Qortal/pirate-librustzcash
3
0
Fork 0
mirror of https://github.com/Qortal/pirate-librustzcash.git synced 2025-01-31 07:42:15 +00:00
Code Issues Projects Releases Wiki Activity

G1/G2 rand() should produce elements of unknown exponent.

Browse Source
This commit is contained in:
Sean Bowe 2017-10-10 01:13:35 -06:00
parent 044256c2f7
commit 12b9606b9c
No known key found for this signature in database
GPG Key ID: 95684257D8F8B031
1 changed files with 12 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/bls12_381/ec.rs
View File

@ -85,7 +85,6 @@ macro_rules! curve_impl {
}
impl $affine {
fn mul_bits<S: AsRef<[u64]>>(&self, bits: BitIterator<S>) -> $projective {
let mut res = $projective::zero();
for i in bits {
@ -95,7 +94,6 @@ macro_rules! curve_impl {
res
}
/// Attempts to construct an affine point given an x-coordinate. The
/// point is not guaranteed to be in the prime order subgroup.
///
@ -200,7 +198,18 @@ macro_rules! curve_impl {
impl Rand for $projective {
fn rand<R: Rng>(rng: &mut R) -> Self {
$affine::one().mul($scalarfield::rand(rng))
loop {
let x = rng.gen();
let greatest = rng.gen();
if let Some(p) = $affine::get_point_from_x(x, greatest) {
let p = p.scale_by_cofactor();
if !p.is_zero() {
return p;
}
}
}
}
}
@ -845,7 +854,6 @@ pub mod g1 {
}
impl G1Affine {
#[allow(dead_code)]
fn scale_by_cofactor(&self) -> G1 {
// G1 cofactor = (x - 1)^2 / 3 = 76329603384216526031706109802092473003
let cofactor = BitIterator::new([0x8c00aaab0000aaab, 0x396c8c005555e156]);
@ -1359,7 +1367,6 @@ pub mod g2 {
}
}
#[allow(dead_code)]
fn scale_by_cofactor(&self) -> G2 {
// G2 cofactor = (x^8 - 4 x^7 + 5 x^6) - (4 x^4 + 6 x^3 - 4 x^2 - 4 x + 13) // 9
// 0x5d543a95414e7f1091d50792876a202cd91de4547085abaa68a205b2e5a7ddfa628f1cb4d9e82ef21537e293a6691ae1616ec6e786f0c70cf1c38e31c7238e5