=[off|on] Use mixed coordinates.") +message(" EP_CTMAP=[off|on] Use contant-time SSWU and isogeny map for hashing.\n") + +message(" EP_PRECO=[off|on] Build precomputation table for generator.") +message(" EP_DEPTH=w Width w in [2,8] of precomputation table for fixed point methods.") +message(" EP_WIDTH=w Width w in [2,6] of window processing for unknown point methods.\n") + +message(" ** Available prime elliptic curve methods (default = PROJC;LWNAF;COMBS;INTER):\n") + +message(" Point representation:") +message(" EP_METHD=BASIC Affine coordinates.") +message(" EP_METHD=PROJC Homogeneous projective coordinates (complete formula).") +message(" EP_METHD=JACOB Jacobian projective coordinates.\n") + +message(" Variable-base scalar multiplication:") +message(" EP_METHD=BASIC Binary method.") +message(" EP_METHD=LWNAF Left-to-right window NAF method (GLV for Koblitz curves).\n") + +message(" Fixed-base scalar multiplication:") +message(" EP_METHD=BASIC Binary method for fixed point multiplication.") +message(" EP_METHD=COMBS Single-table Comb method for fixed point multiplication.") +message(" EP_METHD=COMBD Double-table Comb method for fixed point multiplication.") +message(" EP_METHD=LWNAF Left-to-right window NAF method (GLV for curves with endomorphisms).") +message(" EP_METHD=LWREG Left-to-right regular recoding method (GLV for curves with endomorphisms).\n") + +message(" Variable-base simultaneous scalar multiplication:") +message(" EP_METHD=BASIC Multiplication-and-addition simultaneous multiplication.") +message(" EP_METHD=TRICK Shamir's trick for simultaneous multiplication.") +message(" EP_METHD=INTER Interleaving of window NAFs (GLV for Koblitz curves).") +message(" EP_METHD=JOINT Joint sparse form.\n") + +if (NOT EP_DEPTH) + set(EP_DEPTH 4) +endif(NOT EP_DEPTH) +if (NOT EP_WIDTH) + set(EP_WIDTH 4) +endif(NOT EP_WIDTH) +set(EP_DEPTH "${EP_DEPTH}" CACHE STRING "Width of precomputation table for fixed point methods.") +set(EP_WIDTH "${EP_WIDTH}" CACHE STRING "Width of window processing for unknown point methods.") + +option(EP_PLAIN "Support for ordinary curves without endomorphisms" on) +option(EP_SUPER "Support for supersingular curves" on) +option(EP_MIXED "Use mixed coordinates" on) +option(EP_ENDOM "Support for ordinary curves with endomorphisms" on) +option(EP_PRECO "Build precomputation table for generator" on) +option(EP_CTMAP "Use contant-time SSWU and isogeny map for hashing" on) + +# Choose the arithmetic methods. +if (NOT EP_METHD) + set(EP_METHD "PROJC;LWNAF;COMBS;INTER") +endif(NOT EP_METHD) +list(LENGTH EP_METHD EP_LEN) +if (EP_LEN LESS 4) + message(FATAL_ERROR "Incomplete EP_METHD specification: ${EP_METHD}") +endif(EP_LEN LESS 4) + +list(GET EP_METHD 0 EP_ADD) +list(GET EP_METHD 1 EP_MUL) +list(GET EP_METHD 2 EP_FIX) +list(GET EP_METHD 3 EP_SIM) +set(EP_METHD ${EP_METHD} CACHE STRING "Method for prime elliptic curve arithmetic.") diff --git a/depends/relic/cmake/err.cmake b/depends/relic/cmake/err.cmake new file mode 100644 index 00000000000000..725be333477680 --- /dev/null +++ b/depends/relic/cmake/err.cmake @@ -0,0 +1,9 @@ +include(CheckFunctionExists) +include(CheckIncludeFiles) + +# Test for headers +check_include_files(execinfo.h HAVE_EXECINFO_H) + +# Test for functions +check_function_exists(backtrace HAVE_BACKTRACE) +check_function_exists(backtrace_symbols HAVE_BACKTRACE_SYMBOLS) diff --git a/depends/relic/cmake/fb.cmake b/depends/relic/cmake/fb.cmake new file mode 100644 index 00000000000000..a29536eadc192a --- /dev/null +++ b/depends/relic/cmake/fb.cmake @@ -0,0 +1,99 @@ +message(STATUS "Binary field arithmetic configuration (FB module):\n") + +message(" ** Options for the binary elliptic curve module (default = 283,0,on,on,on):\n") + +message(" FB_POLYN=n The irreducible polynomial size in bits.") +message(" FB_KARAT=n The number of Karatsuba levels.") +message(" FB_TRINO=[off|on] Prefer trinomials.") +message(" FB_SQRTF=[off|on] Prefer square-root friendly polynomials.") +message(" FB_PRECO=[off|on] Precompute multiplication table for sqrt(z).") +message(" FB_WIDTH=w Width w in [2,6] of window processing for exponentiation methods.\n") + +message(" ** Available binary field arithmetic methods (default = LODAH;QUICK;QUICK;BASIC;QUICK;QUICK;EXGCD;SLIDE;QUICK):\n") + +message(" Field multiplication:") +message(" FB_METHD=BASIC Right-to-left shift-and-add multiplication.") +message(" FB_METHD=INTEG Integrated modular multiplication.") +message(" FB_METHD=LODAH L�pez-Dahab comb multiplication with window of width 4.\n") + +message(" Field squaring:") +message(" FB_METHD=BASIC Bit manipulation squaring.") +message(" FB_METHD=INTEG Integrated modular squaring.") +message(" FB_METHD=QUICK Table-based squaring.\n") + +message(" Modular reduction:") +message(" FB_METHD=BASIC Shift-and-add modular reduction.") +message(" FB_METHD=QUICK Fast reduction modulo a trinomial or pentanomial.\n") + +message(" Field square root:") +message(" FB_METHD=BASIC Square root by repeated squaring.") +message(" FB_METHD=QUICK Fast square root extraction.\n") + +message(" Trace computation:") +message(" FB_METHD=BASIC Trace computation by repeated squaring.") +message(" FB_METHD=QUICK Fast trace computation.\n") + +message(" Quadratic equation solver:") +message(" FB_METHD=BASIC Solve a quadratic equation by half-trace computation.") +message(" FB_METHD=QUICK Fast solving with precomputed half-traces.\n") + +message(" Field inversion:") +message(" FB_METHD=BASIC Inversion by Fermat's Little Theorem.") +message(" FB_METHD=BINAR Binary Inversion algorithm.") +message(" FB_METHD=ALMOS Inversion by the Amost inverse algorithm.") +message(" FB_METHD=EXGCD Inversion by the Extended Euclidean algorithm.") +message(" FB_METHD=ITOHT Inversion by Itoh-Tsuji.") +message(" FB_METHD=CTAIA Constant-time almost inversion algorithm.") +message(" FB_METHD=BRUCH Hardware-friendly inversion by Brunner et al.") +message(" FB_METHD=LOWER Pass inversion to the lower level.\n") + +message(" Field exponentiation:") +message(" FB_METHD=BASIC Binary exponentiation.") +message(" FB_METHD=SLIDE Sliding window exponentiation.") +message(" FB_METHD=MONTY Constant-time Montgomery powering ladder.\n") + +message(" Iterated squaring/square-root:") +message(" FB_METHD=BASIC Iterated squaring/square-root by consecutive squaring/square-root.") +message(" FB_METHD=QUICK Iterated squaring/square-root by table-based method.\n") + +# Choose the polynomial size. +if (NOT FB_POLYN) + set(FB_POLYN 283) +endif(NOT FB_POLYN) +set(FB_POLYN ${FB_POLYN} CACHE STRING "Irreducible polynomial size in bits.") + +# Fix the number of Karatsuba instances +if (NOT FB_KARAT) + set(FB_KARAT 0) +endif(NOT FB_KARAT) +set(FB_KARAT ${FB_KARAT} CACHE STRING "Number of Karatsuba levels.") + +if (NOT FB_WIDTH) + set(FB_WIDTH 4) +endif(NOT FB_WIDTH) +set(FB_WIDTH ${FB_WIDTH} CACHE STRING "Width of window processing for exponentiation methods.") + +option(FB_TRINO "Prefer trinomials." on) +option(FB_SQRTF "Prefer square-root friendly polynomials." off) +option(FB_PRECO "Precompute multiplication table for sqrt(z)." on) + +# Choose the arithmetic methods. +if (NOT FB_METHD) + set(FB_METHD "LODAH;QUICK;QUICK;QUICK;QUICK;QUICK;EXGCD;SLIDE;QUICK") +endif(NOT FB_METHD) +list(LENGTH FB_METHD FB_LEN) +if (FB_LEN LESS 9) + message(FATAL_ERROR "Incomplete FB_METHD specification: ${FB_METHD}") +endif(FB_LEN LESS 9) + +list(GET FB_METHD 0 FB_MUL) +list(GET FB_METHD 1 FB_SQR) +list(GET FB_METHD 2 FB_RDC) +list(GET FB_METHD 3 FB_SRT) +list(GET FB_METHD 4 FB_TRC) +list(GET FB_METHD 5 FB_SLV) +list(GET FB_METHD 6 FB_INV) +list(GET FB_METHD 7 FB_EXP) +list(GET FB_METHD 8 FB_ITR) + +set(FB_METHD ${FB_METHD} CACHE STRING "Method for binary field arithmetic.") diff --git a/depends/relic/cmake/fiat.cmake b/depends/relic/cmake/fiat.cmake new file mode 100644 index 00000000000000..b0f45adcb49aa8 --- /dev/null +++ b/depends/relic/cmake/fiat.cmake @@ -0,0 +1,39 @@ +set(TEST_FP "${CMAKE_BINARY_DIR}/bin/test_fp") +set(FIAT_TXT "${CMAKE_BINARY_DIR}/test_fp.txt") +set(FIAT_LOW "${CMAKE_SOURCE_DIR}/src/low/fiat/") +set(FIAT_FP "${FIAT_LOW}/fiat_fp.c") +set(MONT "src/ExtractionOCaml/word_by_word_montgomery") + +message(STATUS "Running test_fp to discover prime modulus.") +execute_process(COMMAND ${TEST_FP} OUTPUT_FILE ${FIAT_TXT}) +file(READ ${FIAT_TXT} OUTPUT_CONTENT) +string(REGEX MATCHALL "[(0-9)|(A-F)]+[ \n]" MATCHES ${OUTPUT_CONTENT}) + +set(LONGEST "0") +foreach(MATCH ${MATCHES}) + STRING(STRIP "${MATCH}" MATCH) + STRING(LENGTH "${MATCH}" LEN) + if (${LEN} GREATER_EQUAL ${LONGEST}) + set(LONGEST ${LEN}) + endif() +endforeach() + +math(EXPR WSIZE "4 * ${LONGEST}") + +foreach(MATCH ${MATCHES}) + STRING(STRIP "${MATCH}" MATCH) + STRING(LENGTH "${MATCH}" LEN) + if (${LEN} EQUAL ${LONGEST}) + set(PRIME "${PRIME}${MATCH}") + endif() +endforeach() + +execute_process(COMMAND $ENV{FIAT_CRYPTO}/${MONT} fp 64 "0x${PRIME}" OUTPUT_FILE ${FIAT_FP}) + +file(READ ${FIAT_FP} OUTPUT_CONTENT) +string(REPLACE "void" "static void" OUTPUT_FIXED "${OUTPUT_CONTENT}") +file(WRITE ${FIAT_FP} "${OUTPUT_FIXED}") + +configure_file(${FIAT_LOW}/relic_fp_add_low.tmpl ${FIAT_LOW}/relic_fp_add_low.c COPYONLY) +configure_file(${FIAT_LOW}/relic_fp_mul_low.tmpl ${FIAT_LOW}/relic_fp_mul_low.c COPYONLY) +configure_file(${FIAT_LOW}/relic_fp_sqr_low.tmpl ${FIAT_LOW}/relic_fp_sqr_low.c COPYONLY) diff --git a/depends/relic/cmake/fp.cmake b/depends/relic/cmake/fp.cmake new file mode 100644 index 00000000000000..781e9363569b09 --- /dev/null +++ b/depends/relic/cmake/fp.cmake @@ -0,0 +1,81 @@ +message(STATUS "Prime field arithmetic configuration (FP module):\n") + +message(" ** Arithmetic precision of the prime field module (default = 256,0,off,off):\n") + +message(" FP_PRIME=n The prime modulus size in bits.") +message(" FP_KARAT=n The number of Karatsuba levels.") +message(" FP_PMERS=[off|on] Prefer Pseudo-Mersenne primes over random primes.") +message(" FP_QNRES=[off|on] Use -1 as quadratic non-residue (make sure that p = 3 mod 8).") +message(" FP_WIDTH=w Width w in [2,6] of window processing for exponentiation methods.\n") + +message(" ** Available prime field arithmetic methods (default = BASIC;COMBA;COMBA;MONTY;MONTY;SLIDE):") + +message(" Field addition") +message(" FP_METHD=BASIC Schoolbook addition.") +message(" FP_METHD=INTEG Integrated modular addition.\n") + +message(" Field multiplication") +message(" FP_METHD=BASIC Schoolbook multiplication.") +message(" FP_METHD=INTEG Integrated modular multiplication.") +message(" FP_METHD=COMBA Comba multiplication.\n") + +message(" Field squaring") +message(" FP_METHD=BASIC Schoolbook squaring.") +message(" FP_METHD=INTEG Integrated modular squaring.") +message(" FP_METHD=COMBA Comba squaring.") +message(" FP_METHD=MULTP Reuse multiplication for squaring.\n") + +message(" Modular reduction") +message(" FP_METHD=BASIC Division-based reduction.") +message(" FP_METHD=QUICK Fast reduction modulo special form prime (2^t - c, c > 0).") +message(" FP_METHD=MONTY Montgomery modular reduction.\n") + +message(" Field inversion") +message(" FP_METHD=BASIC Inversion by Fermat's Little Theorem.") +message(" FP_METHD=BINAR Binary Inversion algorithm.") +message(" FP_METHD=MONTY Montgomery inversion.") +message(" FP_METHD=EXGCD Inversion by the Extended Euclidean algorithm.") +message(" FP_METHD=DIVST Constant-time inversion by division steps.") +message(" FP_METHD=LOWER Pass inversion to the lower level.\n") + +message(" Field exponentiation") +message(" FP_METHD=BASIC Binary exponentiation.") +message(" FP_METHD=SLIDE Sliding window exponentiation.") +message(" FP_METHD=MONTY Constant-time Montgomery powering ladder.\n") + +# Choose the prime field size. +if (NOT FP_PRIME) + set(FP_PRIME 256) +endif(NOT FP_PRIME) +set(FP_PRIME ${FP_PRIME} CACHE STRING "Prime modulus size") + +# Fix the number of Karatsuba instances +if (NOT FP_KARAT) + set(FP_KARAT 0) +endif(NOT FP_KARAT) +set(FP_KARAT ${FP_KARAT} CACHE STRING "Number of Karatsuba levels.") + +if (NOT FP_WIDTH) + set(FP_WIDTH 4) +endif(NOT FP_WIDTH) +set(FP_WIDTH ${FP_WIDTH} CACHE STRING "Width of window processing for exponentiation methods.") + +option(FP_PMERS "Prefer special form primes over random primes." off) +option(FP_QNRES "Use -1 as quadratic non-residue." off) + +# Choose the arithmetic methods. +if (NOT FP_METHD) + set(FP_METHD "INTEG;INTEG;INTEG;MONTY;MONTY;SLIDE") +endif(NOT FP_METHD) +list(LENGTH FP_METHD FP_LEN) +if (FP_LEN LESS 6) + message(FATAL_ERROR "Incomplete FP_METHD specification: ${FP_METHD}") +endif(FP_LEN LESS 6) + +list(GET FP_METHD 0 FP_ADD) +list(GET FP_METHD 1 FP_MUL) +list(GET FP_METHD 2 FP_SQR) +list(GET FP_METHD 3 FP_RDC) +list(GET FP_METHD 4 FP_INV) +list(GET FP_METHD 5 FP_EXP) +set(FP_METHD ${FP_METHD} CACHE STRING "Method for prime field arithmetic.") diff --git a/depends/relic/cmake/fpx.cmake b/depends/relic/cmake/fpx.cmake new file mode 100644 index 00000000000000..07e2ad662c61ab --- /dev/null +++ b/depends/relic/cmake/fpx.cmake @@ -0,0 +1,29 @@ +message(STATUS "Prime extension field arithmetic configuration (FPX module):\n") + +message(" ** Available bilinear pairing methods (default = BASIC;BASIC;BASIC):") + +message(" Quadratic extension arithmetic:") +message(" FPX_METHD=BASIC Basic quadratic extension field arithmetic.") +message(" FPX_METHD=INTEG Quadratic extension field arithmetic with embedded modular reduction.\n") + +message(" Cubic extension arithmetic:") +message(" FPX_METHD=BASIC Basic cubic extension field arithmetic.") +message(" FPX_METHD=INTEG Cubic extension field arithmetic with embedded modular reduction.\n") + +message(" Extension field arithmetic:") +message(" FPX_METHD=BASIC Basic extension field arithmetic.") +message(" FPX_METHD=LAZYR Lazy-reduced extension field arithmetic.\n") + +# Choose the arithmetic methods. +if (NOT FPX_METHD) + set(FPX_METHD "INTEG;INTEG;LAZYR") +endif(NOT FPX_METHD) +list(LENGTH FPX_METHD FPX_LEN) +if (FPX_LEN LESS 3) + message(FATAL_ERROR "Incomplete FPX_METHD specification: ${FPX_METHD}") +endif(FPX_LEN LESS 3) + +list(GET FPX_METHD 0 FPX_QDR) +list(GET FPX_METHD 1 FPX_CBC) +list(GET FPX_METHD 2 FPX_RDC) +set(FPX_METHD ${FPX_METHD} CACHE STRING "Method for prime extension field arithmetic.") diff --git a/depends/relic/cmake/gmp.cmake b/depends/relic/cmake/gmp.cmake new file mode 100644 index 00000000000000..abb00c44c2eabb --- /dev/null +++ b/depends/relic/cmake/gmp.cmake @@ -0,0 +1,56 @@ +# Copyright (c) 2006, Laurent Montel, +# Copyright (c) 2007, Francesco Biscani, + +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# 1. Redistributions of source code must retain the copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# 3. The name of the author may not be used to endorse or promote products +# derived from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR +# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# ------------------------------------------------------------------------------------------ + +# Try to find the GMP libraries: +# GMP_FOUND - System has GMP lib +# GMP_INCLUDE_DIR - The GMP include directory +# GMP_LIBRARIES - Libraries needed to use GMP + +if (GMP_INCLUDE_DIR AND GMP_LIBRARIES) + # Force search at every time, in case configuration changes + unset(GMP_INCLUDE_DIR CACHE) + unset(GMP_LIBRARIES CACHE) +endif (GMP_INCLUDE_DIR AND GMP_LIBRARIES) + +find_path(GMP_INCLUDE_DIR NAMES gmp.h) +if(STBIN) + find_library(GMP_LIBRARIES NAMES libgmp.a gmp.lib libgmp-10 libgmp gmp) +else(STBIN) + find_library(GMP_LIBRARIES NAMES libgmp.so gmp.lib libgmp-10 libgmp gmp) +endif(STBIN) + +if(GMP_INCLUDE_DIR AND GMP_LIBRARIES) + set(GMP_FOUND TRUE) +endif() + +if(GMP_FOUND) + message(STATUS "Configured GMP: -I${GMP_INCLUDE_DIR} -L${GMP_LIBRARIES}") +else(GMP_FOUND) + message(STATUS "Could NOT find GMP") +endif(GMP_FOUND) + +mark_as_advanced(GMP_INCLUDE_DIR GMP_LIBRARIES) diff --git a/depends/relic/cmake/ios.cmake b/depends/relic/cmake/ios.cmake new file mode 100644 index 00000000000000..68f13b4db2c318 --- /dev/null +++ b/depends/relic/cmake/ios.cmake @@ -0,0 +1,443 @@ +# https://github.com/leetal/ios-cmake +# +# This file is part of the ios-cmake project. It was retrieved from +# https://github.com/cristeab/ios-cmake.git, which is a fork of +# https://code.google.com/p/ios-cmake/. Which in turn is based off of +# the Platform/Darwin.cmake and Platform/UnixPaths.cmake files which +# are included with CMake 2.8.4 +# +# The ios-cmake project is licensed under the new BSD license. +# +# Copyright (c) 2014, Bogdan Cristea and LTE Engineering Software, +# Kitware, Inc., Insight Software Consortium. All rights reserved. +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# 3. Neither the name of the copyright holder nor the names of its +# contributors may be used to endorse or promote products derived from +# this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# +# This file is based off of the Platform/Darwin.cmake and +# Platform/UnixPaths.cmake files which are included with CMake 2.8.4 +# It has been altered for iOS development. +# +# Updated by Alex Stewart (alexs.mac@gmail.com) +# +# ***************************************************************************** +# Now maintained by Alexander Widerberg (widerbergaren [at] gmail.com) +# under the BSD-3-Clause license +# https://github.com/leetal/ios-cmake +# ***************************************************************************** +# +# INFORMATION / HELP +# +# The following variables control the behaviour of this toolchain: +# +# IOS_PLATFORM: OS (default) or SIMULATOR or SIMULATOR64 or TVOS or SIMULATOR_TVOS +# OS = Build for iPhoneOS. +# SIMULATOR = Build for x86 i386 iPhone Simulator. +# SIMULATOR64 = Build for x86_64 iPhone Simulator. +# TVOS = Build for AppleTVOS. +# SIMULATOR_TVOS = Build for x86_64 AppleTV Simulator. +# CMAKE_OSX_SYSROOT: Path to the iOS SDK to use. By default this is +# automatically determined from IOS_PLATFORM and xcodebuild, but +# can also be manually specified (although this should not be required). +# CMAKE_IOS_DEVELOPER_ROOT: Path to the Developer directory for the iOS platform +# being compiled for. By default this is automatically determined from +# CMAKE_OSX_SYSROOT, but can also be manually specified (although this should +# not be required). +# ENABLE_BITCODE: (1|0) Enables or disables bitcode support. Default 1 (true) +# ENABLE_ARC: (1|0) Enables or disables ARC support. Default 1 (true, ARC enabled by default) +# ENABLE_VISIBILITY: (1|0) Enables or disables symbol visibility support. Default 0 (false, visibility hidden by default) +# IOS_ARCH: (armv7 armv7s arm64 i386 x86_64) If specified, will override the default architectures for the given IOS_PLATFORM +# OS = armv7 armv7s arm64 +# SIMULATOR = i386 +# SIMULATOR64 = x86_64 +# TVOS = arm64 +# SIMULATOR_TVOS = x86_64 +# +# This toolchain defines the following variables for use externally: +# +# XCODE_VERSION: Version number (not including Build version) of Xcode detected. +# IOS_SDK_VERSION: Version of iOS SDK being used. +# CMAKE_OSX_ARCHITECTURES: Architectures being compiled for (generated from +# IOS_PLATFORM). +# +# This toolchain defines the following macros for use externally: +# +# set_xcode_property (TARGET XCODE_PROPERTY XCODE_VALUE XCODE_VARIANT) +# A convenience macro for setting xcode specific properties on targets. +# Available variants are: All, Release, RelWithDebInfo, Debug, MinSizeRel +# example: set_xcode_property (myioslib IPHONEOS_DEPLOYMENT_TARGET "3.1" "all"). +# +# find_host_package (PROGRAM ARGS) +# A macro used to find executable programs on the host system, not within the +# iOS environment. Thanks to the android-cmake project for providing the +# command. + +# Fix for PThread library not in path +set(CMAKE_THREAD_LIBS_INIT "-lpthread") +set(CMAKE_HAVE_THREADS_LIBRARY 1) +set(CMAKE_USE_WIN32_THREADS_INIT 0) +set(CMAKE_USE_PTHREADS_INIT 1) + +# Get the Xcode version being used. +execute_process(COMMAND xcodebuild -version + OUTPUT_VARIABLE XCODE_VERSION + ERROR_QUIET + OUTPUT_STRIP_TRAILING_WHITESPACE) +string(REGEX MATCH "Xcode [0-9\\.]+" XCODE_VERSION "${XCODE_VERSION}") +string(REGEX REPLACE "Xcode ([0-9\\.]+)" "\\1" XCODE_VERSION "${XCODE_VERSION}") +message(STATUS "Building with Xcode version: ${XCODE_VERSION}") +# Default to building for iPhoneOS if not specified otherwise, and we cannot +# determine the platform from the CMAKE_OSX_ARCHITECTURES variable. The use +# of CMAKE_OSX_ARCHITECTURES is such that try_compile() projects can correctly +# determine the value of IOS_PLATFORM from the root project, as +# CMAKE_OSX_ARCHITECTURES is propagated to them by CMake. +if (NOT DEFINED IOS_PLATFORM) + if (CMAKE_OSX_ARCHITECTURES) + if (CMAKE_OSX_ARCHITECTURES MATCHES ".*arm.*") + set(IOS_PLATFORM "OS") + elseif (CMAKE_OSX_ARCHITECTURES MATCHES "i386") + set(IOS_PLATFORM "SIMULATOR") + elseif (CMAKE_OSX_ARCHITECTURES MATCHES "x86_64") + set(IOS_PLATFORM "SIMULATOR64") + endif() + endif() + if (NOT IOS_PLATFORM) + set(IOS_PLATFORM "OS") + endif() +endif() +set(IOS_PLATFORM ${IOS_PLATFORM} CACHE STRING + "Type of iOS platform for which to build.") +# Determine the platform name and architectures for use in xcodebuild commands +# from the specified IOS_PLATFORM name. +if (IOS_PLATFORM STREQUAL "OS") + set(XCODE_IOS_PLATFORM iphoneos) + if(NOT IOS_ARCH) + set(IOS_ARCH armv7 armv7s arm64) + endif() + elseif (IOS_PLATFORM STREQUAL "OS64") + set(XCODE_IOS_PLATFORM iphoneos) + if(NOT IOS_ARCH) + set(IOS_ARCH arm64) + endif() +elseif (IOS_PLATFORM STREQUAL "SIMULATOR") + set(XCODE_IOS_PLATFORM iphonesimulator) + if(NOT IOS_ARCH) + set(IOS_ARCH i386) + endif() +elseif(IOS_PLATFORM STREQUAL "SIMULATOR64") + set(XCODE_IOS_PLATFORM iphonesimulator) + if(NOT IOS_ARCH) + set(IOS_ARCH x86_64) + endif() +elseif (IOS_PLATFORM STREQUAL "TVOS") + set(XCODE_IOS_PLATFORM appletvos) + if(NOT IOS_ARCH) + set(IOS_ARCH arm64) + endif() +elseif (IOS_PLATFORM STREQUAL "SIMULATOR_TVOS") + set(XCODE_IOS_PLATFORM appletvsimulator) + if(NOT IOS_ARCH) + set(IOS_ARCH x86_64) + endif() +else() + message(FATAL_ERROR "Invalid IOS_PLATFORM: ${IOS_PLATFORM}") +endif() +message(STATUS "Configuring iOS build for platform: ${IOS_PLATFORM}, " + "architecture(s): ${IOS_ARCH}") +# If user did not specify the SDK root to use, then query xcodebuild for it. +if (NOT CMAKE_OSX_SYSROOT) + execute_process(COMMAND xcodebuild -version -sdk ${XCODE_IOS_PLATFORM} Path + OUTPUT_VARIABLE CMAKE_OSX_SYSROOT + ERROR_QUIET + OUTPUT_STRIP_TRAILING_WHITESPACE) + message(STATUS "Using SDK: ${CMAKE_OSX_SYSROOT} for platform: ${IOS_PLATFORM}") +endif() +if (NOT EXISTS ${CMAKE_OSX_SYSROOT}) + message(SEND_ERROR "Please make sure that Xcode is installed and that the toolchain" + "is pointing to the correct path. Please run:" + "sudo xcode-select -s /Applications/Xcode.app/Contents/Developer" + "and see if that fixes the problem for you.") + message(FATAL_ERROR "Invalid CMAKE_OSX_SYSROOT: ${CMAKE_OSX_SYSROOT} " + "does not exist.") +endif() +# Specify minimum version of deployment target. +if (NOT DEFINED IOS_DEPLOYMENT_TARGET) + # Unless specified, SDK version 8.0 is used by default as minimum target version. + set(IOS_DEPLOYMENT_TARGET "8.0" + CACHE STRING "Minimum iOS version to build for." ) + message(STATUS "Using the default min-version since IOS_DEPLOYMENT_TARGET not provided!") +endif() +# Use bitcode or not +if (NOT DEFINED ENABLE_BITCODE AND NOT IOS_ARCH MATCHES "((^|, )(i386|x86_64))+") + # Unless specified, enable bitcode support by default + set(ENABLE_BITCODE TRUE CACHE BOOL "Whether or not to enable bitcode") + message(STATUS "Enabling bitcode support by default. ENABLE_BITCODE not provided!") +endif() +if (NOT DEFINED ENABLE_BITCODE) + message(STATUS "Disabling bitcode support by default on simulators. ENABLE_BITCODE not provided for override!") +endif() +# Use ARC or not +if (NOT DEFINED ENABLE_ARC) + # Unless specified, enable ARC support by default + set(ENABLE_ARC TRUE CACHE BOOL "Whether or not to enable ARC") + message(STATUS "Enabling ARC support by default. ENABLE_ARC not provided!") +endif() +# Use hidden visibility or not +if (NOT DEFINED ENABLE_VISIBILITY) + # Unless specified, disable symbols visibility by default + set(ENABLE_VISIBILITY FALSE CACHE BOOL "Whether or not to hide symbols (-fvisibility=hidden)") + message(STATUS "Hiding symbols visibility by default. ENABLE_VISIBILITY not provided!") +endif() +# Get the SDK version information. +execute_process(COMMAND xcodebuild -sdk ${CMAKE_OSX_SYSROOT} -version SDKVersion + OUTPUT_VARIABLE IOS_SDK_VERSION + ERROR_QUIET + OUTPUT_STRIP_TRAILING_WHITESPACE) +# Find the Developer root for the specific iOS platform being compiled for +# from CMAKE_OSX_SYSROOT. Should be ../../ from SDK specified in +# CMAKE_OSX_SYSROOT. There does not appear to be a direct way to obtain +# this information from xcrun or xcodebuild. +if (NOT CMAKE_IOS_DEVELOPER_ROOT) + get_filename_component(IOS_PLATFORM_SDK_DIR ${CMAKE_OSX_SYSROOT} PATH) + get_filename_component(CMAKE_IOS_DEVELOPER_ROOT ${IOS_PLATFORM_SDK_DIR} PATH) +endif() +if (NOT EXISTS ${CMAKE_IOS_DEVELOPER_ROOT}) + message(FATAL_ERROR "Invalid CMAKE_IOS_DEVELOPER_ROOT: " + "${CMAKE_IOS_DEVELOPER_ROOT} does not exist.") +endif() +# Find the C & C++ compilers for the specified SDK. +if (NOT CMAKE_C_COMPILER) + execute_process(COMMAND xcrun -sdk ${CMAKE_OSX_SYSROOT} -find clang + OUTPUT_VARIABLE CMAKE_C_COMPILER + ERROR_QUIET + OUTPUT_STRIP_TRAILING_WHITESPACE) + message(STATUS "Using C compiler: ${CMAKE_C_COMPILER}") +endif() +if (NOT CMAKE_CXX_COMPILER) + execute_process(COMMAND xcrun -sdk ${CMAKE_OSX_SYSROOT} -find clang++ + OUTPUT_VARIABLE CMAKE_CXX_COMPILER + ERROR_QUIET + OUTPUT_STRIP_TRAILING_WHITESPACE) + message(STATUS "Using CXX compiler: ${CMAKE_CXX_COMPILER}") +endif() +# Find (Apple's) libtool. +execute_process(COMMAND xcrun -sdk ${CMAKE_OSX_SYSROOT} -find libtool + OUTPUT_VARIABLE IOS_LIBTOOL + ERROR_QUIET + OUTPUT_STRIP_TRAILING_WHITESPACE) +message(STATUS "Using libtool: ${IOS_LIBTOOL}") +# Configure libtool to be used instead of ar + ranlib to build static libraries. +# This is required on Xcode 7+, but should also work on previous versions of +# Xcode. +set(CMAKE_C_CREATE_STATIC_LIBRARY + "${IOS_LIBTOOL} -static -o ") +set(CMAKE_CXX_CREATE_STATIC_LIBRARY + "${IOS_LIBTOOL} -static -o ") +# Get the version of Darwin (OS X) of the host. +execute_process(COMMAND uname -r + OUTPUT_VARIABLE CMAKE_HOST_SYSTEM_VERSION + ERROR_QUIET + OUTPUT_STRIP_TRAILING_WHITESPACE) +# Standard settings. +set(CMAKE_SYSTEM_NAME Darwin CACHE INTERNAL "") +set(CMAKE_SYSTEM_VERSION ${IOS_SDK_VERSION} CACHE INTERNAL "") +set(UNIX TRUE CACHE BOOL "") +set(APPLE TRUE CACHE BOOL "") +set(IOS TRUE CACHE BOOL "") +set(CMAKE_AR ar CACHE FILEPATH "" FORCE) +set(CMAKE_RANLIB ranlib CACHE FILEPATH "" FORCE) +# Force unset of OS X-specific deployment target (otherwise autopopulated), +# required as of cmake 2.8.10. +set(CMAKE_OSX_DEPLOYMENT_TARGET "" CACHE STRING + "Must be empty for iOS builds." FORCE) +# Set the architectures for which to build. +set(CMAKE_OSX_ARCHITECTURES ${IOS_ARCH} CACHE STRING "Build architecture for iOS") +# Change the type of target generated for try_compile() so it'll work when cross-compiling +set(CMAKE_TRY_COMPILE_TARGET_TYPE STATIC_LIBRARY) +# Skip the platform compiler checks for cross compiling. +set(CMAKE_CXX_COMPILER_FORCED TRUE) +set(CMAKE_CXX_COMPILER_WORKS TRUE) +set(CMAKE_C_COMPILER_FORCED TRUE) +set(CMAKE_C_COMPILER_WORKS TRUE) +# All iOS/Darwin specific settings - some may be redundant. +set(CMAKE_SHARED_LIBRARY_PREFIX "lib") +set(CMAKE_SHARED_LIBRARY_SUFFIX ".dylib") +set(CMAKE_SHARED_MODULE_PREFIX "lib") +set(CMAKE_SHARED_MODULE_SUFFIX ".so") +set(CMAKE_C_COMPILER_ABI ELF) +set(CMAKE_CXX_COMPILER_ABI ELF) +set(CMAKE_C_HAS_ISYSROOT 1) +set(CMAKE_CXX_HAS_ISYSROOT 1) +set(CMAKE_MODULE_EXISTS 1) +set(CMAKE_DL_LIBS "") +set(CMAKE_C_OSX_COMPATIBILITY_VERSION_FLAG "-compatibility_version ") +set(CMAKE_C_OSX_CURRENT_VERSION_FLAG "-current_version ") +set(CMAKE_CXX_OSX_COMPATIBILITY_VERSION_FLAG "${CMAKE_C_OSX_COMPATIBILITY_VERSION_FLAG}") +set(CMAKE_CXX_OSX_CURRENT_VERSION_FLAG "${CMAKE_C_OSX_CURRENT_VERSION_FLAG}") + +if(IOS_ARCH MATCHES "((^|, )(arm64|x86_64))+") + set(CMAKE_C_SIZEOF_DATA_PTR 8) + set(CMAKE_CXX_SIZEOF_DATA_PTR 8) + message(STATUS "Using a data_ptr size of 8") +else() + set(CMAKE_C_SIZEOF_DATA_PTR 4) + set(CMAKE_CXX_SIZEOF_DATA_PTR 4) + message(STATUS "Using a data_ptr size of 4") +endif() + +message(STATUS "Building for minimum iOS version: ${IOS_DEPLOYMENT_TARGET}" + " (SDK version: ${IOS_SDK_VERSION})") +# Note that only Xcode 7+ supports the newer more specific: +# -m${XCODE_IOS_PLATFORM}-version-min flags, older versions of Xcode use: +# -m(ios/ios-simulator)-version-min instead. +if (IOS_PLATFORM STREQUAL "OS") + if (XCODE_VERSION VERSION_LESS 7.0) + set(XCODE_IOS_PLATFORM_VERSION_FLAGS + "-mios-version-min=${IOS_DEPLOYMENT_TARGET}") + else() + # Xcode 7.0+ uses flags we can build directly from XCODE_IOS_PLATFORM. + set(XCODE_IOS_PLATFORM_VERSION_FLAGS + "-m${XCODE_IOS_PLATFORM}-version-min=${IOS_DEPLOYMENT_TARGET}") + endif() +elseif (IOS_PLATFORM STREQUAL "TVOS") + set(XCODE_IOS_PLATFORM_VERSION_FLAGS + "-mtvos-version-min=${IOS_DEPLOYMENT_TARGET}") +elseif (IOS_PLATFORM STREQUAL "SIMULATOR_TVOS") + set(XCODE_IOS_PLATFORM_VERSION_FLAGS + "-mtvos-simulator-version-min=${IOS_DEPLOYMENT_TARGET}") +else() + # SIMULATOR or SIMULATOR64 both use -mios-simulator-version-min. + set(XCODE_IOS_PLATFORM_VERSION_FLAGS + "-mios-simulator-version-min=${IOS_DEPLOYMENT_TARGET}") +endif() +message(STATUS "Version flags set to: ${XCODE_IOS_PLATFORM_VERSION_FLAGS}") + +if (ENABLE_BITCODE) + set(BITCODE "-fembed-bitcode") + set(HEADER_PAD "") + message(STATUS "Enabling bitcode support.") +else() + set(BITCODE "") + set(HEADER_PAD "-headerpad_max_install_names") + message(STATUS "Disabling bitcode support.") +endif() + +if (ENABLE_ARC) + set(FOBJC_ARC "-fobjc-arc") + message(STATUS "Enabling ARC support.") +else() + set(FOBJC_ARC "-fno-objc-arc") + message(STATUS "Disabling ARC support.") +endif() + +if (NOT ENABLE_VISIBILITY) + set(VISIBILITY "-fvisibility=hidden") + message(STATUS "Hiding symbols (-fvisibility=hidden).") +else() + set(VISIBILITY "") +endif() + +set(CMAKE_C_FLAGS +"${XCODE_IOS_PLATFORM_VERSION_FLAGS} ${BITCODE} -fobjc-abi-version=2 ${FOBJC_ARC} ${CMAKE_C_FLAGS}") +# Hidden visibilty is required for C++ on iOS. +set(CMAKE_CXX_FLAGS +"${XCODE_IOS_PLATFORM_VERSION_FLAGS} ${BITCODE} ${VISIBILITY} -fvisibility-inlines-hidden -fobjc-abi-version=2 ${FOBJC_ARC} ${CMAKE_CXX_FLAGS}") +set(CMAKE_CXX_FLAGS_MINSIZEREL "${CMAKE_CXX_FLAGS} -DNDEBUG -Os -ffast-math ${BITCODE} ${CMAKE_CXX_FLAGS_MINSIZEREL}") +set(CMAKE_CXX_FLAGS_RELWITHDEBINFO "${CMAKE_CXX_FLAGS} -DNDEBUG -O2 -g -ffast-math ${BITCODE} ${CMAKE_CXX_FLAGS_RELWITHDEBINFO}") +set(CMAKE_CXX_FLAGS_RELEASE "${CMAKE_CXX_FLAGS} -DNDEBUG -O3 -ffast-math ${BITCODE} ${CMAKE_CXX_FLAGS_RELEASE}") +set(CMAKE_C_LINK_FLAGS "${XCODE_IOS_PLATFORM_VERSION_FLAGS} -Wl,-search_paths_first ${CMAKE_C_LINK_FLAGS}") +set(CMAKE_CXX_LINK_FLAGS "${XCODE_IOS_PLATFORM_VERSION_FLAGS} -Wl,-search_paths_first ${CMAKE_CXX_LINK_FLAGS}") + +# In order to ensure that the updated compiler flags are used in try_compile() +# tests, we have to forcibly set them in the CMake cache, not merely set them +# in the local scope. +list(APPEND VARS_TO_FORCE_IN_CACHE + CMAKE_C_FLAGS + CMAKE_CXX_FLAGS + CMAKE_CXX_FLAGS_RELWITHDEBINFO + CMAKE_CXX_FLAGS_MINSIZEREL + CMAKE_CXX_FLAGS_RELEASE + CMAKE_C_LINK_FLAGS + CMAKE_CXX_LINK_FLAGS) +foreach(VAR_TO_FORCE ${VARS_TO_FORCE_IN_CACHE}) + set(${VAR_TO_FORCE} "${${VAR_TO_FORCE}}" CACHE STRING "" FORCE) +endforeach() + +set(CMAKE_PLATFORM_HAS_INSTALLNAME 1) +set (CMAKE_SHARED_LINKER_FLAGS "-rpath @executable_path/Frameworks -rpath @loader_path/Frameworks") +set(CMAKE_SHARED_LIBRARY_CREATE_C_FLAGS "-dynamiclib ${HEADER_PAD}") +set(CMAKE_SHARED_MODULE_CREATE_C_FLAGS "-bundle ${HEADER_PAD}") +set(CMAKE_SHARED_MODULE_LOADER_C_FLAG "-Wl,-bundle_loader,") +set(CMAKE_SHARED_MODULE_LOADER_CXX_FLAG "-Wl,-bundle_loader,") +set(CMAKE_FIND_LIBRARY_SUFFIXES ".dylib" ".so" ".a") + +# Hack: if a new cmake (which uses CMAKE_INSTALL_NAME_TOOL) runs on an old +# build tree (where install_name_tool was hardcoded) and where +# CMAKE_INSTALL_NAME_TOOL isn't in the cache and still cmake didn't fail in +# CMakeFindBinUtils.cmake (because it isn't rerun) hardcode +# CMAKE_INSTALL_NAME_TOOL here to install_name_tool, so it behaves as it did +# before, Alex. +if (NOT DEFINED CMAKE_INSTALL_NAME_TOOL) + find_program(CMAKE_INSTALL_NAME_TOOL install_name_tool) +endif (NOT DEFINED CMAKE_INSTALL_NAME_TOOL) + +# Set the find root to the iOS developer roots and to user defined paths. +set(CMAKE_FIND_ROOT_PATH ${CMAKE_IOS_DEVELOPER_ROOT} ${CMAKE_OSX_SYSROOT} + ${CMAKE_PREFIX_PATH} CACHE string "iOS find search path root" FORCE) +# Default to searching for frameworks first. +set(CMAKE_FIND_FRAMEWORK FIRST) +# Set up the default search directories for frameworks. +set(CMAKE_SYSTEM_FRAMEWORK_PATH + ${CMAKE_OSX_SYSROOT}/System/Library/Frameworks + ${CMAKE_OSX_SYSROOT}/System/Library/PrivateFrameworks + ${CMAKE_OSX_SYSROOT}/Developer/Library/Frameworks) +# Only search the specified iOS SDK, not the remainder of the host filesystem. +set(CMAKE_FIND_ROOT_PATH_MODE_PROGRAM ONLY) +set(CMAKE_FIND_ROOT_PATH_MODE_LIBRARY ONLY) +set(CMAKE_FIND_ROOT_PATH_MODE_INCLUDE ONLY) +# This little macro lets you set any XCode specific property. +macro(set_xcode_property TARGET XCODE_PROPERTY XCODE_VALUE XCODE_RELVERSION) + set(XCODE_RELVERSION_I "${XCODE_RELVERSION}") + if (XCODE_RELVERSION_I STREQUAL "All") + set_property(TARGET ${TARGET} PROPERTY + XCODE_ATTRIBUTE_${XCODE_PROPERTY} "${XCODE_VALUE}") + else() + set_property(TARGET ${TARGET} PROPERTY + XCODE_ATTRIBUTE_${XCODE_PROPERTY}[variant=${XCODE_RELVERSION_I}] "${XCODE_VALUE}") + endif() +endmacro(set_xcode_property) +# This macro lets you find executable programs on the host system. +macro(find_host_package) + set(CMAKE_FIND_ROOT_PATH_MODE_PROGRAM NEVER) + set(CMAKE_FIND_ROOT_PATH_MODE_LIBRARY NEVER) + set(CMAKE_FIND_ROOT_PATH_MODE_INCLUDE NEVER) + set(IOS FALSE) + find_package(${ARGN}) + set(IOS TRUE) + set(CMAKE_FIND_ROOT_PATH_MODE_PROGRAM ONLY) + set(CMAKE_FIND_ROOT_PATH_MODE_LIBRARY ONLY) + set(CMAKE_FIND_ROOT_PATH_MODE_INCLUDE ONLY) +endmacro(find_host_package) \ No newline at end of file diff --git a/depends/relic/cmake/md.cmake b/depends/relic/cmake/md.cmake new file mode 100644 index 00000000000000..6eb16700892945 --- /dev/null +++ b/depends/relic/cmake/md.cmake @@ -0,0 +1,21 @@ +message(STATUS "Message digest configuration (MD module):\n") + +message(" ** Available hash functions (default = SH256):\n") +message(" MD_METHD=SH224 SHA-224 hash function.") +message(" MD_METHD=SH256 SHA-256 hash function.") +message(" MD_METHD=SH384 SHA-384 hash function.") +message(" MD_METHD=SH512 SHA-512 hash function.") +message(" MD_METHD=B2S160 BLAKE2s-160 hash function.") +message(" MD_METHD=B2S256 BLAKE2s-256 hash function.\n") + +# Choose the arithmetic methods. +if (NOT MD_METHD) + set(MD_METHD "SH256") +endif(NOT MD_METHD) +list(LENGTH MD_METHD MD_LEN) +if (MD_LEN LESS 1) + message(FATAL_ERROR "Incomplete MD_METHD specification: ${MD_METHD}") +endif(MD_LEN LESS 1) + +list(GET MD_METHD 0 MD_MAP) +set(MD_METHD ${MD_METHD} CACHE STRING "Method for hash functions.") diff --git a/depends/relic/cmake/pp.cmake b/depends/relic/cmake/pp.cmake new file mode 100644 index 00000000000000..d1ae4dbc11e560 --- /dev/null +++ b/depends/relic/cmake/pp.cmake @@ -0,0 +1,25 @@ +message(STATUS "Bilinear pairings arithmetic configuration (PP module):\n") + +message(" ** Available bilinear pairing methods (default = BASIC;OATEP):\n") + +message(" Extension field arithmetic:") +message(" PP_METHD=BASIC Basic extension field arithmetic.") +message(" PP_METHD=LAZYR Lazy reduced extension field arithmetic.\n") + +message(" Pairing computation:") +message(" PP_METHD=TATEP Tate pairing.") +message(" PP_METHD=WEILP Weil pairing.") +message(" PP_METHD=OATEP Optimal ate pairing.\n") + +# Choose the arithmetic methods. +if (NOT PP_METHD) + set(PP_METHD "LAZYR;OATEP") +endif(NOT PP_METHD) +list(LENGTH PP_METHD PP_LEN) +if (PP_LEN LESS 1) + message(FATAL_ERROR "Incomplete PP_METHD specification: ${PP_METHD}") +endif(PP_LEN LESS 1) + +list(GET PP_METHD 0 PP_EXT) +list(GET PP_METHD 1 PP_MAP) +set(PP_METHD ${PP_METHD} CACHE STRING "Method for pairing over prime curves.") diff --git a/depends/relic/cmake/rand.cmake b/depends/relic/cmake/rand.cmake new file mode 100644 index 00000000000000..ed90c7691cbfc6 --- /dev/null +++ b/depends/relic/cmake/rand.cmake @@ -0,0 +1,29 @@ +message(STATUS "Available pseudo-random number generators (default = HASHD):\n") + +message(" RAND=HASHD Use the HASH-DRBG generator. (recommended)") +message(" RAND=RDRND Use Intel RdRand instruction directly.") +message(" RAND=UDEV Use the operating system underlying generator.") +message(" RAND=CALL Override the generator with a callback.\n") + +message(STATUS "Available random number generator seeders (default = UDEV):\n") + +message(" SEED= Use a zero seed. (horribly insecure!)") +message(" SEED=LIBC Use rand()/random() functions. (insecure!)") +message(" SEED=RDRND Use Intel RdRand instruction directly.") +message(" SEED=UDEV Use non-blocking /dev/urandom. (recommended)") +message(" SEED=WCGR Use Windows' CryptGenRandom. (recommended)\n") + +# Choose the pseudo-random number generator. +set(RAND "HASHD" CACHE STRING "Pseudo-random number generator") + +if(MSVC) + + # Choose the pseudo-random number generator. + set(SEED "WCGR" CACHE STRING "Random number generator seeder") + +else() + + # Choose the pseudo-random number generator. + set(SEED "UDEV" CACHE STRING "Random number generator seeder") + +endif() diff --git a/depends/relic/cmake/relic-config.cmake b/depends/relic/cmake/relic-config.cmake new file mode 100644 index 00000000000000..0b2db20dd78ccc --- /dev/null +++ b/depends/relic/cmake/relic-config.cmake @@ -0,0 +1,10 @@ +find_path(RLC_INCLUDE_DIR relic/relic.h) +find_library(RLC_LIBRARY NAMES relic) + +include (FindPackageHandleStandardArgs) +find_package_handle_standard_args(RELIC DEFAULT_MSG RLC_INCLUDE_DIR RLC_LIBRARY) + +if(RLC_FOUND) + set(RLC_LIBRARIES ${RLC_LIBRARY}) + set(RLC_INCLUDE_DIRS ${RLC_INCLUDE_DIR}) +endif() diff --git a/depends/relic/cmake/with.cmake b/depends/relic/cmake/with.cmake new file mode 100644 index 00000000000000..f4edd4522f3e73 --- /dev/null +++ b/depends/relic/cmake/with.cmake @@ -0,0 +1,130 @@ +# Default modules. +set(WITH "ALL" CACHE STRING "Selected modules") +LIST(FIND WITH "ALL" TEMP) +if(TEMP GREATER -1) + set(WITH_BN 1) + set(WITH_DV 1) + set(WITH_FP 1) + set(WITH_FPX 1) + set(WITH_FB 1) + set(WITH_FBX 1) + set(WITH_EP 1) + set(WITH_EPX 1) + set(WITH_EB 1) + set(WITH_ED 1) + set(WITH_EC 1) + set(WITH_PP 1) + set(WITH_PC 1) + set(WITH_BC 1) + set(WITH_MD 1) + set(WITH_CP 1) + set(WITH_MPC 1) +endif(TEMP GREATER -1) + +# Check if multiple precision integer arithmetic is required. +list(FIND WITH "BN" TEMP) +if(TEMP GREATER -1) + set(WITH_BN 1) +endif(TEMP GREATER -1) + +# Check if temporary vectors are required. +list(FIND WITH "DV" TEMP) +if(TEMP GREATER -1) + set(WITH_DV 1) +endif(TEMP GREATER -1) + +# Check if prime field arithmetic is required. +list(FIND WITH "FP" TEMP) +if(TEMP GREATER -1) + set(WITH_FP 1) +endif(TEMP GREATER -1) + +# Check if prime extension field arithmetic is required. +list(FIND WITH "FPX" TEMP) +if(TEMP GREATER -1) + set(WITH_FPX 1) +endif(TEMP GREATER -1) + +# Check if binary field arithmetic is required. +list(FIND WITH "FB" TEMP) +if(TEMP GREATER -1) + set(WITH_FB 1) +endif(TEMP GREATER -1) + +# Check if binary extension field arithmetic is required. +list(FIND WITH "FBX" TEMP) +if(TEMP GREATER -1) + set(WITH_FBX 1) +endif(TEMP GREATER -1) + +# Check if prime elliptic curve support is required. +list(FIND WITH "EP" TEMP) +if(TEMP GREATER -1) + set(WITH_EP 1) +endif(TEMP GREATER -1) + +#Check if support for elliptic curves defined over prime field extensions is required. +list(FIND WITH "EPX" TEMP) +if (TEMP GREATER -1) + set(WITH_EPX 1) +endif(TEMP GREATER -1) + +# Check if binary elliptic curve support is required. +list(FIND WITH "EB" TEMP) +if(TEMP GREATER -1) + set(WITH_EB 1) +endif(TEMP GREATER -1) + +# Check if binary elliptic curve support is required. +list(FIND WITH "ED" TEMP) +if(TEMP GREATER -1) + set(WITH_ED 1) +endif(TEMP GREATER -1) + +# Check if elliptic curve cryptography support is required. +list(FIND WITH "EC" TEMP) +if(TEMP GREATER -1) + set(WITH_EC 1) +endif(TEMP GREATER -1) + +# Check if support for pairings over prime curves is required. +list(FIND WITH "PP" TEMP) +if(TEMP GREATER -1) + set(WITH_PP 1) +endif(TEMP GREATER -1) + +# Check if support for pairings over binary curves is required. +list(FIND WITH "PB" TEMP) +if(TEMP GREATER -1) + set(WITH_PB 1) +endif(TEMP GREATER -1) + +# Check if elliptic curve cryptography support is required. +list(FIND WITH "PC" TEMP) +if(TEMP GREATER -1) + set(WITH_PC 1) +endif(TEMP GREATER -1) + +# Check if support for block ciphers is required. +list(FIND WITH "BC" TEMP) +if(TEMP GREATER -1) + set(WITH_BC 1) +endif(TEMP GREATER -1) + +# Check if support for hash functions is required. +list(FIND WITH "MD" TEMP) +if(TEMP GREATER -1) + set(WITH_MD 1) +endif(TEMP GREATER -1) + +# Check if support for cryptographic protocols is required. +list(FIND WITH "CP" TEMP) +if(TEMP GREATER -1) + set(WITH_CP 1) +endif(TEMP GREATER -1) + +# Check if support for cryptographic protocols is required. +list(FIND WITH "MPC" TEMP) +if(TEMP GREATER -1) + set(WITH_MPC 1) +endif(TEMP GREATER -1) diff --git a/depends/relic/demo/cert-input/Makefile b/depends/relic/demo/cert-input/Makefile new file mode 100644 index 00000000000000..25f24241c15989 --- /dev/null +++ b/depends/relic/demo/cert-input/Makefile @@ -0,0 +1,13 @@ +CFLAGS=-O3 -march=native -mtune=native -ggdb +RELIC_ROOT = ../.. + +all: lib + gcc ${CFLAGS} -c test-bench.c -o test-bench.o -I ${RELIC_ROOT}/include -I target/include + gcc ${CFLAGS} -o test-bench test-bench.o target/lib/librelic_s.a -lgmp + +lib: + mkdir -p target + cd target; ${RELIC_ROOT}/../preset/x64-pbc-bls12-381.sh ${RELIC_ROOT}/../; cmake -DEP_METHD='JACOB;LWNAF;COMBS;INTER' .; make + +clean: + rm -rf target *.o test-bench diff --git a/depends/relic/demo/cert-input/test-bench.c b/depends/relic/demo/cert-input/test-bench.c new file mode 100644 index 00000000000000..a90a0381a36098 --- /dev/null +++ b/depends/relic/demo/cert-input/test-bench.c @@ -0,0 +1,471 @@ +/* + * RELIC is an Efficient LIbrary for Cryptography + * Copyright (c) 2020 RELIC Authors + * + * This file is part of RELIC. RELIC is legal property of its developers, + * whose names are not listed here. Please refer to the COPYRIGHT file + * for contact information. + * + * RELIC is free software; you can redistribute it and/or modify it under the + * terms of the version 2.1 (or later) of the GNU Lesser General Public License + * as published by the Free Software Foundation; or version 2.0 of the Apache + * License as published by the Apache Software Foundation. See the LICENSE files + * for more details. + * + * RELIC is distributed in the hope that it will be useful, but WITHOUT ANY + * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + * A PARTICULAR PURPOSE. See the LICENSE files for more details. + * + * You should have received a copy of the GNU Lesser General Public or the + * Apache License along with RELIC. If not, see + * or . + */ + +/** + * @file + * + * Benchmarks for cryptographic protocols. + * + * @version $Id$ + * @ingroup bench + */ + +#include +#include + +#include "relic.h" +#include "relic_test.h" +#include "relic_bench.h" + +#define MSGS 10000 + +static int test_pss(void) { + int i, code = RLC_ERR; + bn_t ms[MSGS], n, u, v, _v[MSGS]; + g1_t a, b; + g2_t g, x, y, _y[MSGS]; + + bn_null(n); + bn_null(u); + bn_null(v); + g1_null(a); + g1_null(b); + g2_null(g); + g2_null(x); + g2_null(y); + + RLC_TRY { + bn_new(n); + bn_new(u); + bn_new(v); + g1_new(a); + g1_new(b); + g2_new(g); + g2_new(x); + g2_new(y); + + g1_get_ord(n); + + for (i = 0; i < MSGS; i++) { + bn_null(ms[i]); + bn_null(_v[i]); + g2_null(_y[i]); + bn_new(ms[i]); + bn_rand_mod(ms[i], n); + bn_new(_v[i]); + g2_new(_y[i]); + } + + TEST_CASE("pointcheval-sanders simple signature is correct") { + TEST_ASSERT(cp_pss_gen(u, v, g, x, y) == RLC_OK, end); + TEST_ASSERT(cp_pss_sig(a, b, ms[0], u, v) == RLC_OK, end); + TEST_ASSERT(cp_pss_ver(a, b, ms[0], g, x, y) == 1, end); + /* Check adversarial signature. */ + g1_set_infty(a); + g1_set_infty(b); + TEST_ASSERT(cp_pss_ver(a, b, ms[0], g, x, y) == 0, end); + } + TEST_END; + + TEST_CASE("pointcheval-sanders block signature is correct") { + TEST_ASSERT(cp_psb_gen(u, _v, g, x, _y, MSGS) == RLC_OK, end); + TEST_ASSERT(cp_psb_sig(a, b, ms, u, _v, MSGS) == RLC_OK, end); + TEST_ASSERT(cp_psb_ver(a, b, ms, g, x, _y, MSGS) == 1, end); + } + TEST_END; + } + RLC_CATCH_ANY { + RLC_ERROR(end); + } + code = RLC_OK; + + end: + bn_free(n); + bn_free(u); + bn_free(v); + g1_free(a); + g1_free(b); + g2_free(g); + g2_free(x); + g2_free(y); + for (i = 0; i < MSGS; i++) { + bn_free(ms[i]); + bn_free(_v[i]); + g2_free(_y[i]); + } + return code; +} + +static int test_mpss(void) { + int i, j, code = RLC_ERR; + bn_t m[2], n, u[2], v[2], ms[MSGS][2], _v[MSGS][2]; + g1_t g, s[2]; + g2_t h, x[2], y[2], _y[MSGS][2]; + gt_t e; + mt_t tri[3][2]; + pt_t t[2]; + + bn_null(n); + g1_null(g); + g2_null(h); + gt_null(e); + + RLC_TRY { + bn_new(n); + g1_new(g); + g2_new(h); + gt_new(e); + g1_get_ord(n); + for (i = 0; i < 2; i++) { + bn_null(m[i]); + bn_null(u[i]); + bn_null(v[i]); + g1_null(s[i]); + g2_null(x[i]); + g2_null(y[i]); + mt_null(tri[0][i]); + mt_null(tri[1][i]); + mt_null(tri[2][i]); + pt_null(t[i]); + bn_new(m[i]); + bn_rand_mod(m[i], n); + bn_new(u[i]); + bn_new(v[i]); + g1_new(s[i]); + g2_new(x[i]); + g2_new(y[i]); + mt_new(tri[0][i]); + mt_new(tri[1][i]); + mt_new(tri[2][i]); + pt_new(t[i]); + for (j = 0; j < MSGS; j++) { + bn_null(ms[j][i]); + bn_null(_v[j][i]); + g2_null(_y[j][i]); + bn_new(ms[j][i]); + bn_rand_mod(ms[j][i], n); + bn_new(_v[j][i]); + g2_new(_y[j][i]); + } + } + + TEST_CASE("multi-party pointcheval-sanders simple signature is correct") { + pc_map_tri(t); + mt_gen(tri[0], n); + mt_gen(tri[1], n); + mt_gen(tri[2], n); + TEST_ASSERT(cp_mpss_gen(u, v, h, x, y) == RLC_OK, end); + TEST_ASSERT(cp_mpss_bct(x, y) == RLC_OK, end); + /* Compute signature in MPC. */ + TEST_ASSERT(cp_mpss_sig(g, s, m, u, v, tri[0], tri[1]) == RLC_OK, end); + /* Verify signature in MPC. */ + cp_mpss_ver(e, g, s, m, h, x[0], y[0], tri[2], t); + TEST_ASSERT(gt_is_unity(e) == 1, end); + /* Check that signature is also valid for conventional scheme. */ + bn_add(m[0], m[0], m[1]); + bn_mod(m[0], m[0], n); + g1_add(s[0], s[0], s[1]); + g1_norm(s[0], s[0]); + TEST_ASSERT(cp_pss_ver(g, s[0], m[0], h, x[0], y[0]) == 1, end); + } + TEST_END; + + TEST_CASE("multi-party pointcheval-sanders block signature is correct") { + g1_get_ord(n); + pc_map_tri(t); + mt_gen(tri[0], n); + mt_gen(tri[1], n); + mt_gen(tri[2], n); + TEST_ASSERT(cp_mpsb_gen(u, _v, h, x, _y, MSGS) == RLC_OK, end); + TEST_ASSERT(cp_mpsb_bct(x, _y, MSGS) == RLC_OK, end); + /* Compute signature in MPC. */ + TEST_ASSERT(cp_mpsb_sig(g, s, ms, u, _v, tri[0], tri[1], MSGS) == RLC_OK, end); + /* Verify signature in MPC. */ + cp_mpsb_ver(e, g, s, ms, h, x[0], _y, NULL, tri[2], t, MSGS); + TEST_ASSERT(gt_is_unity(e) == 1, end); + cp_mpsb_ver(e, g, s, ms, h, x[0], _y, _v, tri[2], t, MSGS); + TEST_ASSERT(gt_is_unity(e) == 1, end); + bn_sub_dig(ms[0][0], ms[0][0], 1); + cp_mpsb_ver(e, g, s, ms, h, x[0], _y, _v, tri[2], t, MSGS); + TEST_ASSERT(gt_is_unity(e) == 0, end); + } + TEST_END; + } + RLC_CATCH_ANY { + RLC_ERROR(end); + } + code = RLC_OK; + + end: + bn_free(n); + g1_free(g); + g2_free(h); + gt_free(e); + for (i = 0; i < 2; i++) { + bn_free(m[i]); + bn_free(u[i]); + bn_free(v[i]); + g1_free(s[i]); + g2_free(x[i]); + g2_free(y[i]); + mt_free(tri[0][i]); + mt_free(tri[1][i]); + mt_free(tri[2][i]); + pt_free(t[i]); + for (j = 0; j < MSGS; j++) { + bn_free(ms[j][i]); + bn_free(_v[j][i]); + g2_free(_y[j][i]); + } + } + return code; +} + +static void bench_pss(void) { + bn_t ms[MSGS], n, u, v, _v[MSGS]; + g1_t a, b; + g2_t g, x, y, _y[MSGS]; + + bn_null(n); + bn_null(u); + bn_null(v); + g1_null(a); + g1_null(b); + g2_null(g); + g2_null(x); + g2_null(y); + bn_new(n); + bn_new(u); + bn_new(v); + g1_new(a); + g1_new(b); + g2_new(g); + g2_new(x); + g2_new(y); + + g1_get_ord(n); + for (int i = 0; i < MSGS; i++) { + bn_null(ms[i]); + bn_null(_v[i]); + g2_null(_y[i]); + bn_new(ms[i]); + bn_rand_mod(ms[i], n); + bn_new(_v[i]); + g2_new(_y[i]); + } + + BENCH_RUN("cp_pss_gen") { + BENCH_ADD(cp_pss_gen(u, v, g, x, y)); + } BENCH_END; + + BENCH_RUN("cp_pss_sig") { + BENCH_ADD(cp_pss_sig(a, b, ms[0], u, v)); + } BENCH_END; + + BENCH_RUN("cp_pss_ver") { + BENCH_ADD(cp_pss_ver(a, b, ms[0], g, x, y)); + } BENCH_END; + + BENCH_RUN("cp_psb_gen") { + BENCH_ADD(cp_psb_gen(u, _v, g, x, _y, MSGS)); + } BENCH_END; + + BENCH_RUN("cp_psb_sig") { + BENCH_ADD(cp_psb_sig(a, b, ms, u, _v, MSGS)); + } BENCH_END; + + BENCH_RUN("cp_psb_ver") { + BENCH_ADD(cp_psb_ver(a, b, ms, g, x, _y, MSGS)); + } BENCH_END; + + bn_free(u); + bn_free(v); + g1_free(a); + g1_free(b); + g2_free(g); + g2_free(x); + g2_free(y); + for (int i = 0; i < MSGS; i++) { + bn_free(ms[i]); + bn_free(_v[i]); + g1_free(_y[i]); + } +} + +static void bench_mpss(void) { + bn_t m[2], n, u[2], v[2], ms[MSGS][2], _v[MSGS][2]; + g1_t g, s[2]; + g2_t h, x[2], y[2], _y[MSGS][2]; + gt_t r; + mt_t tri[3][2]; + pt_t t[2]; + + bn_null(n); + g1_null(g); + g2_null(h); + gt_null(r); + + bn_new(n); + g1_new(g); + g2_new(h); + gt_new(r); + for (int i = 0; i < 2; i++) { + bn_null(m[i]); + bn_null(u[i]); + bn_null(v[i]); + g1_null(s[i]); + g2_null(x[i]); + g2_null(y[i]); + mt_null(tri[0][i]); + mt_null(tri[1][i]); + mt_null(tri[2][i]); + pt_null(t[i]); + bn_new(m[i]); + bn_new(u[i]); + bn_new(v[i]); + g1_new(s[i]); + g2_new(x[i]); + g2_new(y[i]); + mt_new(tri[0][i]); + mt_new(tri[1][i]); + mt_new(tri[2][i]); + pt_new(t[i]); + + g1_get_ord(n); + for (int j = 0; j < MSGS; j++) { + bn_null(ms[j][i]); + bn_null(_v[j][i]); + g2_null(_y[j][i]); + bn_new(ms[j][i]); + bn_rand_mod(ms[j][i], n); + bn_new(_v[j][i]); + g2_new(_y[j][i]); + } + } + + pc_map_tri(t); + mt_gen(tri[0], n); + mt_gen(tri[1], n); + mt_gen(tri[2], n); + + bn_rand_mod(m[0], n); + bn_rand_mod(m[1], n); + bn_sub(m[0], m[1], m[0]); + if (bn_sign(m[0]) == RLC_NEG) { + bn_add(m[0], m[0], n); + } + + BENCH_RUN("cp_mpss_gen") { + BENCH_ADD(cp_mpss_gen(u, v, h, x, y)); + } BENCH_END; + + BENCH_RUN("cp_mpss_bct") { + BENCH_ADD(cp_mpss_bct(x, y)); + } BENCH_END; + + BENCH_RUN("cp_mpss_sig") { + BENCH_ADD(cp_mpss_sig(g, s, m, u, v, tri[0], tri[1])); + } BENCH_DIV(2); + + BENCH_RUN("cp_mpss_ver") { + BENCH_ADD(cp_mpss_ver(r, g, s, m, h, x[0], y[0], tri[2], t)); + } BENCH_DIV(2); + + g1_get_ord(n); + pc_map_tri(t); + mt_gen(tri[0], n); + mt_gen(tri[1], n); + mt_gen(tri[2], n); + + BENCH_RUN("cp_mpsb_gen") { + BENCH_ADD(cp_mpsb_gen(u, _v, h, x, _y, MSGS)); + } BENCH_END; + + BENCH_RUN("cp_mpsb_bct") { + BENCH_ADD(cp_mpsb_bct(x, _y, MSGS)); + } BENCH_END; + + BENCH_RUN("cp_mpsb_sig") { + BENCH_ADD(cp_mpsb_sig(g, s, ms, u, _v, tri[0], tri[1], MSGS)); + } BENCH_DIV(2); + + BENCH_RUN("cp_mpsb_ver") { + BENCH_ADD(cp_mpsb_ver(r, g, s, ms, h, x[0], _y, NULL, tri[2], t, MSGS)); + } BENCH_DIV(2); + + BENCH_RUN("cp_mpsb_ver (sk)") { + BENCH_ADD(cp_mpsb_ver(r, g, s, ms, h, x[0], _y, _v, tri[2], t, MSGS)); + } BENCH_DIV(2); + + bn_free(n); + g1_free(g); + g2_free(h); + gt_free(r); + for (int i = 0; i < 2; i++) { + bn_free(m[i]); + bn_free(u[i]); + bn_free(v[i]); + g1_free(s[i]); + g2_free(x[i]); + g2_free(y[i]); + mt_free(tri[0][i]); + mt_free(tri[1][i]); + mt_free(tri[2][i]); + pt_free(t[i]); + for (int j = 0; j < MSGS; j++) { + bn_free(ms[j][i]); + bn_free(_v[j][i]); + g2_free(_y[j][i]); + } + } +} + + +int main(void) { + if (core_init() != RLC_OK) { + core_clean(); + return 1; + } + + conf_print(); + + util_banner("Note: If you get a SIGSEGV, try to increase the stack size with ulimit.", 1); + +#if defined(WITH_PC) + if (pc_param_set_any() == RLC_OK) { +#if defined(WITH_MPC) + util_banner("Tests for the PS signature and two-party PS protocol:\n", 0); + test_pss(); + test_mpss(); + util_banner("Benchmarks for the PS signature and two-party PS protocol:\n", 0); + bench_pss(); + bench_mpss(); +#endif + } else { + RLC_THROW(ERR_NO_CURVE); + } +#endif + + core_clean(); + return 0; +} diff --git a/depends/relic/demo/ers-etrs/Makefile b/depends/relic/demo/ers-etrs/Makefile new file mode 100644 index 00000000000000..7d02f50aabd5dc --- /dev/null +++ b/depends/relic/demo/ers-etrs/Makefile @@ -0,0 +1,13 @@ +CFLAGS=-O3 -march=native -mtune=native -ggdb +RELIC_ROOT = ../.. + +all: lib + gcc ${CFLAGS} -c test-bench.c -o test-bench.o -I ${RELIC_ROOT}/include -I target/include + gcc ${CFLAGS} -o test-bench test-bench.o target/lib/librelic_s.a -lgmp + +lib: + mkdir -p target + cd target; ${RELIC_ROOT}/../preset/x64-ecc-128.sh ${RELIC_ROOT}/../; cmake -DEP_METHD='JACOB;LWNAF;COMBS;INTER' -DBN_METHD=' COMBA;COMBA;MONTY;SLIDE;LEHME;BASIC' .; make + +clean: + rm -rf target *.o test-bench diff --git a/depends/relic/demo/ers-etrs/test-bench.c b/depends/relic/demo/ers-etrs/test-bench.c new file mode 100644 index 00000000000000..22ea4c4612c99b --- /dev/null +++ b/depends/relic/demo/ers-etrs/test-bench.c @@ -0,0 +1,226 @@ +/* + * RELIC is an Efficient LIbrary for Cryptography + * Copyright (c) 2009 RELIC Authors + * + * This file is part of RELIC. RELIC is legal property of its developers, + * whose names are not listed here. Please refer to the COPYRIGHT file + * for contact information. + * + * RELIC is free software; you can redistribute it and/or modify it under the + * terms of the version 2.1 (or later) of the GNU Lesser General Public License + * as published by the Free Software Foundation; or version 2.0 of the Apache + * License as published by the Apache Software Foundation. See the LICENSE files + * for more details. + * + * RELIC is distributed in the hope that it will be useful, but WITHOUT ANY + * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + * A PARTICULAR PURPOSE. See the LICENSE files for more details. + * + * You should have received a copy of the GNU Lesser General Public or the + * Apache License along with RELIC. If not, see + * or . + */ + +/** + * @file + * + * Benchmarks for cryptographic protocols. + * + * @version $Id$ + * @ingroup bench + */ + +#include + +#include "relic.h" +#include "relic_bench.h" + +#define MAX_KEYS 2048 + +#include "assert.h" + +static void ers(void) { + int size; + ec_t pp, pk[MAX_KEYS], *ptr; + bn_t sk[MAX_KEYS], td; + ers_t ring[MAX_KEYS]; + uint8_t m[5] = { 0, 1, 2, 3, 4 }; + + bn_null(td); + ec_null(pp); + + bn_new(td); + ec_new(pp); + for (int i = 0; i < MAX_KEYS; i++) { + bn_null(sk[i]); + bn_new(sk[i]); + ec_null(pk[i]); + ec_new(pk[i]); + ers_null(ring[i]); + ers_new(ring[i]); + cp_ers_gen_key(sk[i], pk[i]); + } + + cp_ers_gen(pp); + + bench_reset(); + for (int j = 0; j < BENCH; j++) { + BENCH_ADD(cp_ers_sig(td, ring[0], m, 5, sk[0], pk[0], pp)); + } + bench_compute(BENCH * BENCH); + util_print("{\"1\": {\"time\": %lf, \"size\": null}", bench_total()/(double)1000000); + + for (int j = 1; j < MAX_KEYS; j = j << 1) { + size = j; + bench_before(); + for (int k = 0; k < j; k++) { + cp_ers_ext(td, ring, &size, m, 5, pk[size], pp); + } + bench_after(); + bench_compute(1); + util_print(", \"%d\": {\"time\": %lf, \"size\": null}", size, bench_total()/(double)1000000); + assert(cp_ers_ver(td, ring, size, m, 5, pp)); + } + util_print("}\n\n"); + + /* Recompute the signature for verification. */ + cp_ers_sig(td, ring[0], m, 5, sk[0], pk[0], pp); + bench_reset(); + for (int j = 0; j < BENCH; j++) { + BENCH_ADD(assert(cp_ers_ver(td, ring, 1, m, 5, pp))); + } + bench_compute(BENCH * BENCH); + util_print("{\"1\": {\"time\": %lf, \"size\": %d}", bench_total()/(double)1000000, 9 * RLC_FP_BYTES); + + for (int j = 1; j < MAX_KEYS; j = j << 1) { + size = j; + /* Recompute the signatures for verification. */ + for (int k = 0; k < j; k++) { + assert(cp_ers_ext(td, ring, &size, m, 5, pk[size], pp) == RLC_OK); + } + assert(cp_ers_ver(td, ring, size, m, 5, pp)); + bench_reset(); + for (int i = 0; i < BENCH; i++) { + BENCH_ADD(cp_ers_ver(td, ring, size, m, 5, pp)); + } + bench_compute(BENCH * BENCH); + util_print(", \"%d\": {\"time\": %lf, \"size\": %d}", size, bench_total()/(double)1000000, size * 9 * RLC_FP_BYTES); + } + util_print("}"); + + bn_free(td); + ec_free(pp); + for (int i = 0; i < MAX_KEYS; i++) { + bn_free(sk[i]); + ec_free(pk[i]); + ers_free(ring[i]) + } +} + +#undef MAX_KEYS +#define MAX_KEYS 2048 +#define MIN_KEYS 64 + +static void etrs(void) { + int size; + ec_t pp, pk[MAX_KEYS], *ptr; + bn_t sk[MAX_KEYS], td[MAX_KEYS], y[MAX_KEYS]; + etrs_t ring[MAX_KEYS]; + uint8_t m[5] = { 0, 1, 2, 3, 4 }; + + ec_null(pp); + ec_new(pp); + for (int i = 0; i < MAX_KEYS; i++) { + bn_null(y[i]); + bn_new(y[i]); + bn_null(td[i]); + bn_new(td[i]); + bn_null(sk[i]); + bn_new(sk[i]); + ec_null(pk[i]); + ec_new(pk[i]); + ers_null(ring[i]); + ers_new(ring[i]); + cp_etrs_gen_key(sk[i], pk[i]); + } + + cp_ers_gen(pp); + + util_print("{"); + for (int j = 1; j <= MAX_KEYS; j = j << 1) { + bench_reset(); + bench_before(); + for (int i = 0; i < BENCH; i++) { + cp_etrs_sig(td, y, j, ring[0], m, 5, sk[0], pk[0], pp); + } + bench_after(); + bench_compute(BENCH); + util_print("\"%d\": {\"time\": %lf, \"size\": null}, ", j, bench_total()/(double)1000000); + assert(cp_etrs_ver(1, td, y, j, ring, 1, m, 5, pp)); + } + util_print("}\n\n"); + + for (int l = 2; l <= 8; l = l << 1) { + for (int j = l; j <= MAX_KEYS; j = j << 1) { + bench_reset(); + bench_before(); + size = 1; + cp_etrs_sig(td, y, j, ring[0], m, 5, sk[0], pk[0], pp); + for (int k = 1; k < j; k++) { + cp_etrs_ext(td, y, j, ring, &size, m, 5, pk[size], pp); + } + bench_after(); + bench_compute(1); + util_print("\"%d\": {\"time\": %lf, \"size\": null}, ", j, bench_total()/(double)1000000); + assert(cp_etrs_ver(1, td+size-1, y+size-1, j-size+1, ring, size, m, 5, pp)); + } + util_print("}\n\n"); + } + + for (int l = 1; l <= 8; l = l << 1) { + for (int j = l; j <= MAX_KEYS; j = j << 1) { + size = 1; + cp_etrs_sig(td, y, j, ring[0], m, 5, sk[0], pk[0], pp); + for (int k = 0; k < l; k++) { + cp_etrs_ext(td, y, j, ring, &size, m, 5, pk[size], pp); + } + bench_reset(); + bench_before(); + for (int i = 0; i < BENCH; i++) { + cp_etrs_ver(1, td+size-1, y+size-1, j-size+1, ring, size, m, 5, pp); + } + bench_after(); + bench_compute(BENCH); + util_print(", \"%d\": {\"time\": %lf, \"size\": null}", j, bench_total()/(double)1000000); + } + util_print("}\n\n"); + } + + ec_free(pp); + for (int i = 0; i < MAX_KEYS; i++) { + bn_free(td[i]); + bn_free(y[i]); + bn_free(sk[i]); + ec_free(pk[i]); + etrs_free(ring[i]) + } +} + +int main(void) { + if (core_init() != RLC_OK) { + core_clean(); + return 1; + } + + conf_print(); + + if (ec_param_set_any() == RLC_OK) { + etrs(); + ers(); + } else { + RLC_THROW(ERR_NO_CURVE); + } + + core_clean(); + return 0; +} diff --git a/depends/relic/demo/general-paillier/Makefile b/depends/relic/demo/general-paillier/Makefile new file mode 100644 index 00000000000000..dbbd14f19524c6 --- /dev/null +++ b/depends/relic/demo/general-paillier/Makefile @@ -0,0 +1,13 @@ +CFLAGS=-O3 -march=native -mtune=native -ggdb +RELIC_ROOT = ../.. + +all: lib + gcc ${CFLAGS} -c test.c -o test.o -I ${RELIC_ROOT}/include -I target-gmp/include + gcc ${CFLAGS} -o test test.o target-gmp/lib/librelic_s.a -lgmp + +lib: + mkdir -p target-gmp + cd target-gmp; ${RELIC_ROOT}/../preset/gmp-paillier-4096.sh ${RELIC_ROOT}/../; make + +clean: + rm -rf target-gmp *.o test diff --git a/depends/relic/demo/general-paillier/test.c b/depends/relic/demo/general-paillier/test.c new file mode 100644 index 00000000000000..d4bc201cc216c2 --- /dev/null +++ b/depends/relic/demo/general-paillier/test.c @@ -0,0 +1,92 @@ +#include +#include + +#include "relic.h" +#include "relic_test.h" + +static int paillier(void) { + int code = RLC_ERR; + bn_t a, b, c, d, s, pub, prv; + int result; + + bn_null(a); + bn_null(b); + bn_null(c); + bn_null(d); + + bn_null(pub); + bn_null(prv); + + RLC_TRY { + bn_new(a); + bn_new(b); + bn_new(c); + bn_new(d); + + bn_new(pub); + bn_new(prv); + + /* Generate 2048-bit public and private keys (both integers). */ + result = cp_ghpe_gen(pub, prv, 2048); + assert(result == RLC_OK); + + printf("Public key:\n"); + bn_print(pub); + printf("Private key:\n"); + bn_print(prv); + + for (int s = 1; s <= 2; s++) { + util_print("Testing generalized paillier for (s = %d)\n", s); + /* Generate plaintext smaller than n^s. */ + bn_rand(a, RLC_POS, s * (bn_bits(pub) - 1)); + /* Encrypt, decrypt and check if the result is the same. */ + assert(cp_ghpe_enc(c, a, pub, s) == RLC_OK); + assert(cp_ghpe_dec(b, c, pub, prv, s) == RLC_OK); + assert(bn_cmp(a, b) == RLC_EQ); + + /* Generate new plaintexts smaller than n^s. */ + bn_rand(a, RLC_POS, s * (bn_bits(pub) - 1)); + bn_rand(b, RLC_POS, s * (bn_bits(pub) - 1)); + /* Encrypt both plaintexts using the same public key. */ + assert(cp_ghpe_enc(c, a, pub, s) == RLC_OK); + assert(cp_ghpe_enc(d, b, pub, s) == RLC_OK); + + /* Now compute c = (b * c) mod n^(s + 1). */ + bn_mul(c, c, d); + bn_sqr(d, pub); + if (s == 2) { + bn_mul(d, d, pub); + } + bn_mod(c, c, d); + /* Decrypt and check if result is (a + b) mod n^s. */ + assert(cp_ghpe_dec(c, c, pub, prv, s) == RLC_OK); + bn_add(a, a, b); + bn_copy(d, pub); + if (s == 2) { + bn_mul(d, d, pub); + } + bn_mod(a, a, d); + assert(bn_cmp(a, c) == RLC_EQ); + } + } + RLC_CATCH_ANY { + RLC_ERROR(end); + } + code = RLC_OK; + + end: + bn_free(a); + bn_free(b); + bn_free(c); + bn_free(d); + + bn_free(prv); + bn_free(pub); + return code; +} + +int main(int argc, char *argv[]) { + core_init(); + paillier(); + core_clean(); +} diff --git a/depends/relic/demo/link-test/Makefile b/depends/relic/demo/link-test/Makefile new file mode 100644 index 00000000000000..da9ef8a4155d88 --- /dev/null +++ b/depends/relic/demo/link-test/Makefile @@ -0,0 +1,17 @@ +RELIC_ROOT = ../../.. + +all: type1 type3 + gcc -c test1.c -o test1.o -I /usr/local/include/relic_type1 + gcc -c test2.c -o test2.o -I /usr/local/include/relic_type3 + gcc -o test test.c test1.o test2.o /usr/local/lib/librelic_s_*.a -lgmp + +type1: + mkdir -p target-type1 + cd target-type1; cmake -DLABEL=type1 ${RELIC_ROOT}; ${RELIC_ROOT}/preset/gmp-pbc-ss1536.sh ${RELIC_ROOT}; make && make install + +type3: + mkdir -p target-type3 + cd target-type3; cmake -DLABEL=type3 ${RELIC_ROOT}; ${RELIC_ROOT}/preset/x64-pbc-bls12-381.sh ${RELIC_ROOT}; make && make install + +clean: + rm -rf target-* *.o test diff --git a/depends/relic/demo/link-test/test.c b/depends/relic/demo/link-test/test.c new file mode 100644 index 00000000000000..edfd8e224c5ef9 --- /dev/null +++ b/depends/relic/demo/link-test/test.c @@ -0,0 +1,4 @@ +int main() { + function1(); + function2(); +} diff --git a/depends/relic/demo/link-test/test1.c b/depends/relic/demo/link-test/test1.c new file mode 100644 index 00000000000000..f6e77f2a059265 --- /dev/null +++ b/depends/relic/demo/link-test/test1.c @@ -0,0 +1,37 @@ +#include + +void function1() { + g1_t p; + g2_t q; + gt_t e; + + g1_null(p); + g2_null(q); + gt_null(e); + + core_init(); + + RLC_TRY { + core_init(); + pc_param_set_any(); + pc_param_print(); + + g1_new(p); + g2_new(q); + gt_new(e); + + g1_rand(p); + g2_rand(q); + pc_map(e, p, q); + + gt_print(e); + printf("Is pairing symmetric? %d\n", pc_map_is_type1() == 1); + printf("Is pairing asymmetric? %d\n", pc_map_is_type3() == 1); + } RLC_CATCH_ANY { + } RLC_FINALLY { + g1_free(p); + g2_free(q); + gt_free(e); + } + core_clean(); +} diff --git a/depends/relic/demo/link-test/test2.c b/depends/relic/demo/link-test/test2.c new file mode 100644 index 00000000000000..f15a6891b12dce --- /dev/null +++ b/depends/relic/demo/link-test/test2.c @@ -0,0 +1,37 @@ +#include + +void function2() { + g1_t p; + g2_t q; + gt_t e; + + g1_null(p); + g2_null(q); + gt_null(e); + + core_init(); + + RLC_TRY { + core_init(); + pc_param_set_any(); + pc_param_print(); + + g1_new(p); + g2_new(q); + gt_new(e); + + g1_rand(p); + g2_rand(q); + pc_map(e, p, q); + + gt_print(e); + printf("Is pairing symmetric? %d\n", pc_map_is_type1() == 1); + printf("Is pairing asymmetric? %d\n", pc_map_is_type3() == 1); + } RLC_CATCH_ANY { + } RLC_FINALLY { + g1_free(p); + g2_free(q); + gt_free(e); + } + core_clean(); +} diff --git a/depends/relic/demo/public-stats/Makefile b/depends/relic/demo/public-stats/Makefile new file mode 100644 index 00000000000000..81a4b72d561987 --- /dev/null +++ b/depends/relic/demo/public-stats/Makefile @@ -0,0 +1,20 @@ +CFLAGS=-O3 -march=native -mtune=native -ggdb +RELIC_ROOT = ../.. + +all: lib data.csv + gcc ${CFLAGS} -c main.c -o main.o -I ${RELIC_ROOT}/include -I target/include + gcc ${CFLAGS} -c csv.c -o csv.o -I ${RELIC_ROOT}/include -I target/include + gcc ${CFLAGS} -o main csv.o main.o target/lib/librelic_s.a -lgmp + +lib: + mkdir -p target + cd target; ${RELIC_ROOT}/../preset/x64-pbc-bls12-381.sh ${RELIC_ROOT}/../; cmake -DEP_METHD='JACOB;LWNAF;COMBS;INTER' .; make + +data.csv: + wget -c https://raw.githubusercontent.com/TheEconomist/covid-19-excess-deaths-tracker/master/source-data/spain/archive/spain_total_source_2020_04_13.csv + mv spain_total_source_2020_04_13.csv data_04_13.csv + wget -c https://momo.isciii.es/public/momo/data + mv data data.csv + +clean: + rm -rf target *.o main diff --git a/depends/relic/demo/public-stats/csv.c b/depends/relic/demo/public-stats/csv.c new file mode 100644 index 00000000000000..801201e26cea19 --- /dev/null +++ b/depends/relic/demo/public-stats/csv.c @@ -0,0 +1,153 @@ +/* +Copyright 2015 Samuel Alexander + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +*/ + +#include +#include + +void free_csv_line( char **parsed ) { + char **ptr; + + for ( ptr = parsed; *ptr; ptr++ ) { + free( *ptr ); + } + + free( parsed ); +} + +static int count_fields( const char *line ) { + const char *ptr; + int cnt, fQuote; + + for ( cnt = 1, fQuote = 0, ptr = line; *ptr; ptr++ ) { + if ( fQuote ) { + if ( *ptr == '\"' ) { + if ( ptr[1] == '\"' ) { + ptr++; + continue; + } + fQuote = 0; + } + continue; + } + + switch( *ptr ) { + case '\"': + fQuote = 1; + continue; + case ',': + cnt++; + continue; + default: + continue; + } + } + + if ( fQuote ) { + return -1; + } + + return cnt; +} + +/* + * Given a string containing no linebreaks, or containing line breaks + * which are escaped by "double quotes", extract a NULL-terminated + * array of strings, one for every cell in the row. + */ +char **parse_csv( const char *line ) { + char **buf, **bptr, *tmp, *tptr; + const char *ptr; + int fieldcnt, fQuote, fEnd; + + fieldcnt = count_fields( line ); + + if ( fieldcnt == -1 ) { + return NULL; + } + + buf = malloc( sizeof(char*) * (fieldcnt+1) ); + + if ( !buf ) { + return NULL; + } + + tmp = malloc( strlen(line) + 1 ); + + if ( !tmp ) { + free( buf ); + return NULL; + } + + bptr = buf; + + for ( ptr = line, fQuote = 0, *tmp = '\0', tptr = tmp, fEnd = 0; ; ptr++ ) { + if ( fQuote ) { + if ( !*ptr ) { + break; + } + + if ( *ptr == '\"' ) { + if ( ptr[1] == '\"' ) { + *tptr++ = '\"'; + ptr++; + continue; + } + fQuote = 0; + } + else { + *tptr++ = *ptr; + } + + continue; + } + + switch( *ptr ) { + case '\"': + fQuote = 1; + continue; + case '\0': + fEnd = 1; + case ',': + *tptr = '\0'; + *bptr = strdup( tmp ); + + if ( !*bptr ) { + for ( bptr--; bptr >= buf; bptr-- ) { + free( *bptr ); + } + free( buf ); + free( tmp ); + + return NULL; + } + + bptr++; + tptr = tmp; + + if ( fEnd ) { + break; + } else { + continue; + } + + default: + *tptr++ = *ptr; + continue; + } + + if ( fEnd ) { + break; + } + } + + *bptr = NULL; + free( tmp ); + return buf; +} diff --git a/depends/relic/demo/public-stats/csv.h b/depends/relic/demo/public-stats/csv.h new file mode 100644 index 00000000000000..18327eea9fb983 --- /dev/null +++ b/depends/relic/demo/public-stats/csv.h @@ -0,0 +1,12 @@ +#ifndef CSV_DOT_H_INCLUDE_GUARD +#define CSV_DOT_H_INCLUDE_GUARD + +#define CSV_ERR_LONGLINE 0 +#define CSV_ERR_NO_MEMORY 1 + +char **parse_csv( const char *line ); +void free_csv_line( char **parsed ); +char **split_on_unescaped_newlines(const char *txt); +char *fread_csv_line(FILE *fp, int max_line_size, int *done, int *err); + +#endif diff --git a/depends/relic/demo/public-stats/main.c b/depends/relic/demo/public-stats/main.c new file mode 100644 index 00000000000000..ae75fa1d7b6848 --- /dev/null +++ b/depends/relic/demo/public-stats/main.c @@ -0,0 +1,349 @@ +/* + * RELIC is an Efficient LIbrary for Cryptography + * Copyright (c) 2020 RELIC Authors + * + * This file is part of RELIC. RELIC is legal property of its developers, + * whose names are not listed here. Please refer to the COPYRIGHT file + * for contact information. + * + * RELIC is free software; you can redistribute it and/or modify it under the + * terms of the version 2.1 (or later) of the GNU Lesser General Public License + * as published by the Free Software Foundation; or version 2.0 of the Apache + * License as published by the Apache Software Foundation. See the LICENSE files + * for more details. + * + * RELIC is distributed in the hope that it will be useful, but WITHOUT ANY + * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + * A PARTICULAR PURPOSE. See the LICENSE files for more details. + * + * You should have received a copy of the GNU Lesser General Public or the + * Apache License along with RELIC. If not, see + * or . + */ + +/** + * @file + * + * Benchmarks for cryptographic protocols. + * + * @version $Id$ + * @ingroup bench + */ + +#include + +#include "relic.h" +#include "csv.h" + +#include +#include +#include +#include +#include + +#define STATES 19 +#define GROUPS 3 +#define DAYS 90 +#define FACTOR (1000000) +#define FIXED ((uint64_t)100000) +#define DATABASE "COVID19-Spain" +#define BEG_2018 "27/03/2018" +#define END_2018 "25/06/2018" +#define BEG_2019 "27/03/2019" +#define END_2019 "25/06/2019" +#define BEG_2020 "2020-03-27" +#define END_2020 "2020-06-25" + +/* First value is population in each of the autonomous communities in 2020. */ +uint64_t populations[STATES] = { + 8405294, 1316064, 1024381, 1176627, 2188626, 580997, 2410819, + 2030807, 7516544, 4948411, 1067272, 2699299, 6587711, 1479098, 646197, + 2172591, 312719, 84913, 84667 +}; + +/* Total population per age group in 2019. */ +uint64_t pyramid[GROUPS] = { 37643844, 4482743, 4566276 }; + +char *acronyms[STATES] = { + "AN", "AR", "AS", "IB", "CN", "CB", "CL", "CM", "CT", "VC", + "EX", "GA", "MD", "MC", "NC", "PV", "RI", "CE", "ML" +}; + +char *acs[STATES] = { + "Andalusia", "Aragón", "Asturias", "Balearics", "Canary Islands", + "Cantabria", "Castile & León", "Castile-La Mancha", "Catalonia", + "Valencia", "Extremadura", "Galicia", "Madrid", "Murcia", + "Navarre", "Basque Country", "La Rioja", "Ceuta", "Melilla" +}; + +/* Population pyramids for autonomous communities, taken from countryeconomy.com */ +double pyramids[STATES][GROUPS] = { + {15.86 + 66.98, 9.06, 17.16 - 9.06}, + {14.12 + 64.23, 10.26, 21.65 - 10.26}, + {10.97 + 63.37, 12.82, 25.66 - 12.82}, + {14.89 + 69.29, 8.62, 15.82 - 8.62}, + {13.20 + 70.57, 8.91, 16.22 - 8.91}, + {13.29 + 64.81, 11.11, 21.90 - 11.11}, + {11.94 + 62.83, 11.41, 25.23 - 11.41}, + {15.11 + 65.91, 8.80, 18.99 - 8.80}, + {15.53 + 65.36, 9.69, 19.12 - 9.69}, + {14.87 + 65.62, 10.15, 19.51 - 10.15}, + {13.66 + 65.70, 9.78, 20.64 - 9.78}, + {11.87 + 62.96, 11.90, 25.16 - 11.90}, + {15.48 + 66.66, 9.13, 18.86 - 9.13}, + {17.18 + 67.04, 8.19, 15.78 - 8.19}, + {15.51 + 64.69, 9.88, 19.80 - 9.88}, + {13.20 + 70.57, 8.91, 16.22 - 8.91}, + {11.87 + 62.96, 11.90, 25.16 - 11.90}, + {20.42 + 67.57, 6.58, 12.02 - 6.58}, + {15.48 + 66.66, 9.13, 17.86 - 9.13}, + //{80.55, 9.59, 9.77} //Spain +}; + +/* Read data from CSV in a given time interval. */ +void read_region(g1_t s[], char *l[], bn_t m[], int *counter, + uint64_t metric[3], const char *file, int region, char *start, + char *end, bn_t sk) { + FILE *stream = fopen(file, "r"); + int found = 0; + char line[1024]; + char str[3]; + char label[100] = { 0 }; + dig_t n; + + found = 0; + sprintf(str, "%d", region); + while (fgets(line, 1024, stream)) { + if (strstr(line, start) != NULL) { + found = 1; + } + if (strstr(line, end) != NULL) { + found = 0; + } + char **tmp = parse_csv(line); + char **ptr = tmp; + + if (found && !strcmp(ptr[2], str) && !strcmp(ptr[5], "todos") && + strcmp(ptr[7], "todos")) { + n = atoi(ptr[9]); + //printf("%s\n", line); + if (strcmp(ptr[6], "menos_65") == 0) { + //printf("< 65 = %s\n", ptr[9]); + metric[0] += n; + } + if (strcmp(ptr[6], "65_74") == 0) { + //printf("65-74 = %s\n", ptr[9]); + metric[1] += n; + } + if (strcmp(ptr[6], "mas_74") == 0) { + //printf("> 74 = %s\n", ptr[9]); + metric[2] += n; + } + + bn_set_dig(m[*counter], n); + l[*counter] = strdup(ptr[8]); + cp_mklhs_sig(s[*counter], m[*counter], DATABASE, acs[region - 1], + l[*counter], sk); + (*counter)++; + } + + free_csv_line(tmp); + } + fclose(stream); +} + +int main(int argc, char *argv[]) { + uint64_t baseline[GROUPS] = { 0, 0, 0 }; + uint64_t mortality[GROUPS] = { 0, 0, 0 }; + uint64_t expected[GROUPS] = { 0, 0, 0 }; + uint64_t observed[STATES][GROUPS]; + uint64_t ratios[STATES][GROUPS]; + dig_t ft[STATES]; + bn_t res, t[STATES], sk[STATES], m[STATES][3 * GROUPS * DAYS]; + g1_t u, sig, sigs[STATES][3 * GROUPS * DAYS], cs[STATES]; + g2_t pk[STATES]; + char *l[STATES][3 * GROUPS * DAYS]; + dig_t *f[STATES]; + int flen[STATES]; + int counter; + uint64_t total; + uint64_t excess; + + if (core_init() != RLC_OK) { + core_clean(); + return 1; + } + + if (pc_param_set_any() != RLC_OK) { + core_clean; + return 1; + } + + RLC_TRY { + /* Initialize and generate keys for signers. */ + bn_null(res); + bn_new(res); + g1_null(u); + g1_new(u); + g1_null(sig); + g1_new(sig); + for (int i = 0; i < STATES; i++) { + f[i] = RLC_ALLOCA(dig_t, 2 * GROUPS * DAYS); + bn_null(t[i]); + bn_new(t[i]); + bn_null(sk[i]); + bn_new(sk[i]); + g1_null(cs[i]); + g1_new(cs[i]); + g2_null(sk[i]); + g2_new(sk[i]); + cp_mklhs_gen(sk[i], pk[i]); + for (int j = 0; j < GROUPS; j++) { + for (int k = 0; k < 3 * DAYS; k++) { + bn_null(m[i][j * 3 * DAYS + k]); + bn_new(m[i][j * 3 * DAYS + k]); + g1_null(sigs[i][j * 3 * DAYS + k]); + g1_new(sigs[i][j * 3 * DAYS + k]); + l[i][j * 3 * DAYS + k] = NULL; + } + } + } + + /* Compute current population of every age group in each autonomous community. */ + for (int i = 0; i < STATES; i++) { + for (int j = 0; j < GROUPS; j++) { + ratios[i][j] = pyramids[i][j] / 100.0 * populations[i]; + } + } + + for (int i = 0; i < STATES; i++) { + counter = 0; + observed[i][0] = observed[i][1] = observed[i][2] = 0; + read_region(sigs[i], l[i], m[i], &counter, baseline, + "data_04_13.csv", i + 1, BEG_2018, END_2018, sk[i]); + read_region(sigs[i], l[i], m[i], &counter, baseline, + "data_04_13.csv", i + 1, BEG_2019, END_2019, sk[i]); + read_region(sigs[i], l[i], m[i], &counter, observed[i], "data.csv", + i + 1, BEG_2020, END_2020, sk[i]); + } + + for (int j = 0; j < GROUPS; j++) { + mortality[j] = FIXED * FACTOR / (2 * pyramid[j]) * baseline[j]; + } + + total = excess = 0; + for (int i = 0; i < STATES; i++) { + printf("%s -- %s:\n", acronyms[i], acs[i]); + + for (int j = 0; j < GROUPS; j++) { + //expected[j] = (FIXED * ratios[i][j]/(2*pyramid[j])) * baseline[j]; + expected[j] = mortality[j] * ratios[i][j] / (FIXED * FACTOR); + } + + printf("\texpected : %lu %lu %lu\n", expected[0], expected[1], + expected[2]); + printf("\tobserved : %lu %lu %lu\n", observed[i][0], observed[i][1], + observed[i][2]); + + printf("\ttotal expected: %lu\n", + (expected[0] + expected[1] + expected[2]) / FIXED); + printf("\ttotal observed: %lu\n", + observed[i][0] + observed[i][1] + observed[i][2]); + + total += (expected[0] + expected[1] + expected[2]); + excess += (observed[i][0] + observed[i][1] + observed[i][2]); + } + + util_banner("Plaintext computation:", 1); + + printf("Baseline : %6lu %6lu %6lu\n", baseline[0] / 2, baseline[1] / 2, + baseline[2] / 2); + printf("Demograph: %6lu %6lu %6lu\n", pyramid[0] / FACTOR, + pyramid[1] / FACTOR, pyramid[2] / FACTOR); + printf("Mortality: %6lu %6lu %6lu\n", mortality[0] / FIXED, + mortality[1] / FIXED, mortality[2] / FIXED); + printf("Total Expected: %6lu\n", total); + printf("Total Observed: %6lu\n", excess); + + util_banner("Authenticated computation:", 1); + + bn_zero(res); + g1_set_infty(u); + g1_set_infty(sig); + for (int i = 0; i < STATES; i++) { + flen[i] = 2 * GROUPS * DAYS; + for (int j = 0; j < GROUPS; j++) { + total = 0; + for (int k = 0; k < STATES; k++) { + total += FIXED * ratios[k][j] / (2 * pyramid[j]); + } + for (int k = 0; k < DAYS; k++) { + f[i][j * DAYS + k] = f[i][j * DAYS + GROUPS * DAYS + k] = + total; + } + } + cp_mklhs_fun(t[i], m[i], f[i], 2 * GROUPS * DAYS); + cp_mklhs_evl(u, sigs[i], f[i], 2 * GROUPS * DAYS); + bn_add(res, res, t[i]); + g1_add(sig, sig, u); + } + g1_norm(sig, sig); + assert(cp_mklhs_ver(sig, res, t, DATABASE, acs, l[0], f, flen, + pk, STATES)); + + printf("Total Expected: %6lu\n", res->dp[0] / FIXED); + + bn_zero(res); + g1_set_infty(u); + g1_set_infty(sig); + for (int i = 0; i < STATES; i++) { + flen[i] = GROUPS * DAYS; + for (int j = 0; j < GROUPS; j++) { + for (int k = 0; k < DAYS; k++) { + f[i][j * DAYS + k] = 1; + } + } + cp_mklhs_fun(t[i], &m[i][2 * GROUPS * DAYS], f[i], GROUPS * DAYS); + cp_mklhs_evl(u, &sigs[i][2 * GROUPS * DAYS], f[i], GROUPS * DAYS); + bn_add(res, res, t[i]); + g1_add(sig, sig, u); + } + g1_norm(sig, sig); + + printf("Total Observed: %6lu\n", res->dp[0]); + + assert(cp_mklhs_ver(sig, res, t, DATABASE, acs, + &l[0][2 * GROUPS * DAYS], f, flen, pk, STATES)); + BENCH_ONE("Time elapsed", cp_mklhs_ver(sig, res, t, DATABASE, acs, + &l[0][2 * GROUPS * DAYS], f, flen, pk, STATES)); + + cp_mklhs_off(cs, ft, acs, &l[0][2 * GROUPS * DAYS], f, flen, STATES); + assert(cp_mklhs_onv(sig, res, t, DATABASE, acs, cs, ft, pk, STATES)); + BENCH_ONE("Time with precomputation", cp_mklhs_onv(sig, res, t, + DATABASE, acs, cs, ft, pk, STATES)); + + } RLC_CATCH_ANY { + RLC_THROW(ERR_CAUGHT); + } RLC_FINALLY { + bn_free(res); + g1_free(u); + g1_free(sig); + for (int i = 0; i < STATES; i++) { + RLC_FREE(f[i]); + bn_free(t[i]); + bn_free(sk[i]); + g1_free(cs[i]); + g2_free(pk[i]); + for (int j = 0; j < GROUPS; j++) { + for (int k = 0; k < 3 * DAYS; k++) { + bn_free(m[i][j * 3 * DAYS + k]); + g1_free(sigs[i][j * 3 * DAYS + k]); + free(l[i][j * 3 * DAYS + k]); + } + } + } + } + + core_clean(); + return 0; +} diff --git a/depends/relic/demo/tweedledum/Makefile b/depends/relic/demo/tweedledum/Makefile new file mode 100644 index 00000000000000..c5e31f030311bb --- /dev/null +++ b/depends/relic/demo/tweedledum/Makefile @@ -0,0 +1,13 @@ +CFLAGS=-O3 -march=native -mtune=native -ggdb +RELIC_ROOT = ../.. + +all: lib + gcc ${CFLAGS} -c main.c -o main.o -I ${RELIC_ROOT}/include -I target/include + gcc ${CFLAGS} -o main main.o target/lib/librelic_s.a -lgmp + +lib: + mkdir -p target + cd target; ${RELIC_ROOT}/../preset/gmp-ecc-tweedledum.sh ${RELIC_ROOT}/../; cmake -DEP_METHD='JACOB;LWNAF;COMBS;INTER' .; make + +clean: + rm -rf target *.o main diff --git a/depends/relic/demo/tweedledum/main.c b/depends/relic/demo/tweedledum/main.c new file mode 100644 index 00000000000000..5d60db7e71a253 --- /dev/null +++ b/depends/relic/demo/tweedledum/main.c @@ -0,0 +1,88 @@ +/* + * RELIC is an Efficient LIbrary for Cryptography + * Copyright (c) 2020 RELIC Authors + * + * This file is part of RELIC. RELIC is legal property of its developers, + * whose names are not listed here. Please refer to the COPYRIGHT file + * for contact information. + * + * RELIC is free software; you can redistribute it and/or modify it under the + * terms of the version 2.1 (or later) of the GNU Lesser General Public License + * as published by the Free Software Foundation; or version 2.0 of the Apache + * License as published by the Apache Software Foundation. See the LICENSE files + * for more details. + * + * RELIC is distributed in the hope that it will be useful, but WITHOUT ANY + * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + * A PARTICULAR PURPOSE. See the LICENSE files for more details. + * + * You should have received a copy of the GNU Lesser General Public or the + * Apache License along with RELIC. If not, see + * or . + */ + +/** + * @file + * + * Tests for the Elliptic Curve Cryptography module. + * + * @ingroup test + */ + +#include +#include + +#include "relic.h" +#include "relic_test.h" + +int main(void) { + ec_t g, a, b; + bn_t l, r; + + /* Initialize points. */ + ec_new(g); + ec_new(a); + ec_new(b); + bn_new(l); + bn_new(r); + + if (core_init() != RLC_OK) { + core_clean(); + return 1; + } + + util_banner("Tests for the EC module:", 0); + + /* Ask for curve to get Tweedledum. */ + if (ec_param_set_any() == RLC_ERR) { + RLC_THROW(ERR_NO_CURVE); + core_clean(); + return 0; + } + + /* Print curve name to make sure it is the right one. */ + ec_param_print(); + + /* Check that generator has the right order. */ + ec_curve_get_gen(g); + ec_curve_get_ord(r); + ec_mul(g, g, r); + assert(ec_is_infty(g)); + + /* Generate some random point and exponents to illustrate scalar mult. */ + ec_rand(a); + ec_rand(b); + bn_rand_mod(l, r); + ec_mul(a, a, l); + ec_print(a); + + util_banner("All tests have passed.\n", 0); + + ec_free(g); + ec_free(a); + ec_free(b); + bn_free(l); + bn_free(r); + core_clean(); + return 0; +} diff --git a/depends/relic/doc/relic.doxygen.in b/depends/relic/doc/relic.doxygen.in new file mode 100644 index 00000000000000..09e39fa30a0dd9 --- /dev/null +++ b/depends/relic/doc/relic.doxygen.in @@ -0,0 +1,2309 @@ +# Doxyfile 1.8.6 + +# This file describes the settings to be used by the documentation system +# doxygen (www.doxygen.org) for a project. +# +# All text after a double hash (##) is considered a comment and is placed in +# front of the TAG it is preceding. +# +# All text after a single hash (#) is considered a comment and will be ignored. +# The format is: +# TAG = value [value, ...] +# For lists, items can also be appended using: +# TAG += value [value, ...] +# Values that contain spaces should be placed between quotes (\" \"). + +#--------------------------------------------------------------------------- +# Project related configuration options +#--------------------------------------------------------------------------- + +# This tag specifies the encoding used for all characters in the config file +# that follow. The default is UTF-8 which is also the encoding used for all text +# before the first occurrence of this tag. Doxygen uses libiconv (or the iconv +# built into libc) for the transcoding. See http://www.gnu.org/software/libiconv +# for the list of possible encodings. +# The default value is: UTF-8. + +DOXYFILE_ENCODING = UTF-8 + +# The PROJECT_NAME tag is a single word (or a sequence of words surrounded by +# double-quotes, unless you are using Doxywizard) that should identify the +# project for which the documentation is generated. This name is used in the +# title of most generated pages and in a few other places. +# The default value is: My Project. + +PROJECT_NAME = "@PROJECT_NAME@" + +# The PROJECT_NUMBER tag can be used to enter a project or revision number. This +# could be handy for archiving the generated documentation or if some version +# control system is used. + +PROJECT_NUMBER = @PROJECT_VERSION@ + +# Using the PROJECT_BRIEF tag one can provide an optional one line description +# for a project that appears at the top of each page and should give viewer a +# quick idea about the purpose of the project. Keep the description short. + +PROJECT_BRIEF = + +# With the PROJECT_LOGO tag one can specify an logo or icon that is included in +# the documentation. The maximum height of the logo should not exceed 55 pixels +# and the maximum width should not exceed 200 pixels. Doxygen will copy the logo +# to the output directory. + +PROJECT_LOGO = @CMAKE_CURRENT_SOURCE_DIR@/art/logo.png + +# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) path +# into which the generated documentation will be written. If a relative path is +# entered, it will be relative to the location where doxygen was started. If +# left blank the current directory will be used. + +OUTPUT_DIRECTORY = ./doc + +# If the CREATE_SUBDIRS tag is set to YES, then doxygen will create 4096 sub- +# directories (in 2 levels) under the output directory of each output format and +# will distribute the generated files over these directories. Enabling this +# option can be useful when feeding doxygen a huge amount of source files, where +# putting all generated files in the same directory would otherwise causes +# performance problems for the file system. +# The default value is: NO. + +CREATE_SUBDIRS = YES + +# The OUTPUT_LANGUAGE tag is used to specify the language in which all +# documentation generated by doxygen is written. Doxygen will use this +# information to generate all constant output in the proper language. +# Possible values are: Afrikaans, Arabic, Armenian, Brazilian, Catalan, Chinese, +# Chinese-Traditional, Croatian, Czech, Danish, Dutch, English (United States), +# Esperanto, Farsi (Persian), Finnish, French, German, Greek, Hungarian, +# Indonesian, Italian, Japanese, Japanese-en (Japanese with English messages), +# Korean, Korean-en (Korean with English messages), Latvian, Lithuanian, +# Macedonian, Norwegian, Persian (Farsi), Polish, Portuguese, Romanian, Russian, +# Serbian, Serbian-Cyrillic, Slovak, Slovene, Spanish, Swedish, Turkish, +# Ukrainian and Vietnamese. +# The default value is: English. + +OUTPUT_LANGUAGE = English + +# If the BRIEF_MEMBER_DESC tag is set to YES doxygen will include brief member +# descriptions after the members that are listed in the file and class +# documentation (similar to Javadoc). Set to NO to disable this. +# The default value is: YES. + +BRIEF_MEMBER_DESC = YES + +# If the REPEAT_BRIEF tag is set to YES doxygen will prepend the brief +# description of a member or function before the detailed description +# +# Note: If both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the +# brief descriptions will be completely suppressed. +# The default value is: YES. + +REPEAT_BRIEF = YES + +# This tag implements a quasi-intelligent brief description abbreviator that is +# used to form the text in various listings. Each string in this list, if found +# as the leading text of the brief description, will be stripped from the text +# and the result, after processing the whole list, is used as the annotated +# text. Otherwise, the brief description is used as-is. If left blank, the +# following values are used ($name is automatically replaced with the name of +# the entity):The $name class, The $name widget, The $name file, is, provides, +# specifies, contains, represents, a, an and the. + +ABBREVIATE_BRIEF = + +# If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then +# doxygen will generate a detailed section even if there is only a brief +# description. +# The default value is: NO. + +ALWAYS_DETAILED_SEC = NO + +# If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show all +# inherited members of a class in the documentation of that class as if those +# members were ordinary class members. Constructors, destructors and assignment +# operators of the base classes will not be shown. +# The default value is: NO. + +INLINE_INHERITED_MEMB = NO + +# If the FULL_PATH_NAMES tag is set to YES doxygen will prepend the full path +# before files name in the file list and in the header files. If set to NO the +# shortest path that makes the file name unique will be used +# The default value is: YES. + +FULL_PATH_NAMES = YES + +# The STRIP_FROM_PATH tag can be used to strip a user-defined part of the path. +# Stripping is only done if one of the specified strings matches the left-hand +# part of the path. The tag can be used to show relative paths in the file list. +# If left blank the directory from which doxygen is run is used as the path to +# strip. +# +# Note that you can specify absolute paths here, but also relative paths, which +# will be relative from the directory where doxygen is started. +# This tag requires that the tag FULL_PATH_NAMES is set to YES. + +STRIP_FROM_PATH = @CMAKE_CURRENT_BINARY_DIR@/ \ + @CMAKE_CURRENT_SOURCE_DIR@/ + +# The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of the +# path mentioned in the documentation of a class, which tells the reader which +# header file to include in order to use a class. If left blank only the name of +# the header file containing the class definition is used. Otherwise one should +# specify the list of include paths that are normally passed to the compiler +# using the -I flag. + +STRIP_FROM_INC_PATH = @CMAKE_CURRENT_BINARY_DIR@/ \ + @CMAKE_CURRENT_SOURCE_DIR@/ + +# If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter (but +# less readable) file names. This can be useful is your file systems doesn't +# support long names like on DOS, Mac, or CD-ROM. +# The default value is: NO. + +SHORT_NAMES = NO + +# If the JAVADOC_AUTOBRIEF tag is set to YES then doxygen will interpret the +# first line (until the first dot) of a Javadoc-style comment as the brief +# description. If set to NO, the Javadoc-style will behave just like regular Qt- +# style comments (thus requiring an explicit @brief command for a brief +# description.) +# The default value is: NO. + +JAVADOC_AUTOBRIEF = NO + +# If the QT_AUTOBRIEF tag is set to YES then doxygen will interpret the first +# line (until the first dot) of a Qt-style comment as the brief description. If +# set to NO, the Qt-style will behave just like regular Qt-style comments (thus +# requiring an explicit \brief command for a brief description.) +# The default value is: NO. + +QT_AUTOBRIEF = NO + +# The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make doxygen treat a +# multi-line C++ special comment block (i.e. a block of //! or /// comments) as +# a brief description. This used to be the default behavior. The new default is +# to treat a multi-line C++ comment block as a detailed description. Set this +# tag to YES if you prefer the old behavior instead. +# +# Note that setting this tag to YES also means that rational rose comments are +# not recognized any more. +# The default value is: NO. + +MULTILINE_CPP_IS_BRIEF = NO + +# If the INHERIT_DOCS tag is set to YES then an undocumented member inherits the +# documentation from any documented member that it re-implements. +# The default value is: YES. + +INHERIT_DOCS = NO + +# If the SEPARATE_MEMBER_PAGES tag is set to YES, then doxygen will produce a +# new page for each member. If set to NO, the documentation of a member will be +# part of the file/class/namespace that contains it. +# The default value is: NO. + +SEPARATE_MEMBER_PAGES = NO + +# The TAB_SIZE tag can be used to set the number of spaces in a tab. Doxygen +# uses this value to replace tabs by spaces in code fragments. +# Minimum value: 1, maximum value: 16, default value: 4. + +TAB_SIZE = 4 + +# This tag can be used to specify a number of aliases that act as commands in +# the documentation. An alias has the form: +# name=value +# For example adding +# "sideeffect=@par Side Effects:\n" +# will allow you to put the command \sideeffect (or @sideeffect) in the +# documentation, which will result in a user-defined paragraph with heading +# "Side Effects:". You can put \n's in the value part of an alias to insert +# newlines. + +ALIASES = + +# This tag can be used to specify a number of word-keyword mappings (TCL only). +# A mapping has the form "name=value". For example adding "class=itcl::class" +# will allow you to use the command class in the itcl::class meaning. + +TCL_SUBST = + +# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C sources +# only. Doxygen will then generate output that is more tailored for C. For +# instance, some of the names that are used will be different. The list of all +# members will be omitted, etc. +# The default value is: NO. + +OPTIMIZE_OUTPUT_FOR_C = YES + +# Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java or +# Python sources only. Doxygen will then generate output that is more tailored +# for that language. For instance, namespaces will be presented as packages, +# qualified scopes will look different, etc. +# The default value is: NO. + +OPTIMIZE_OUTPUT_JAVA = NO + +# Set the OPTIMIZE_FOR_FORTRAN tag to YES if your project consists of Fortran +# sources. Doxygen will then generate output that is tailored for Fortran. +# The default value is: NO. + +OPTIMIZE_FOR_FORTRAN = NO + +# Set the OPTIMIZE_OUTPUT_VHDL tag to YES if your project consists of VHDL +# sources. Doxygen will then generate output that is tailored for VHDL. +# The default value is: NO. + +OPTIMIZE_OUTPUT_VHDL = NO + +# Doxygen selects the parser to use depending on the extension of the files it +# parses. With this tag you can assign which parser to use for a given +# extension. Doxygen has a built-in mapping, but you can override or extend it +# using this tag. The format is ext=language, where ext is a file extension, and +# language is one of the parsers supported by doxygen: IDL, Java, Javascript, +# C#, C, C++, D, PHP, Objective-C, Python, Fortran, VHDL. For instance to make +# doxygen treat .inc files as Fortran files (default is PHP), and .f files as C +# (default is Fortran), use: inc=Fortran f=C. +# +# Note For files without extension you can use no_extension as a placeholder. +# +# Note that for custom extensions you also need to set FILE_PATTERNS otherwise +# the files are not read by doxygen. + +EXTENSION_MAPPING = + +# If the MARKDOWN_SUPPORT tag is enabled then doxygen pre-processes all comments +# according to the Markdown format, which allows for more readable +# documentation. See http://daringfireball.net/projects/markdown/ for details. +# The output of markdown processing is further processed by doxygen, so you can +# mix doxygen, HTML, and XML commands with Markdown formatting. Disable only in +# case of backward compatibilities issues. +# The default value is: YES. + +MARKDOWN_SUPPORT = YES + +# When enabled doxygen tries to link words that correspond to documented +# classes, or namespaces to their corresponding documentation. Such a link can +# be prevented in individual cases by by putting a % sign in front of the word +# or globally by setting AUTOLINK_SUPPORT to NO. +# The default value is: YES. + +AUTOLINK_SUPPORT = YES + +# If you use STL classes (i.e. std::string, std::vector, etc.) but do not want +# to include (a tag file for) the STL sources as input, then you should set this +# tag to YES in order to let doxygen match functions declarations and +# definitions whose arguments contain STL classes (e.g. func(std::string); +# versus func(std::string) {}). This also make the inheritance and collaboration +# diagrams that involve STL classes more complete and accurate. +# The default value is: NO. + +BUILTIN_STL_SUPPORT = NO + +# If you use Microsoft's C++/CLI language, you should set this option to YES to +# enable parsing support. +# The default value is: NO. + +CPP_CLI_SUPPORT = NO + +# Set the SIP_SUPPORT tag to YES if your project consists of sip (see: +# http://www.riverbankcomputing.co.uk/software/sip/intro) sources only. Doxygen +# will parse them like normal C++ but will assume all classes use public instead +# of private inheritance when no explicit protection keyword is present. +# The default value is: NO. + +SIP_SUPPORT = NO + +# For Microsoft's IDL there are propget and propput attributes to indicate +# getter and setter methods for a property. Setting this option to YES will make +# doxygen to replace the get and set methods by a property in the documentation. +# This will only work if the methods are indeed getting or setting a simple +# type. If this is not the case, or you want to show the methods anyway, you +# should set this option to NO. +# The default value is: YES. + +IDL_PROPERTY_SUPPORT = YES + +# If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC +# tag is set to YES, then doxygen will reuse the documentation of the first +# member in the group (if any) for the other members of the group. By default +# all members of a group must be documented explicitly. +# The default value is: NO. + +DISTRIBUTE_GROUP_DOC = YES + +# Set the SUBGROUPING tag to YES to allow class member groups of the same type +# (for instance a group of public functions) to be put as a subgroup of that +# type (e.g. under the Public Functions section). Set it to NO to prevent +# subgrouping. Alternatively, this can be done per class using the +# \nosubgrouping command. +# The default value is: YES. + +SUBGROUPING = YES + +# When the INLINE_GROUPED_CLASSES tag is set to YES, classes, structs and unions +# are shown inside the group in which they are included (e.g. using \ingroup) +# instead of on a separate page (for HTML and Man pages) or section (for LaTeX +# and RTF). +# +# Note that this feature does not work in combination with +# SEPARATE_MEMBER_PAGES. +# The default value is: NO. + +INLINE_GROUPED_CLASSES = NO + +# When the INLINE_SIMPLE_STRUCTS tag is set to YES, structs, classes, and unions +# with only public data fields or simple typedef fields will be shown inline in +# the documentation of the scope in which they are defined (i.e. file, +# namespace, or group documentation), provided this scope is documented. If set +# to NO, structs, classes, and unions are shown on a separate page (for HTML and +# Man pages) or section (for LaTeX and RTF). +# The default value is: NO. + +INLINE_SIMPLE_STRUCTS = NO + +# When TYPEDEF_HIDES_STRUCT tag is enabled, a typedef of a struct, union, or +# enum is documented as struct, union, or enum with the name of the typedef. So +# typedef struct TypeS {} TypeT, will appear in the documentation as a struct +# with name TypeT. When disabled the typedef will appear as a member of a file, +# namespace, or class. And the struct will be named TypeS. This can typically be +# useful for C code in case the coding convention dictates that all compound +# types are typedef'ed and only the typedef is referenced, never the tag name. +# The default value is: NO. + +TYPEDEF_HIDES_STRUCT = NO + +# The size of the symbol lookup cache can be set using LOOKUP_CACHE_SIZE. This +# cache is used to resolve symbols given their name and scope. Since this can be +# an expensive process and often the same symbol appears multiple times in the +# code, doxygen keeps a cache of pre-resolved symbols. If the cache is too small +# doxygen will become slower. If the cache is too large, memory is wasted. The +# cache size is given by this formula: 2^(16+LOOKUP_CACHE_SIZE). The valid range +# is 0..9, the default is 0, corresponding to a cache size of 2^16=65536 +# symbols. At the end of a run doxygen will report the cache usage and suggest +# the optimal cache size from a speed point of view. +# Minimum value: 0, maximum value: 9, default value: 0. + +LOOKUP_CACHE_SIZE = 0 + +#--------------------------------------------------------------------------- +# Build related configuration options +#--------------------------------------------------------------------------- + +# If the EXTRACT_ALL tag is set to YES doxygen will assume all entities in +# documentation are documented, even if no documentation was available. Private +# class members and static file members will be hidden unless the +# EXTRACT_PRIVATE respectively EXTRACT_STATIC tags are set to YES. +# Note: This will also disable the warnings about undocumented members that are +# normally produced when WARNINGS is set to YES. +# The default value is: NO. + +EXTRACT_ALL = YES + +# If the EXTRACT_PRIVATE tag is set to YES all private members of a class will +# be included in the documentation. +# The default value is: NO. + +EXTRACT_PRIVATE = NO + +# If the EXTRACT_PACKAGE tag is set to YES all members with package or internal +# scope will be included in the documentation. +# The default value is: NO. + +EXTRACT_PACKAGE = NO + +# If the EXTRACT_STATIC tag is set to YES all static members of a file will be +# included in the documentation. +# The default value is: NO. + +EXTRACT_STATIC = YES + +# If the EXTRACT_LOCAL_CLASSES tag is set to YES classes (and structs) defined +# locally in source files will be included in the documentation. If set to NO +# only classes defined in header files are included. Does not have any effect +# for Java sources. +# The default value is: YES. + +EXTRACT_LOCAL_CLASSES = YES + +# This flag is only useful for Objective-C code. When set to YES local methods, +# which are defined in the implementation section but not in the interface are +# included in the documentation. If set to NO only methods in the interface are +# included. +# The default value is: NO. + +EXTRACT_LOCAL_METHODS = NO + +# If this flag is set to YES, the members of anonymous namespaces will be +# extracted and appear in the documentation as a namespace called +# 'anonymous_namespace{file}', where file will be replaced with the base name of +# the file that contains the anonymous namespace. By default anonymous namespace +# are hidden. +# The default value is: NO. + +EXTRACT_ANON_NSPACES = NO + +# If the HIDE_UNDOC_MEMBERS tag is set to YES, doxygen will hide all +# undocumented members inside documented classes or files. If set to NO these +# members will be included in the various overviews, but no documentation +# section is generated. This option has no effect if EXTRACT_ALL is enabled. +# The default value is: NO. + +HIDE_UNDOC_MEMBERS = NO + +# If the HIDE_UNDOC_CLASSES tag is set to YES, doxygen will hide all +# undocumented classes that are normally visible in the class hierarchy. If set +# to NO these classes will be included in the various overviews. This option has +# no effect if EXTRACT_ALL is enabled. +# The default value is: NO. + +HIDE_UNDOC_CLASSES = NO + +# If the HIDE_FRIEND_COMPOUNDS tag is set to YES, doxygen will hide all friend +# (class|struct|union) declarations. If set to NO these declarations will be +# included in the documentation. +# The default value is: NO. + +HIDE_FRIEND_COMPOUNDS = NO + +# If the HIDE_IN_BODY_DOCS tag is set to YES, doxygen will hide any +# documentation blocks found inside the body of a function. If set to NO these +# blocks will be appended to the function's detailed documentation block. +# The default value is: NO. + +HIDE_IN_BODY_DOCS = NO + +# The INTERNAL_DOCS tag determines if documentation that is typed after a +# \internal command is included. If the tag is set to NO then the documentation +# will be excluded. Set it to YES to include the internal documentation. +# The default value is: NO. + +INTERNAL_DOCS = NO + +# If the CASE_SENSE_NAMES tag is set to NO then doxygen will only generate file +# names in lower-case letters. If set to YES upper-case letters are also +# allowed. This is useful if you have classes or files whose names only differ +# in case and if your file system supports case sensitive file names. Windows +# and Mac users are advised to set this option to NO. +# The default value is: system dependent. + +CASE_SENSE_NAMES = YES + +# If the HIDE_SCOPE_NAMES tag is set to NO then doxygen will show members with +# their full class and namespace scopes in the documentation. If set to YES the +# scope will be hidden. +# The default value is: NO. + +HIDE_SCOPE_NAMES = NO + +# If the SHOW_INCLUDE_FILES tag is set to YES then doxygen will put a list of +# the files that are included by a file in the documentation of that file. +# The default value is: YES. + +SHOW_INCLUDE_FILES = YES + +# If the SHOW_GROUPED_MEMB_INC tag is set to YES then Doxygen will add for each +# grouped member an include statement to the documentation, telling the reader +# which file to include in order to use the member. +# The default value is: NO. + +SHOW_GROUPED_MEMB_INC = NO + +# If the FORCE_LOCAL_INCLUDES tag is set to YES then doxygen will list include +# files with double quotes in the documentation rather than with sharp brackets. +# The default value is: NO. + +FORCE_LOCAL_INCLUDES = NO + +# If the INLINE_INFO tag is set to YES then a tag [inline] is inserted in the +# documentation for inline members. +# The default value is: YES. + +INLINE_INFO = YES + +# If the SORT_MEMBER_DOCS tag is set to YES then doxygen will sort the +# (detailed) documentation of file and class members alphabetically by member +# name. If set to NO the members will appear in declaration order. +# The default value is: YES. + +SORT_MEMBER_DOCS = NO + +# If the SORT_BRIEF_DOCS tag is set to YES then doxygen will sort the brief +# descriptions of file, namespace and class members alphabetically by member +# name. If set to NO the members will appear in declaration order. Note that +# this will also influence the order of the classes in the class list. +# The default value is: NO. + +SORT_BRIEF_DOCS = NO + +# If the SORT_MEMBERS_CTORS_1ST tag is set to YES then doxygen will sort the +# (brief and detailed) documentation of class members so that constructors and +# destructors are listed first. If set to NO the constructors will appear in the +# respective orders defined by SORT_BRIEF_DOCS and SORT_MEMBER_DOCS. +# Note: If SORT_BRIEF_DOCS is set to NO this option is ignored for sorting brief +# member documentation. +# Note: If SORT_MEMBER_DOCS is set to NO this option is ignored for sorting +# detailed member documentation. +# The default value is: NO. + +SORT_MEMBERS_CTORS_1ST = NO + +# If the SORT_GROUP_NAMES tag is set to YES then doxygen will sort the hierarchy +# of group names into alphabetical order. If set to NO the group names will +# appear in their defined order. +# The default value is: NO. + +SORT_GROUP_NAMES = NO + +# If the SORT_BY_SCOPE_NAME tag is set to YES, the class list will be sorted by +# fully-qualified names, including namespaces. If set to NO, the class list will +# be sorted only by class name, not including the namespace part. +# Note: This option is not very useful if HIDE_SCOPE_NAMES is set to YES. +# Note: This option applies only to the class list, not to the alphabetical +# list. +# The default value is: NO. + +SORT_BY_SCOPE_NAME = NO + +# If the STRICT_PROTO_MATCHING option is enabled and doxygen fails to do proper +# type resolution of all parameters of a function it will reject a match between +# the prototype and the implementation of a member function even if there is +# only one candidate or it is obvious which candidate to choose by doing a +# simple string match. By disabling STRICT_PROTO_MATCHING doxygen will still +# accept a match between prototype and implementation in such cases. +# The default value is: NO. + +STRICT_PROTO_MATCHING = NO + +# The GENERATE_TODOLIST tag can be used to enable ( YES) or disable ( NO) the +# todo list. This list is created by putting \todo commands in the +# documentation. +# The default value is: YES. + +GENERATE_TODOLIST = YES + +# The GENERATE_TESTLIST tag can be used to enable ( YES) or disable ( NO) the +# test list. This list is created by putting \test commands in the +# documentation. +# The default value is: YES. + +GENERATE_TESTLIST = YES + +# The GENERATE_BUGLIST tag can be used to enable ( YES) or disable ( NO) the bug +# list. This list is created by putting \bug commands in the documentation. +# The default value is: YES. + +GENERATE_BUGLIST = YES + +# The GENERATE_DEPRECATEDLIST tag can be used to enable ( YES) or disable ( NO) +# the deprecated list. This list is created by putting \deprecated commands in +# the documentation. +# The default value is: YES. + +GENERATE_DEPRECATEDLIST= YES + +# The ENABLED_SECTIONS tag can be used to enable conditional documentation +# sections, marked by \if ... \endif and \cond +# ... \endcond blocks. + +ENABLED_SECTIONS = + +# The MAX_INITIALIZER_LINES tag determines the maximum number of lines that the +# initial value of a variable or macro / define can have for it to appear in the +# documentation. If the initializer consists of more lines than specified here +# it will be hidden. Use a value of 0 to hide initializers completely. The +# appearance of the value of individual variables and macros / defines can be +# controlled using \showinitializer or \hideinitializer command in the +# documentation regardless of this setting. +# Minimum value: 0, maximum value: 10000, default value: 30. + +MAX_INITIALIZER_LINES = 30 + +# Set the SHOW_USED_FILES tag to NO to disable the list of files generated at +# the bottom of the documentation of classes and structs. If set to YES the list +# will mention the files that were used to generate the documentation. +# The default value is: YES. + +SHOW_USED_FILES = YES + +# Set the SHOW_FILES tag to NO to disable the generation of the Files page. This +# will remove the Files entry from the Quick Index and from the Folder Tree View +# (if specified). +# The default value is: YES. + +SHOW_FILES = YES + +# Set the SHOW_NAMESPACES tag to NO to disable the generation of the Namespaces +# page. This will remove the Namespaces entry from the Quick Index and from the +# Folder Tree View (if specified). +# The default value is: YES. + +SHOW_NAMESPACES = YES + +# The FILE_VERSION_FILTER tag can be used to specify a program or script that +# doxygen should invoke to get the current version for each file (typically from +# the version control system). Doxygen will invoke the program by executing (via +# popen()) the command command input-file, where command is the value of the +# FILE_VERSION_FILTER tag, and input-file is the name of an input file provided +# by doxygen. Whatever the program writes to standard output is used as the file +# version. For an example see the documentation. + +FILE_VERSION_FILTER = + +# The LAYOUT_FILE tag can be used to specify a layout file which will be parsed +# by doxygen. The layout file controls the global structure of the generated +# output files in an output format independent way. To create the layout file +# that represents doxygen's defaults, run doxygen with the -l option. You can +# optionally specify a file name after the option, if omitted DoxygenLayout.xml +# will be used as the name of the layout file. +# +# Note that if you run doxygen from a directory containing a file called +# DoxygenLayout.xml, doxygen will parse it automatically even if the LAYOUT_FILE +# tag is left empty. + +LAYOUT_FILE = + +# The CITE_BIB_FILES tag can be used to specify one or more bib files containing +# the reference definitions. This must be a list of .bib files. The .bib +# extension is automatically appended if omitted. This requires the bibtex tool +# to be installed. See also http://en.wikipedia.org/wiki/BibTeX for more info. +# For LaTeX the style of the bibliography can be controlled using +# LATEX_BIB_STYLE. To use this feature you need bibtex and perl available in the +# search path. Do not use file names with spaces, bibtex cannot handle them. See +# also \cite for info how to create references. + +CITE_BIB_FILES = + +#--------------------------------------------------------------------------- +# Configuration options related to warning and progress messages +#--------------------------------------------------------------------------- + +# The QUIET tag can be used to turn on/off the messages that are generated to +# standard output by doxygen. If QUIET is set to YES this implies that the +# messages are off. +# The default value is: NO. + +QUIET = NO + +# The WARNINGS tag can be used to turn on/off the warning messages that are +# generated to standard error ( stderr) by doxygen. If WARNINGS is set to YES +# this implies that the warnings are on. +# +# Tip: Turn warnings on while writing the documentation. +# The default value is: YES. + +WARNINGS = YES + +# If the WARN_IF_UNDOCUMENTED tag is set to YES, then doxygen will generate +# warnings for undocumented members. If EXTRACT_ALL is set to YES then this flag +# will automatically be disabled. +# The default value is: YES. + +WARN_IF_UNDOCUMENTED = YES + +# If the WARN_IF_DOC_ERROR tag is set to YES, doxygen will generate warnings for +# potential errors in the documentation, such as not documenting some parameters +# in a documented function, or documenting parameters that don't exist or using +# markup commands wrongly. +# The default value is: YES. + +WARN_IF_DOC_ERROR = YES + +# This WARN_NO_PARAMDOC option can be enabled to get warnings for functions that +# are documented, but have no documentation for their parameters or return +# value. If set to NO doxygen will only warn about wrong or incomplete parameter +# documentation, but not about the absence of documentation. +# The default value is: NO. + +WARN_NO_PARAMDOC = YES + +# The WARN_FORMAT tag determines the format of the warning messages that doxygen +# can produce. The string should contain the $file, $line, and $text tags, which +# will be replaced by the file and line number from which the warning originated +# and the warning text. Optionally the format may contain $version, which will +# be replaced by the version of the file (if it could be obtained via +# FILE_VERSION_FILTER) +# The default value is: $file:$line: $text. + +WARN_FORMAT = "$file:$line: $text " + +# The WARN_LOGFILE tag can be used to specify a file to which warning and error +# messages should be written. If left blank the output is written to standard +# error (stderr). + +WARN_LOGFILE = doxygen.log + +#--------------------------------------------------------------------------- +# Configuration options related to the input files +#--------------------------------------------------------------------------- + +# The INPUT tag is used to specify the files and/or directories that contain +# documented source files. You may enter file names like myfile.cpp or +# directories like /usr/src/myproject. Separate the files or directories with +# spaces. +# Note: If this tag is empty the current directory is searched. + +INPUT = @CMAKE_CURRENT_SOURCE_DIR@/src \ + @CMAKE_CURRENT_SOURCE_DIR@/include \ + @CMAKE_CURRENT_BINARY_DIR@/include + +# This tag can be used to specify the character encoding of the source files +# that doxygen parses. Internally doxygen uses the UTF-8 encoding. Doxygen uses +# libiconv (or the iconv built into libc) for the transcoding. See the libiconv +# documentation (see: http://www.gnu.org/software/libiconv) for the list of +# possible encodings. +# The default value is: UTF-8. + +INPUT_ENCODING = UTF-8 + +# If the value of the INPUT tag contains directories, you can use the +# FILE_PATTERNS tag to specify one or more wildcard patterns (like *.cpp and +# *.h) to filter out the source-files in the directories. If left blank the +# following patterns are tested:*.c, *.cc, *.cxx, *.cpp, *.c++, *.java, *.ii, +# *.ixx, *.ipp, *.i++, *.inl, *.idl, *.ddl, *.odl, *.h, *.hh, *.hxx, *.hpp, +# *.h++, *.cs, *.d, *.php, *.php4, *.php5, *.phtml, *.inc, *.m, *.markdown, +# *.md, *.mm, *.dox, *.py, *.f90, *.f, *.for, *.tcl, *.vhd, *.vhdl, *.ucf, +# *.qsf, *.as and *.js. + +FILE_PATTERNS = *.c \ + *.h + +# The RECURSIVE tag can be used to specify whether or not subdirectories should +# be searched for input files as well. +# The default value is: NO. + +RECURSIVE = YES + +# The EXCLUDE tag can be used to specify files and/or directories that should be +# excluded from the INPUT source files. This way you can easily exclude a +# subdirectory from a directory tree whose root is specified with the INPUT tag. +# +# Note that relative paths are relative to the directory from which doxygen is +# run. + +EXCLUDE = @CMAKE_CURRENT_SOURCE_DIR@/src/low + +# The EXCLUDE_SYMLINKS tag can be used to select whether or not files or +# directories that are symbolic links (a Unix file system feature) are excluded +# from the input. +# The default value is: NO. + +EXCLUDE_SYMLINKS = NO + +# If the value of the INPUT tag contains directories, you can use the +# EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude +# certain files from those directories. +# +# Note that the wildcards are matched against the file with absolute path, so to +# exclude all test directories for example use the pattern */test/* + +EXCLUDE_PATTERNS = + +# The EXCLUDE_SYMBOLS tag can be used to specify one or more symbol names +# (namespaces, classes, functions, etc.) that should be excluded from the +# output. The symbol name can be a fully qualified name, a word, or if the +# wildcard * is used, a substring. Examples: ANamespace, AClass, +# AClass::ANamespace, ANamespace::*Test +# +# Note that the wildcards are matched against the file with absolute path, so to +# exclude all test directories use the pattern */test/* + +EXCLUDE_SYMBOLS = + +# The EXAMPLE_PATH tag can be used to specify one or more files or directories +# that contain example code fragments that are included (see the \include +# command). + +EXAMPLE_PATH = + +# If the value of the EXAMPLE_PATH tag contains directories, you can use the +# EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp and +# *.h) to filter out the source-files in the directories. If left blank all +# files are included. + +EXAMPLE_PATTERNS = + +# If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be +# searched for input files to be used with the \include or \dontinclude commands +# irrespective of the value of the RECURSIVE tag. +# The default value is: NO. + +EXAMPLE_RECURSIVE = NO + +# The IMAGE_PATH tag can be used to specify one or more files or directories +# that contain images that are to be included in the documentation (see the +# \image command). + +IMAGE_PATH = + +# The INPUT_FILTER tag can be used to specify a program that doxygen should +# invoke to filter for each input file. Doxygen will invoke the filter program +# by executing (via popen()) the command: +# +# +# +# where is the value of the INPUT_FILTER tag, and is the +# name of an input file. Doxygen will then use the output that the filter +# program writes to standard output. If FILTER_PATTERNS is specified, this tag +# will be ignored. +# +# Note that the filter must not add or remove lines; it is applied before the +# code is scanned, but not when the output code is generated. If lines are added +# or removed, the anchors will not be placed correctly. + +INPUT_FILTER = + +# The FILTER_PATTERNS tag can be used to specify filters on a per file pattern +# basis. Doxygen will compare the file name with each pattern and apply the +# filter if there is a match. The filters are a list of the form: pattern=filter +# (like *.cpp=my_cpp_filter). See INPUT_FILTER for further information on how +# filters are used. If the FILTER_PATTERNS tag is empty or if none of the +# patterns match the file name, INPUT_FILTER is applied. + +FILTER_PATTERNS = + +# If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using +# INPUT_FILTER ) will also be used to filter the input files that are used for +# producing the source files to browse (i.e. when SOURCE_BROWSER is set to YES). +# The default value is: NO. + +FILTER_SOURCE_FILES = NO + +# The FILTER_SOURCE_PATTERNS tag can be used to specify source filters per file +# pattern. A pattern will override the setting for FILTER_PATTERN (if any) and +# it is also possible to disable source filtering for a specific pattern using +# *.ext= (so without naming a filter). +# This tag requires that the tag FILTER_SOURCE_FILES is set to YES. + +FILTER_SOURCE_PATTERNS = + +# If the USE_MDFILE_AS_MAINPAGE tag refers to the name of a markdown file that +# is part of the input, its contents will be placed on the main page +# (index.html). This can be useful if you have a project on for instance GitHub +# and want to reuse the introduction page also for the doxygen output. + +USE_MDFILE_AS_MAINPAGE = + +#--------------------------------------------------------------------------- +# Configuration options related to source browsing +#--------------------------------------------------------------------------- + +# If the SOURCE_BROWSER tag is set to YES then a list of source files will be +# generated. Documented entities will be cross-referenced with these sources. +# +# Note: To get rid of all source code in the generated output, make sure that +# also VERBATIM_HEADERS is set to NO. +# The default value is: NO. + +SOURCE_BROWSER = YES + +# Setting the INLINE_SOURCES tag to YES will include the body of functions, +# classes and enums directly into the documentation. +# The default value is: NO. + +INLINE_SOURCES = NO + +# Setting the STRIP_CODE_COMMENTS tag to YES will instruct doxygen to hide any +# special comment blocks from generated source code fragments. Normal C, C++ and +# Fortran comments will always remain visible. +# The default value is: YES. + +STRIP_CODE_COMMENTS = YES + +# If the REFERENCED_BY_RELATION tag is set to YES then for each documented +# function all documented functions referencing it will be listed. +# The default value is: NO. + +REFERENCED_BY_RELATION = YES + +# If the REFERENCES_RELATION tag is set to YES then for each documented function +# all documented entities called/used by that function will be listed. +# The default value is: NO. + +REFERENCES_RELATION = YES + +# If the REFERENCES_LINK_SOURCE tag is set to YES and SOURCE_BROWSER tag is set +# to YES, then the hyperlinks from functions in REFERENCES_RELATION and +# REFERENCED_BY_RELATION lists will link to the source code. Otherwise they will +# link to the documentation. +# The default value is: YES. + +REFERENCES_LINK_SOURCE = YES + +# If SOURCE_TOOLTIPS is enabled (the default) then hovering a hyperlink in the +# source code will show a tooltip with additional information such as prototype, +# brief description and links to the definition and documentation. Since this +# will make the HTML file larger and loading of large files a bit slower, you +# can opt to disable this feature. +# The default value is: YES. +# This tag requires that the tag SOURCE_BROWSER is set to YES. + +SOURCE_TOOLTIPS = YES + +# If the USE_HTAGS tag is set to YES then the references to source code will +# point to the HTML generated by the htags(1) tool instead of doxygen built-in +# source browser. The htags tool is part of GNU's global source tagging system +# (see http://www.gnu.org/software/global/global.html). You will need version +# 4.8.6 or higher. +# +# To use it do the following: +# - Install the latest version of global +# - Enable SOURCE_BROWSER and USE_HTAGS in the config file +# - Make sure the INPUT points to the root of the source tree +# - Run doxygen as normal +# +# Doxygen will invoke htags (and that will in turn invoke gtags), so these +# tools must be available from the command line (i.e. in the search path). +# +# The result: instead of the source browser generated by doxygen, the links to +# source code will now point to the output of htags. +# The default value is: NO. +# This tag requires that the tag SOURCE_BROWSER is set to YES. + +USE_HTAGS = NO + +# If the VERBATIM_HEADERS tag is set the YES then doxygen will generate a +# verbatim copy of the header file for each class for which an include is +# specified. Set to NO to disable this. +# See also: Section \class. +# The default value is: YES. + +VERBATIM_HEADERS = YES + +#--------------------------------------------------------------------------- +# Configuration options related to the alphabetical class index +#--------------------------------------------------------------------------- + +# If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index of all +# compounds will be generated. Enable this if the project contains a lot of +# classes, structs, unions or interfaces. +# The default value is: YES. + +ALPHABETICAL_INDEX = NO + +# The COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns in +# which the alphabetical index list will be split. +# Minimum value: 1, maximum value: 20, default value: 5. +# This tag requires that the tag ALPHABETICAL_INDEX is set to YES. + +COLS_IN_ALPHA_INDEX = 5 + +# In case all classes in a project start with a common prefix, all classes will +# be put under the same header in the alphabetical index. The IGNORE_PREFIX tag +# can be used to specify a prefix (or a list of prefixes) that should be ignored +# while generating the index headers. +# This tag requires that the tag ALPHABETICAL_INDEX is set to YES. + +IGNORE_PREFIX = + +#--------------------------------------------------------------------------- +# Configuration options related to the HTML output +#--------------------------------------------------------------------------- + +# If the GENERATE_HTML tag is set to YES doxygen will generate HTML output +# The default value is: YES. + +GENERATE_HTML = YES + +# The HTML_OUTPUT tag is used to specify where the HTML docs will be put. If a +# relative path is entered the value of OUTPUT_DIRECTORY will be put in front of +# it. +# The default directory is: html. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_OUTPUT = html + +# The HTML_FILE_EXTENSION tag can be used to specify the file extension for each +# generated HTML page (for example: .htm, .php, .asp). +# The default value is: .html. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_FILE_EXTENSION = .html + +# The HTML_HEADER tag can be used to specify a user-defined HTML header file for +# each generated HTML page. If the tag is left blank doxygen will generate a +# standard header. +# +# To get valid HTML the header file that includes any scripts and style sheets +# that doxygen needs, which is dependent on the configuration options used (e.g. +# the setting GENERATE_TREEVIEW). It is highly recommended to start with a +# default header using +# doxygen -w html new_header.html new_footer.html new_stylesheet.css +# YourConfigFile +# and then modify the file new_header.html. See also section "Doxygen usage" +# for information on how to generate the default header that doxygen normally +# uses. +# Note: The header is subject to change so you typically have to regenerate the +# default header when upgrading to a newer version of doxygen. For a description +# of the possible markers and block names see the documentation. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_HEADER = + +# The HTML_FOOTER tag can be used to specify a user-defined HTML footer for each +# generated HTML page. If the tag is left blank doxygen will generate a standard +# footer. See HTML_HEADER for more information on how to generate a default +# footer and what special commands can be used inside the footer. See also +# section "Doxygen usage" for information on how to generate the default footer +# that doxygen normally uses. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_FOOTER = + +# The HTML_STYLESHEET tag can be used to specify a user-defined cascading style +# sheet that is used by each HTML page. It can be used to fine-tune the look of +# the HTML output. If left blank doxygen will generate a default style sheet. +# See also section "Doxygen usage" for information on how to generate the style +# sheet that doxygen normally uses. +# Note: It is recommended to use HTML_EXTRA_STYLESHEET instead of this tag, as +# it is more robust and this tag (HTML_STYLESHEET) will in the future become +# obsolete. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_STYLESHEET = + +# The HTML_EXTRA_STYLESHEET tag can be used to specify an additional user- +# defined cascading style sheet that is included after the standard style sheets +# created by doxygen. Using this option one can overrule certain style aspects. +# This is preferred over using HTML_STYLESHEET since it does not replace the +# standard style sheet and is therefor more robust against future updates. +# Doxygen will copy the style sheet file to the output directory. For an example +# see the documentation. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_EXTRA_STYLESHEET = + +# The HTML_EXTRA_FILES tag can be used to specify one or more extra images or +# other source files which should be copied to the HTML output directory. Note +# that these files will be copied to the base HTML output directory. Use the +# $relpath^ marker in the HTML_HEADER and/or HTML_FOOTER files to load these +# files. In the HTML_STYLESHEET file, use the file name only. Also note that the +# files will be copied as-is; there are no commands or markers available. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_EXTRA_FILES = + +# The HTML_COLORSTYLE_HUE tag controls the color of the HTML output. Doxygen +# will adjust the colors in the stylesheet and background images according to +# this color. Hue is specified as an angle on a colorwheel, see +# http://en.wikipedia.org/wiki/Hue for more information. For instance the value +# 0 represents red, 60 is yellow, 120 is green, 180 is cyan, 240 is blue, 300 +# purple, and 360 is red again. +# Minimum value: 0, maximum value: 359, default value: 220. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_COLORSTYLE_HUE = 220 + +# The HTML_COLORSTYLE_SAT tag controls the purity (or saturation) of the colors +# in the HTML output. For a value of 0 the output will use grayscales only. A +# value of 255 will produce the most vivid colors. +# Minimum value: 0, maximum value: 255, default value: 100. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_COLORSTYLE_SAT = 100 + +# The HTML_COLORSTYLE_GAMMA tag controls the gamma correction applied to the +# luminance component of the colors in the HTML output. Values below 100 +# gradually make the output lighter, whereas values above 100 make the output +# darker. The value divided by 100 is the actual gamma applied, so 80 represents +# a gamma of 0.8, The value 220 represents a gamma of 2.2, and 100 does not +# change the gamma. +# Minimum value: 40, maximum value: 240, default value: 80. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_COLORSTYLE_GAMMA = 80 + +# If the HTML_TIMESTAMP tag is set to YES then the footer of each generated HTML +# page will contain the date and time when the page was generated. Setting this +# to NO can help when comparing the output of multiple runs. +# The default value is: YES. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_TIMESTAMP = YES + +# If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML +# documentation will contain sections that can be hidden and shown after the +# page has loaded. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_DYNAMIC_SECTIONS = NO + +# With HTML_INDEX_NUM_ENTRIES one can control the preferred number of entries +# shown in the various tree structured indices initially; the user can expand +# and collapse entries dynamically later on. Doxygen will expand the tree to +# such a level that at most the specified number of entries are visible (unless +# a fully collapsed tree already exceeds this amount). So setting the number of +# entries 1 will produce a full collapsed tree by default. 0 is a special value +# representing an infinite number of entries and will result in a full expanded +# tree by default. +# Minimum value: 0, maximum value: 9999, default value: 100. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_INDEX_NUM_ENTRIES = 100 + +# If the GENERATE_DOCSET tag is set to YES, additional index files will be +# generated that can be used as input for Apple's Xcode 3 integrated development +# environment (see: http://developer.apple.com/tools/xcode/), introduced with +# OSX 10.5 (Leopard). To create a documentation set, doxygen will generate a +# Makefile in the HTML output directory. Running make will produce the docset in +# that directory and running make install will install the docset in +# ~/Library/Developer/Shared/Documentation/DocSets so that Xcode will find it at +# startup. See http://developer.apple.com/tools/creatingdocsetswithdoxygen.html +# for more information. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTML is set to YES. + +GENERATE_DOCSET = @GENERATE_DOCSET@ + +# This tag determines the name of the docset feed. A documentation feed provides +# an umbrella under which multiple documentation sets from a single provider +# (such as a company or product suite) can be grouped. +# The default value is: Doxygen generated docs. +# This tag requires that the tag GENERATE_DOCSET is set to YES. + +DOCSET_FEEDNAME = "Doxygen generated docs" + +# This tag specifies a string that should uniquely identify the documentation +# set bundle. This should be a reverse domain-name style string, e.g. +# com.mycompany.MyDocSet. Doxygen will append .docset to the name. +# The default value is: org.doxygen.Project. +# This tag requires that the tag GENERATE_DOCSET is set to YES. + +DOCSET_BUNDLE_ID = org.doxygen.Project + +# The DOCSET_PUBLISHER_ID tag specifies a string that should uniquely identify +# the documentation publisher. This should be a reverse domain-name style +# string, e.g. com.mycompany.MyDocSet.documentation. +# The default value is: org.doxygen.Publisher. +# This tag requires that the tag GENERATE_DOCSET is set to YES. + +DOCSET_PUBLISHER_ID = org.doxygen.Publisher + +# The DOCSET_PUBLISHER_NAME tag identifies the documentation publisher. +# The default value is: Publisher. +# This tag requires that the tag GENERATE_DOCSET is set to YES. + +DOCSET_PUBLISHER_NAME = Publisher + +# If the GENERATE_HTMLHELP tag is set to YES then doxygen generates three +# additional HTML index files: index.hhp, index.hhc, and index.hhk. The +# index.hhp is a project file that can be read by Microsoft's HTML Help Workshop +# (see: http://www.microsoft.com/en-us/download/details.aspx?id=21138) on +# Windows. +# +# The HTML Help Workshop contains a compiler that can convert all HTML output +# generated by doxygen into a single compiled HTML file (.chm). Compiled HTML +# files are now used as the Windows 98 help format, and will replace the old +# Windows help format (.hlp) on all Windows platforms in the future. Compressed +# HTML files also contain an index, a table of contents, and you can search for +# words in the documentation. The HTML workshop also contains a viewer for +# compressed HTML files. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTML is set to YES. + +GENERATE_HTMLHELP = NO + +# The CHM_FILE tag can be used to specify the file name of the resulting .chm +# file. You can add a path in front of the file if the result should not be +# written to the html output directory. +# This tag requires that the tag GENERATE_HTMLHELP is set to YES. + +CHM_FILE = + +# The HHC_LOCATION tag can be used to specify the location (absolute path +# including file name) of the HTML help compiler ( hhc.exe). If non-empty +# doxygen will try to run the HTML help compiler on the generated index.hhp. +# The file has to be specified with full path. +# This tag requires that the tag GENERATE_HTMLHELP is set to YES. + +HHC_LOCATION = + +# The GENERATE_CHI flag controls if a separate .chi index file is generated ( +# YES) or that it should be included in the master .chm file ( NO). +# The default value is: NO. +# This tag requires that the tag GENERATE_HTMLHELP is set to YES. + +GENERATE_CHI = NO + +# The CHM_INDEX_ENCODING is used to encode HtmlHelp index ( hhk), content ( hhc) +# and project file content. +# This tag requires that the tag GENERATE_HTMLHELP is set to YES. + +CHM_INDEX_ENCODING = + +# The BINARY_TOC flag controls whether a binary table of contents is generated ( +# YES) or a normal table of contents ( NO) in the .chm file. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTMLHELP is set to YES. + +BINARY_TOC = NO + +# The TOC_EXPAND flag can be set to YES to add extra items for group members to +# the table of contents of the HTML help documentation and to the tree view. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTMLHELP is set to YES. + +TOC_EXPAND = NO + +# If the GENERATE_QHP tag is set to YES and both QHP_NAMESPACE and +# QHP_VIRTUAL_FOLDER are set, an additional index file will be generated that +# can be used as input for Qt's qhelpgenerator to generate a Qt Compressed Help +# (.qch) of the generated HTML documentation. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTML is set to YES. + +GENERATE_QHP = NO + +# If the QHG_LOCATION tag is specified, the QCH_FILE tag can be used to specify +# the file name of the resulting .qch file. The path specified is relative to +# the HTML output folder. +# This tag requires that the tag GENERATE_QHP is set to YES. + +QCH_FILE = + +# The QHP_NAMESPACE tag specifies the namespace to use when generating Qt Help +# Project output. For more information please see Qt Help Project / Namespace +# (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#namespace). +# The default value is: org.doxygen.Project. +# This tag requires that the tag GENERATE_QHP is set to YES. + +QHP_NAMESPACE = org.doxygen.Project + +# The QHP_VIRTUAL_FOLDER tag specifies the namespace to use when generating Qt +# Help Project output. For more information please see Qt Help Project / Virtual +# Folders (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#virtual- +# folders). +# The default value is: doc. +# This tag requires that the tag GENERATE_QHP is set to YES. + +QHP_VIRTUAL_FOLDER = doc + +# If the QHP_CUST_FILTER_NAME tag is set, it specifies the name of a custom +# filter to add. For more information please see Qt Help Project / Custom +# Filters (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#custom- +# filters). +# This tag requires that the tag GENERATE_QHP is set to YES. + +QHP_CUST_FILTER_NAME = + +# The QHP_CUST_FILTER_ATTRS tag specifies the list of the attributes of the +# custom filter to add. For more information please see Qt Help Project / Custom +# Filters (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#custom- +# filters). +# This tag requires that the tag GENERATE_QHP is set to YES. + +QHP_CUST_FILTER_ATTRS = + +# The QHP_SECT_FILTER_ATTRS tag specifies the list of the attributes this +# project's filter section matches. Qt Help Project / Filter Attributes (see: +# http://qt-project.org/doc/qt-4.8/qthelpproject.html#filter-attributes). +# This tag requires that the tag GENERATE_QHP is set to YES. + +QHP_SECT_FILTER_ATTRS = + +# The QHG_LOCATION tag can be used to specify the location of Qt's +# qhelpgenerator. If non-empty doxygen will try to run qhelpgenerator on the +# generated .qhp file. +# This tag requires that the tag GENERATE_QHP is set to YES. + +QHG_LOCATION = + +# If the GENERATE_ECLIPSEHELP tag is set to YES, additional index files will be +# generated, together with the HTML files, they form an Eclipse help plugin. To +# install this plugin and make it available under the help contents menu in +# Eclipse, the contents of the directory containing the HTML and XML files needs +# to be copied into the plugins directory of eclipse. The name of the directory +# within the plugins directory should be the same as the ECLIPSE_DOC_ID value. +# After copying Eclipse needs to be restarted before the help appears. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTML is set to YES. + +GENERATE_ECLIPSEHELP = NO + +# A unique identifier for the Eclipse help plugin. When installing the plugin +# the directory name containing the HTML and XML files should also have this +# name. Each documentation set should have its own identifier. +# The default value is: org.doxygen.Project. +# This tag requires that the tag GENERATE_ECLIPSEHELP is set to YES. + +ECLIPSE_DOC_ID = org.doxygen.Project + +# If you want full control over the layout of the generated HTML pages it might +# be necessary to disable the index and replace it with your own. The +# DISABLE_INDEX tag can be used to turn on/off the condensed index (tabs) at top +# of each HTML page. A value of NO enables the index and the value YES disables +# it. Since the tabs in the index contain the same information as the navigation +# tree, you can set this option to YES if you also set GENERATE_TREEVIEW to YES. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTML is set to YES. + +DISABLE_INDEX = NO + +# The GENERATE_TREEVIEW tag is used to specify whether a tree-like index +# structure should be generated to display hierarchical information. If the tag +# value is set to YES, a side panel will be generated containing a tree-like +# index structure (just like the one that is generated for HTML Help). For this +# to work a browser that supports JavaScript, DHTML, CSS and frames is required +# (i.e. any modern browser). Windows users are probably better off using the +# HTML help feature. Via custom stylesheets (see HTML_EXTRA_STYLESHEET) one can +# further fine-tune the look of the index. As an example, the default style +# sheet generated by doxygen has an example that shows how to put an image at +# the root of the tree instead of the PROJECT_NAME. Since the tree basically has +# the same information as the tab index, you could consider setting +# DISABLE_INDEX to YES when enabling this option. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTML is set to YES. + +GENERATE_TREEVIEW = NO + +# The ENUM_VALUES_PER_LINE tag can be used to set the number of enum values that +# doxygen will group on one line in the generated HTML documentation. +# +# Note that a value of 0 will completely suppress the enum values from appearing +# in the overview section. +# Minimum value: 0, maximum value: 20, default value: 4. +# This tag requires that the tag GENERATE_HTML is set to YES. + +ENUM_VALUES_PER_LINE = 4 + +# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be used +# to set the initial width (in pixels) of the frame in which the tree is shown. +# Minimum value: 0, maximum value: 1500, default value: 250. +# This tag requires that the tag GENERATE_HTML is set to YES. + +TREEVIEW_WIDTH = 250 + +# When the EXT_LINKS_IN_WINDOW option is set to YES doxygen will open links to +# external symbols imported via tag files in a separate window. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTML is set to YES. + +EXT_LINKS_IN_WINDOW = NO + +# Use this tag to change the font size of LaTeX formulas included as images in +# the HTML documentation. When you change the font size after a successful +# doxygen run you need to manually remove any form_*.png images from the HTML +# output directory to force them to be regenerated. +# Minimum value: 8, maximum value: 50, default value: 10. +# This tag requires that the tag GENERATE_HTML is set to YES. + +FORMULA_FONTSIZE = 10 + +# Use the FORMULA_TRANPARENT tag to determine whether or not the images +# generated for formulas are transparent PNGs. Transparent PNGs are not +# supported properly for IE 6.0, but are supported on all modern browsers. +# +# Note that when changing this option you need to delete any form_*.png files in +# the HTML output directory before the changes have effect. +# The default value is: YES. +# This tag requires that the tag GENERATE_HTML is set to YES. + +FORMULA_TRANSPARENT = YES + +# Enable the USE_MATHJAX option to render LaTeX formulas using MathJax (see +# http://www.mathjax.org) which uses client side Javascript for the rendering +# instead of using prerendered bitmaps. Use this if you do not have LaTeX +# installed or if you want to formulas look prettier in the HTML output. When +# enabled you may also need to install MathJax separately and configure the path +# to it using the MATHJAX_RELPATH option. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTML is set to YES. + +USE_MATHJAX = NO + +# When MathJax is enabled you can set the default output format to be used for +# the MathJax output. See the MathJax site (see: +# http://docs.mathjax.org/en/latest/output.html) for more details. +# Possible values are: HTML-CSS (which is slower, but has the best +# compatibility), NativeMML (i.e. MathML) and SVG. +# The default value is: HTML-CSS. +# This tag requires that the tag USE_MATHJAX is set to YES. + +MATHJAX_FORMAT = HTML-CSS + +# When MathJax is enabled you need to specify the location relative to the HTML +# output directory using the MATHJAX_RELPATH option. The destination directory +# should contain the MathJax.js script. For instance, if the mathjax directory +# is located at the same level as the HTML output directory, then +# MATHJAX_RELPATH should be ../mathjax. The default value points to the MathJax +# Content Delivery Network so you can quickly see the result without installing +# MathJax. However, it is strongly recommended to install a local copy of +# MathJax from http://www.mathjax.org before deployment. +# The default value is: http://cdn.mathjax.org/mathjax/latest. +# This tag requires that the tag USE_MATHJAX is set to YES. + +MATHJAX_RELPATH = http://cdn.mathjax.org/mathjax/latest + +# The MATHJAX_EXTENSIONS tag can be used to specify one or more MathJax +# extension names that should be enabled during MathJax rendering. For example +# MATHJAX_EXTENSIONS = TeX/AMSmath TeX/AMSsymbols +# This tag requires that the tag USE_MATHJAX is set to YES. + +MATHJAX_EXTENSIONS = + +# The MATHJAX_CODEFILE tag can be used to specify a file with javascript pieces +# of code that will be used on startup of the MathJax code. See the MathJax site +# (see: http://docs.mathjax.org/en/latest/output.html) for more details. For an +# example see the documentation. +# This tag requires that the tag USE_MATHJAX is set to YES. + +MATHJAX_CODEFILE = + +# When the SEARCHENGINE tag is enabled doxygen will generate a search box for +# the HTML output. The underlying search engine uses javascript and DHTML and +# should work on any modern browser. Note that when using HTML help +# (GENERATE_HTMLHELP), Qt help (GENERATE_QHP), or docsets (GENERATE_DOCSET) +# there is already a search function so this one should typically be disabled. +# For large projects the javascript based search engine can be slow, then +# enabling SERVER_BASED_SEARCH may provide a better solution. It is possible to +# search using the keyboard; to jump to the search box use + S +# (what the is depends on the OS and browser, but it is typically +# , /