From 1c1ea73f7acc60f50324774b9f0a35296a610b80 Mon Sep 17 00:00:00 2001 From: samkim-crypto Date: Thu, 27 Nov 2025 18:27:43 +0900 Subject: [PATCH 1/5] wip --- Cargo.lock | 16 ++++ Cargo.toml | 2 + bls12-381-core/Cargo.toml | 37 ++++++++ bls12-381-core/src/addition.rs | 103 ++++++++++++++++++++++ bls12-381-core/src/decompression.rs | 56 ++++++++++++ bls12-381-core/src/lib.rs | 35 ++++++++ bls12-381-core/src/multiplication.rs | 90 +++++++++++++++++++ bls12-381-core/src/pairing.rs | 126 +++++++++++++++++++++++++++ bls12-381-core/src/subtraction.rs | 109 +++++++++++++++++++++++ bls12-381-core/src/validation.rs | 50 +++++++++++ 10 files changed, 624 insertions(+) create mode 100644 bls12-381-core/Cargo.toml create mode 100644 bls12-381-core/src/addition.rs create mode 100644 bls12-381-core/src/decompression.rs create mode 100644 bls12-381-core/src/lib.rs create mode 100644 bls12-381-core/src/multiplication.rs create mode 100644 bls12-381-core/src/pairing.rs create mode 100644 bls12-381-core/src/subtraction.rs create mode 100644 bls12-381-core/src/validation.rs diff --git a/Cargo.lock b/Cargo.lock index ebd52132f..9e7115946 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2781,6 +2781,22 @@ dependencies = [ "thiserror 2.0.12", ] +[[package]] +name = "solana-bls12-381" +version = "0.1.0" +dependencies = [ + "array-bytes", + "blst", + "blstrs", + "criterion", + "group", + "pairing", + "serde", + "serde_derive", + "serde_json", + "solana-define-syscall", +] + [[package]] name = "solana-bn254" version = "3.1.2" diff --git a/Cargo.toml b/Cargo.toml index 250087375..2942bf379 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -10,6 +10,7 @@ members = [ "bincode", "blake3-hasher", "bls-signatures", + "bls12-381-core", "bn254", "borsh", "client-traits", @@ -225,6 +226,7 @@ solana-atomic-u64 = { path = "atomic-u64", version = "3.0.0" } solana-big-mod-exp = { path = "big-mod-exp", version = "3.0.0" } solana-bincode = { path = "bincode", version = "3.0.0" } solana-blake3-hasher = { path = "blake3-hasher", version = "3.0.0" } +solana-bls12-381 = { path = "bls12-381-core", version = "0.1.0" } solana-bls-signatures = { path = "bls-signatures", version = "1.0.0" } solana-bn254 = { path = "bn254", version = "3.0.0" } solana-borsh = { path = "borsh", version = "3.0.0" } diff --git a/bls12-381-core/Cargo.toml b/bls12-381-core/Cargo.toml new file mode 100644 index 000000000..59e5900c2 --- /dev/null +++ b/bls12-381-core/Cargo.toml @@ -0,0 +1,37 @@ +[package] +name = "solana-bls12-381" +description = "Solana BLS12-381" +documentation = "https://docs.rs/solana-bls12-381" +version = "0.1.0" +authors = { workspace = true } +repository = { workspace = true } +homepage = { workspace = true } +license = { workspace = true } +edition = { workspace = true } +include = ["src/**/*"] + +[package.metadata.docs.rs] +targets = ["x86_64-unknown-linux-gnu"] +all-features = true +rustdoc-args = ["--cfg=docsrs"] + +[dependencies] + +[target.'cfg(not(target_os = "solana"))'.dependencies] +blstrs = { workspace = true } +blst = { workspace = true } +group = { workspace = true } +pairing = { workspace = true } + +[target.'cfg(target_os = "solana")'.dependencies] +solana-define-syscall = { workspace = true } + +[dev-dependencies] +array-bytes = { workspace = true } +criterion = { workspace = true } +serde = { workspace = true } +serde_derive = { workspace = true } +serde_json = { workspace = true } + +[lints] +workspace = true diff --git a/bls12-381-core/src/addition.rs b/bls12-381-core/src/addition.rs new file mode 100644 index 000000000..5b71099bc --- /dev/null +++ b/bls12-381-core/src/addition.rs @@ -0,0 +1,103 @@ +use { + crate::{reverse_48_byte_chunks, swap_g2_c0_c1, Endianness}, + blstrs::{G1Affine, G1Projective, G2Affine, G2Projective}, +}; + +pub enum VersionedG1Addition { + V0, +} + +pub fn bls12_381_g1_addition( + _version: VersionedG1Addition, + input: &[u8], + endianness: Endianness, +) -> Option> { + if input.len() != 192 { + return None; + } + + let p1 = match endianness { + Endianness::BE => { + // make zero-copy when possible + let bytes: &[u8; 96] = input[0..96].try_into().ok()?; + G1Affine::from_uncompressed(bytes).into_option()? + } + Endianness::LE => { + // to reverse the bytes, we need an owned copy + let mut bytes: [u8; 96] = input[0..96].try_into().ok()?; + reverse_48_byte_chunks(&mut bytes); + G1Affine::from_uncompressed(&bytes).into_option()? + } + }; + + let p2 = match endianness { + Endianness::BE => { + let bytes: &[u8; 96] = input[96..192].try_into().ok()?; + G1Affine::from_uncompressed(bytes).into_option()? + } + Endianness::LE => { + let mut bytes: [u8; 96] = input[96..192].try_into().ok()?; + reverse_48_byte_chunks(&mut bytes); + G1Affine::from_uncompressed(&bytes).into_option()? + } + }; + + let p1_proj: G1Projective = p1.into(); + let sum_proj = p1_proj + p2; + let mut sum_affine = sum_proj.to_uncompressed(); + + if matches!(endianness, Endianness::LE) { + reverse_48_byte_chunks(&mut sum_affine); + } + Some(sum_affine.to_vec()) +} + +pub enum VersionedG2Addition { + V0, +} + +pub fn bls12_381_g2_addition( + _version: VersionedG2Addition, + input: &[u8], + endianness: Endianness, +) -> Option> { + if input.len() != 384 { + return None; + } + + let p1 = match endianness { + Endianness::BE => { + let bytes: &[u8; 192] = input[0..192].try_into().ok()?; + G2Affine::from_uncompressed(bytes).into_option()? + } + Endianness::LE => { + let mut bytes: [u8; 192] = input[0..192].try_into().ok()?; + reverse_48_byte_chunks(&mut bytes); // Fix Fq endianness + swap_g2_c0_c1(&mut bytes); // Fix Fq2 ordering + G2Affine::from_uncompressed(&bytes).into_option()? + } + }; + + let p2 = match endianness { + Endianness::BE => { + let bytes: &[u8; 192] = input[192..384].try_into().ok()?; + G2Affine::from_uncompressed(bytes).into_option()? + } + Endianness::LE => { + let mut bytes: [u8; 192] = input[192..384].try_into().ok()?; + reverse_48_byte_chunks(&mut bytes); + swap_g2_c0_c1(&mut bytes); + G2Affine::from_uncompressed(&bytes).into_option()? + } + }; + + let p1_proj: G2Projective = p1.into(); + let sum_proj = p1_proj + p2; + let mut sum_affine = sum_proj.to_uncompressed(); + + if matches!(endianness, Endianness::LE) { + swap_g2_c0_c1(&mut sum_affine); + reverse_48_byte_chunks(&mut sum_affine); + } + Some(sum_affine.to_vec()) +} diff --git a/bls12-381-core/src/decompression.rs b/bls12-381-core/src/decompression.rs new file mode 100644 index 000000000..d37bab0ec --- /dev/null +++ b/bls12-381-core/src/decompression.rs @@ -0,0 +1,56 @@ +use { + crate::{reverse_48_byte_chunks, swap_g2_c0_c1, Endianness}, + blstrs::{G1Affine, G2Affine}, + std::convert::TryInto, +}; + +pub fn bls12_381_g1_decompress(input: &[u8], endianness: Endianness) -> Option> { + if input.len() != 48 { + return None; + } + + let p1 = match endianness { + Endianness::BE => { + let bytes: &[u8; 48] = input.try_into().ok()?; + G1Affine::from_compressed(bytes).into_option()? + } + Endianness::LE => { + let mut bytes: [u8; 48] = input.try_into().ok()?; + reverse_48_byte_chunks(&mut bytes); + // Flags are now in the first byte (BE standard) after reversal + G1Affine::from_compressed(&bytes).into_option()? + } + }; + + let mut result_affine = p1.to_uncompressed(); + if matches!(endianness, Endianness::LE) { + reverse_48_byte_chunks(&mut result_affine); + } + Some(result_affine.to_vec()) +} + +pub fn bls12_381_g2_decompress(input: &[u8], endianness: Endianness) -> Option> { + if input.len() != 96 { + return None; + } + + let p2 = match endianness { + Endianness::BE => { + let bytes: &[u8; 96] = input.try_into().ok()?; + G2Affine::from_compressed(bytes).into_option()? + } + Endianness::LE => { + let mut bytes: [u8; 96] = input.try_into().ok()?; + reverse_48_byte_chunks(&mut bytes); + swap_g2_c0_c1(&mut bytes); // Swap c0/c1 for G2 + G2Affine::from_compressed(&bytes).into_option()? + } + }; + + let mut result_affine = p2.to_uncompressed(); + if matches!(endianness, Endianness::LE) { + swap_g2_c0_c1(&mut result_affine); + reverse_48_byte_chunks(&mut result_affine); + } + Some(result_affine.to_vec()) +} diff --git a/bls12-381-core/src/lib.rs b/bls12-381-core/src/lib.rs new file mode 100644 index 000000000..f1a31d38c --- /dev/null +++ b/bls12-381-core/src/lib.rs @@ -0,0 +1,35 @@ +#![cfg(not(target_os = "solana"))] + +pub use crate::{ + addition::{bls12_381_g1_addition, bls12_381_g2_addition}, + decompression::{bls12_381_g1_decompress, bls12_381_g2_decompress}, + multiplication::{bls12_381_g1_multiplication, bls12_381_g2_multiplication}, + pairing::bls12_381_pairing_map, + subtraction::{bls12_381_g1_subtraction, bls12_381_g2_subtraction}, + validation::{bls12_381_g1_point_validation, bls12_381_g2_point_validation}, +}; + +pub(crate) mod addition; +pub(crate) mod decompression; +pub(crate) mod multiplication; +pub(crate) mod pairing; +pub(crate) mod subtraction; +pub(crate) mod validation; + +pub enum Endianness { + BE, + LE, +} + +fn reverse_48_byte_chunks(bytes: &mut [u8]) { + for chunk in bytes.chunks_mut(48) { + chunk.reverse(); + } +} + +fn swap_g2_c0_c1(bytes: &mut [u8]) { + for fq2_chunk in bytes.chunks_exact_mut(96) { + let (c0, c1) = fq2_chunk.split_at_mut(48); + c0.swap_with_slice(c1); + } +} diff --git a/bls12-381-core/src/multiplication.rs b/bls12-381-core/src/multiplication.rs new file mode 100644 index 000000000..870498152 --- /dev/null +++ b/bls12-381-core/src/multiplication.rs @@ -0,0 +1,90 @@ +use { + crate::{reverse_48_byte_chunks, swap_g2_c0_c1, Endianness}, + blstrs::{G1Affine, G2Affine, Scalar}, + std::convert::TryInto, +}; + +pub enum VersionedG1Multiplication { + V0, +} + +pub fn bls12_381_g1_multiplication( + _version: VersionedG1Multiplication, + input: &[u8], + endianness: Endianness, +) -> Option> { + if input.len() != 128 { + return None; + } + + let p1 = match endianness { + Endianness::BE => { + // make zero-copy when possible + let bytes: &[u8; 96] = input[0..96].try_into().ok()?; + G1Affine::from_uncompressed(bytes).into_option()? + } + Endianness::LE => { + // to reverse the bytes, we need an owned copy + let mut bytes: [u8; 96] = input[0..96].try_into().ok()?; + reverse_48_byte_chunks(&mut bytes); + G1Affine::from_uncompressed(&bytes).into_option()? + } + }; + + // blstrs provides specific BE/LE parsers, so we don't need manual reversal. + let scalar_bytes: &[u8; 32] = input[96..128].try_into().ok()?; + let scalar = match endianness { + Endianness::BE => Scalar::from_bytes_be(scalar_bytes).into_option()?, + Endianness::LE => Scalar::from_bytes_le(scalar_bytes).into_option()?, + }; + + let result_proj = p1 * scalar; + let mut result_affine = result_proj.to_uncompressed(); + + if matches!(endianness, Endianness::LE) { + reverse_48_byte_chunks(&mut result_affine); + } + Some(result_affine.to_vec()) +} + +pub enum VersionedG2Multiplication { + V0, +} + +pub fn bls12_381_g2_multiplication( + _version: VersionedG2Multiplication, + input: &[u8], + endianness: Endianness, +) -> Option> { + if input.len() != 224 { + return None; + } + + let p1 = match endianness { + Endianness::BE => { + let bytes: &[u8; 192] = input[0..192].try_into().ok()?; + G2Affine::from_uncompressed(bytes).into_option()? + } + Endianness::LE => { + let mut bytes: [u8; 192] = input[0..192].try_into().ok()?; + reverse_48_byte_chunks(&mut bytes); + swap_g2_c0_c1(&mut bytes); + G2Affine::from_uncompressed(&bytes).into_option()? + } + }; + + let scalar_bytes: &[u8; 32] = input[192..224].try_into().ok()?; + let scalar = match endianness { + Endianness::BE => Scalar::from_bytes_be(scalar_bytes).into_option()?, + Endianness::LE => Scalar::from_bytes_le(scalar_bytes).into_option()?, + }; + + let result_proj = p1 * scalar; + let mut result_affine = result_proj.to_uncompressed(); + + if matches!(endianness, Endianness::LE) { + swap_g2_c0_c1(&mut result_affine); + reverse_48_byte_chunks(&mut result_affine); + } + Some(result_affine.to_vec()) +} diff --git a/bls12-381-core/src/pairing.rs b/bls12-381-core/src/pairing.rs new file mode 100644 index 000000000..1e7bb735b --- /dev/null +++ b/bls12-381-core/src/pairing.rs @@ -0,0 +1,126 @@ +use { + crate::Endianness, + blst::*, + blstrs::{Bls12, G1Affine, G2Affine, G2Prepared, Gt}, + group::Group, + pairing::{MillerLoopResult, MultiMillerLoop}, + std::convert::TryInto, +}; + +/// Helper to serialize Fp12 (Gt) according to SIMD Endianness rules. +/// Fp12 = c0(Fp6) + c1(Fp6)w. +/// Fp6 = c0(Fp2) + c1(Fp2)v + c2(Fp2)v^2. +/// Fp2 = c0(Fp) + c1(Fp)u. +/// SIMD/Zcash BE Rule for Fp2: c1 (imaginary) then c0 (real). +/// SIMD LE Rule for Fp2: c0 then c1. +fn serialize_gt(gt: Gt, endianness: Endianness) -> Vec { + // blstrs::Gt is repr(transparent) over blst_fp12. + // We transmute to access the internal coefficients directly because + // blstrs does not expose the Fp12/Fp6/Fp2/Fp types publicly. + let val: blst_fp12 = unsafe { std::mem::transmute(gt) }; + + let mut out = Vec::with_capacity(576); // 12 * 48 + let mut buf = [0u8; 48]; + + // Fp12 has two Fp6 coefficients (c0, c1) + for fp6 in val.fp6.iter() { + // Fp6 has three Fp2 coefficients (c0, c1, c2) + for fp2 in fp6.fp2.iter() { + // Fp2 has two Fp coefficients (c0, c1) + // c0 is real, c1 is imaginary. + let c0 = &fp2.fp[0]; + let c1 = &fp2.fp[1]; + + // Apply Fp2 Ordering Rule + // BE (Zcash): Imaginary (c1) first, then Real (c0) + // LE: Real (c0) first, then Imaginary (c1) + let fps = match endianness { + Endianness::BE => [c1, c0], + Endianness::LE => [c0, c1], + }; + + for fp in fps { + unsafe { + match endianness { + Endianness::BE => blst_bendian_from_fp(buf.as_mut_ptr(), fp), + Endianness::LE => blst_lendian_from_fp(buf.as_mut_ptr(), fp), + } + } + out.extend_from_slice(&buf); + } + } + } + out +} + +pub fn bls12_381_pairing_map( + num_pairs: u64, + g1_bytes: &[u8], + g2_bytes: &[u8], + endianness: Endianness, +) -> Option> { + let num_pairs = num_pairs as usize; + + // 1. Validation + if num_pairs == 0 { + return Some(serialize_gt(Gt::identity(), endianness)); + } + + // Strict buffer size check + if g1_bytes.len() != num_pairs.checked_mul(96)? { + return None; + } + if g2_bytes.len() != num_pairs.checked_mul(192)? { + return None; + } + + // 2. Parse Points + // We collect them into vectors because multi_miller_loop requires a slice of references. + let mut g1_points = Vec::with_capacity(num_pairs); + let mut g2_points = Vec::with_capacity(num_pairs); + + for i in 0..num_pairs { + // --- Parse G1 --- + let start = i * 96; + let chunk = &g1_bytes[start..start + 96]; + let p1 = match endianness { + Endianness::BE => { + let b: &[u8; 96] = chunk.try_into().unwrap(); + G1Affine::from_uncompressed(b).into_option()? + } + Endianness::LE => { + let mut b: [u8; 96] = chunk.try_into().unwrap(); + crate::reverse_48_byte_chunks(&mut b); + G1Affine::from_uncompressed(&b).into_option()? + } + }; + g1_points.push(p1); + + // --- Parse G2 --- + let start = i * 192; + let chunk = &g2_bytes[start..start + 192]; + let p2 = match endianness { + Endianness::BE => { + let b: &[u8; 192] = chunk.try_into().unwrap(); + G2Affine::from_uncompressed(b).into_option()? + } + Endianness::LE => { + let mut b: [u8; 192] = chunk.try_into().unwrap(); + crate::reverse_48_byte_chunks(&mut b); + crate::swap_g2_c0_c1(&mut b); + G2Affine::from_uncompressed(&b).into_option()? + } + }; + g2_points.push(G2Prepared::from(p2)); + } + + // 3. Batch Pairing (Multi Miller Loop) + // Create vector of references [(&G1, &G2Prepared)] + let refs: Vec<(&G1Affine, &G2Prepared)> = g1_points.iter().zip(g2_points.iter()).collect(); + + let miller_out = Bls12::multi_miller_loop(&refs); + let gt = miller_out.final_exponentiation(); + + // 4. Serialize Result + Some(serialize_gt(gt, endianness)) +} diff --git a/bls12-381-core/src/subtraction.rs b/bls12-381-core/src/subtraction.rs new file mode 100644 index 000000000..97146dcb1 --- /dev/null +++ b/bls12-381-core/src/subtraction.rs @@ -0,0 +1,109 @@ +use { + crate::{reverse_48_byte_chunks, swap_g2_c0_c1, Endianness}, + blstrs::{G1Affine, G1Projective, G2Affine, G2Projective}, + group::prime::PrimeCurveAffine, + std::convert::TryInto, +}; + +pub enum VersionedG1Subtraction { + V0, +} + +pub fn bls12_381_g1_subtraction( + _version: VersionedG1Subtraction, + input: &[u8], + endianness: Endianness, +) -> Option> { + if input.len() != 192 { + return None; + } + + let p1 = match endianness { + Endianness::BE => { + // make zero-copy when possible + let bytes: &[u8; 96] = input[0..96].try_into().ok()?; + G1Affine::from_uncompressed(bytes).into_option()? + } + Endianness::LE => { + // to reverse the bytes, we need an owned copy + let mut bytes: [u8; 96] = input[0..96].try_into().ok()?; + reverse_48_byte_chunks(&mut bytes); + G1Affine::from_uncompressed(&bytes).into_option()? + } + }; + + let p2 = match endianness { + Endianness::BE => { + let bytes: &[u8; 96] = input[96..192].try_into().ok()?; + G1Affine::from_uncompressed(bytes).into_option()? + } + Endianness::LE => { + let mut bytes: [u8; 96] = input[96..192].try_into().ok()?; + reverse_48_byte_chunks(&mut bytes); + G1Affine::from_uncompressed(&bytes).into_option()? + } + }; + + let mut diff_affine = if bool::from(p1.is_identity()) { + (p2).to_uncompressed() + } else { + (G1Projective::from(p1) - p2).to_uncompressed() + }; + + if matches!(endianness, Endianness::LE) { + reverse_48_byte_chunks(&mut diff_affine); + } + Some(diff_affine.to_vec()) +} + +pub enum VersionedG2Subtraction { + V0, +} + +pub fn bls12_381_g2_subtraction( + _version: VersionedG2Subtraction, + input: &[u8], + endianness: Endianness, +) -> Option> { + if input.len() != 384 { + return None; + } + + let p1 = match endianness { + Endianness::BE => { + let bytes: &[u8; 192] = input[0..192].try_into().ok()?; + G2Affine::from_uncompressed(bytes).into_option()? + } + Endianness::LE => { + let mut bytes: [u8; 192] = input[0..192].try_into().ok()?; + reverse_48_byte_chunks(&mut bytes); + swap_g2_c0_c1(&mut bytes); + G2Affine::from_uncompressed(&bytes).into_option()? + } + }; + + let p2 = match endianness { + Endianness::BE => { + let bytes: &[u8; 192] = input[192..384].try_into().ok()?; + G2Affine::from_uncompressed(bytes).into_option()? + } + Endianness::LE => { + let mut bytes: [u8; 192] = input[192..384].try_into().ok()?; + reverse_48_byte_chunks(&mut bytes); + swap_g2_c0_c1(&mut bytes); + G2Affine::from_uncompressed(&bytes).into_option()? + } + }; + + let mut diff_affine = if bool::from(p1.is_identity()) { + (-p2).to_uncompressed() + } else { + (G2Projective::from(p1) - p2).to_uncompressed() + }; + + if matches!(endianness, Endianness::LE) { + swap_g2_c0_c1(&mut diff_affine); + reverse_48_byte_chunks(&mut diff_affine); + } + Some(diff_affine.to_vec()) +} diff --git a/bls12-381-core/src/validation.rs b/bls12-381-core/src/validation.rs new file mode 100644 index 000000000..849032dca --- /dev/null +++ b/bls12-381-core/src/validation.rs @@ -0,0 +1,50 @@ +use { + crate::{reverse_48_byte_chunks, swap_g2_c0_c1, Endianness}, + blstrs::{G1Affine, G2Affine}, + std::convert::TryInto, +}; + +pub fn bls12_381_g1_point_validation(input: &[u8], endianness: Endianness) -> bool { + if input.len() != 96 { + return false; + } + + let p1_opt = match endianness { + Endianness::BE => { + // ZERO-COPY: Cast slice directly to array reference + let bytes: &[u8; 96] = input.try_into().expect("length checked"); + // from_uncompressed performs Field, On-Curve, and Subgroup checks + G1Affine::from_uncompressed(bytes).into_option() + } + Endianness::LE => { + // COPY & MUTATE: Allocate stack array to reverse bytes + let mut bytes: [u8; 96] = input.try_into().expect("length checked"); + reverse_48_byte_chunks(&mut bytes); + G1Affine::from_uncompressed(&bytes).into_option() + } + }; + + p1_opt.is_some() +} + +pub fn bls12_381_g2_point_validation(input: &[u8], endianness: Endianness) -> bool { + if input.len() != 192 { + return false; + } + + let p2_opt = match endianness { + Endianness::BE => { + let bytes: &[u8; 192] = input.try_into().expect("length checked"); + G2Affine::from_uncompressed(bytes).into_option() + } + Endianness::LE => { + let mut bytes: [u8; 192] = input.try_into().expect("length checked"); + // Apply G2 Little-Endian transformation + reverse_48_byte_chunks(&mut bytes); + swap_g2_c0_c1(&mut bytes); + G2Affine::from_uncompressed(&bytes).into_option() + } + }; + + p2_opt.is_some() +} From cdab0af84e2b7824db23cf631cf3b678f88cdf0c Mon Sep 17 00:00:00 2001 From: samkim-crypto Date: Sat, 29 Nov 2025 08:06:00 +0900 Subject: [PATCH 2/5] wip --- bls12-381-core/src/lib.rs | 1 + 1 file changed, 1 insertion(+) diff --git a/bls12-381-core/src/lib.rs b/bls12-381-core/src/lib.rs index f1a31d38c..de2e2ffb4 100644 --- a/bls12-381-core/src/lib.rs +++ b/bls12-381-core/src/lib.rs @@ -1,4 +1,5 @@ #![cfg(not(target_os = "solana"))] +#![cfg_attr(docsrs, feature(doc_cfg))] pub use crate::{ addition::{bls12_381_g1_addition, bls12_381_g2_addition}, From 5579903e67b239cd9191b60255800dc93a3164df Mon Sep 17 00:00:00 2001 From: samkim-crypto Date: Sat, 29 Nov 2025 08:20:18 +0900 Subject: [PATCH 3/5] wip --- bls12-381-core/src/addition.rs | 14 +++----------- bls12-381-core/src/decompression.rs | 14 +++++++++++--- bls12-381-core/src/lib.rs | 5 +++++ bls12-381-core/src/multiplication.rs | 14 +++----------- bls12-381-core/src/pairing.rs | 3 ++- bls12-381-core/src/subtraction.rs | 14 +++----------- bls12-381-core/src/validation.rs | 14 +++++++++++--- 7 files changed, 38 insertions(+), 40 deletions(-) diff --git a/bls12-381-core/src/addition.rs b/bls12-381-core/src/addition.rs index 5b71099bc..314dcda9b 100644 --- a/bls12-381-core/src/addition.rs +++ b/bls12-381-core/src/addition.rs @@ -1,14 +1,10 @@ use { - crate::{reverse_48_byte_chunks, swap_g2_c0_c1, Endianness}, + crate::{reverse_48_byte_chunks, swap_g2_c0_c1, Endianness, Version}, blstrs::{G1Affine, G1Projective, G2Affine, G2Projective}, }; -pub enum VersionedG1Addition { - V0, -} - pub fn bls12_381_g1_addition( - _version: VersionedG1Addition, + _version: Version, input: &[u8], endianness: Endianness, ) -> Option> { @@ -52,12 +48,8 @@ pub fn bls12_381_g1_addition( Some(sum_affine.to_vec()) } -pub enum VersionedG2Addition { - V0, -} - pub fn bls12_381_g2_addition( - _version: VersionedG2Addition, + _version: Version, input: &[u8], endianness: Endianness, ) -> Option> { diff --git a/bls12-381-core/src/decompression.rs b/bls12-381-core/src/decompression.rs index d37bab0ec..0a28434cd 100644 --- a/bls12-381-core/src/decompression.rs +++ b/bls12-381-core/src/decompression.rs @@ -1,10 +1,14 @@ use { - crate::{reverse_48_byte_chunks, swap_g2_c0_c1, Endianness}, + crate::{reverse_48_byte_chunks, swap_g2_c0_c1, Endianness, Version}, blstrs::{G1Affine, G2Affine}, std::convert::TryInto, }; -pub fn bls12_381_g1_decompress(input: &[u8], endianness: Endianness) -> Option> { +pub fn bls12_381_g1_decompress( + _version: Version, + input: &[u8], + endianness: Endianness, +) -> Option> { if input.len() != 48 { return None; } @@ -29,7 +33,11 @@ pub fn bls12_381_g1_decompress(input: &[u8], endianness: Endianness) -> Option Option> { +pub fn bls12_381_g2_decompress( + _version: Version, + input: &[u8], + endianness: Endianness, +) -> Option> { if input.len() != 96 { return None; } diff --git a/bls12-381-core/src/lib.rs b/bls12-381-core/src/lib.rs index de2e2ffb4..ee4f76015 100644 --- a/bls12-381-core/src/lib.rs +++ b/bls12-381-core/src/lib.rs @@ -22,6 +22,11 @@ pub enum Endianness { LE, } +pub enum Version { + /// SIMD-388: BLS12-381 Elliptic Curve Syscalls + V0, +} + fn reverse_48_byte_chunks(bytes: &mut [u8]) { for chunk in bytes.chunks_mut(48) { chunk.reverse(); diff --git a/bls12-381-core/src/multiplication.rs b/bls12-381-core/src/multiplication.rs index 870498152..618248c2f 100644 --- a/bls12-381-core/src/multiplication.rs +++ b/bls12-381-core/src/multiplication.rs @@ -1,15 +1,11 @@ use { - crate::{reverse_48_byte_chunks, swap_g2_c0_c1, Endianness}, + crate::{reverse_48_byte_chunks, swap_g2_c0_c1, Endianness, Version}, blstrs::{G1Affine, G2Affine, Scalar}, std::convert::TryInto, }; -pub enum VersionedG1Multiplication { - V0, -} - pub fn bls12_381_g1_multiplication( - _version: VersionedG1Multiplication, + _version: Version, input: &[u8], endianness: Endianness, ) -> Option> { @@ -47,12 +43,8 @@ pub fn bls12_381_g1_multiplication( Some(result_affine.to_vec()) } -pub enum VersionedG2Multiplication { - V0, -} - pub fn bls12_381_g2_multiplication( - _version: VersionedG2Multiplication, + _version: Version, input: &[u8], endianness: Endianness, ) -> Option> { diff --git a/bls12-381-core/src/pairing.rs b/bls12-381-core/src/pairing.rs index 1e7bb735b..23e469f91 100644 --- a/bls12-381-core/src/pairing.rs +++ b/bls12-381-core/src/pairing.rs @@ -1,5 +1,5 @@ use { - crate::Endianness, + crate::{Endianness, Version}, blst::*, blstrs::{Bls12, G1Affine, G2Affine, G2Prepared, Gt}, group::Group, @@ -54,6 +54,7 @@ fn serialize_gt(gt: Gt, endianness: Endianness) -> Vec { } pub fn bls12_381_pairing_map( + _version: Version, num_pairs: u64, g1_bytes: &[u8], g2_bytes: &[u8], diff --git a/bls12-381-core/src/subtraction.rs b/bls12-381-core/src/subtraction.rs index 97146dcb1..afd89476b 100644 --- a/bls12-381-core/src/subtraction.rs +++ b/bls12-381-core/src/subtraction.rs @@ -1,16 +1,12 @@ use { - crate::{reverse_48_byte_chunks, swap_g2_c0_c1, Endianness}, + crate::{reverse_48_byte_chunks, swap_g2_c0_c1, Endianness, Version}, blstrs::{G1Affine, G1Projective, G2Affine, G2Projective}, group::prime::PrimeCurveAffine, std::convert::TryInto, }; -pub enum VersionedG1Subtraction { - V0, -} - pub fn bls12_381_g1_subtraction( - _version: VersionedG1Subtraction, + _version: Version, input: &[u8], endianness: Endianness, ) -> Option> { @@ -56,12 +52,8 @@ pub fn bls12_381_g1_subtraction( Some(diff_affine.to_vec()) } -pub enum VersionedG2Subtraction { - V0, -} - pub fn bls12_381_g2_subtraction( - _version: VersionedG2Subtraction, + _version: Version, input: &[u8], endianness: Endianness, ) -> Option> { diff --git a/bls12-381-core/src/validation.rs b/bls12-381-core/src/validation.rs index 849032dca..5dc959da7 100644 --- a/bls12-381-core/src/validation.rs +++ b/bls12-381-core/src/validation.rs @@ -1,10 +1,14 @@ use { - crate::{reverse_48_byte_chunks, swap_g2_c0_c1, Endianness}, + crate::{reverse_48_byte_chunks, swap_g2_c0_c1, Endianness, Version}, blstrs::{G1Affine, G2Affine}, std::convert::TryInto, }; -pub fn bls12_381_g1_point_validation(input: &[u8], endianness: Endianness) -> bool { +pub fn bls12_381_g1_point_validation( + _version: Version, + input: &[u8], + endianness: Endianness, +) -> bool { if input.len() != 96 { return false; } @@ -27,7 +31,11 @@ pub fn bls12_381_g1_point_validation(input: &[u8], endianness: Endianness) -> bo p1_opt.is_some() } -pub fn bls12_381_g2_point_validation(input: &[u8], endianness: Endianness) -> bool { +pub fn bls12_381_g2_point_validation( + _version: Version, + input: &[u8], + endianness: Endianness, +) -> bool { if input.len() != 192 { return false; } From 6b01986e94af4319165650685f3a4909277bfdf2 Mon Sep 17 00:00:00 2001 From: samkim-crypto Date: Sat, 29 Nov 2025 08:31:34 +0900 Subject: [PATCH 4/5] cargo sort --- Cargo.toml | 2 +- bls12-381-core/Cargo.toml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 2942bf379..5a9fc4e92 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -226,8 +226,8 @@ solana-atomic-u64 = { path = "atomic-u64", version = "3.0.0" } solana-big-mod-exp = { path = "big-mod-exp", version = "3.0.0" } solana-bincode = { path = "bincode", version = "3.0.0" } solana-blake3-hasher = { path = "blake3-hasher", version = "3.0.0" } -solana-bls12-381 = { path = "bls12-381-core", version = "0.1.0" } solana-bls-signatures = { path = "bls-signatures", version = "1.0.0" } +solana-bls12-381 = { path = "bls12-381-core", version = "0.1.0" } solana-bn254 = { path = "bn254", version = "3.0.0" } solana-borsh = { path = "borsh", version = "3.0.0" } solana-client-traits = { path = "client-traits", version = "3.0.0" } diff --git a/bls12-381-core/Cargo.toml b/bls12-381-core/Cargo.toml index 59e5900c2..65fc47ef8 100644 --- a/bls12-381-core/Cargo.toml +++ b/bls12-381-core/Cargo.toml @@ -18,8 +18,8 @@ rustdoc-args = ["--cfg=docsrs"] [dependencies] [target.'cfg(not(target_os = "solana"))'.dependencies] -blstrs = { workspace = true } blst = { workspace = true } +blstrs = { workspace = true } group = { workspace = true } pairing = { workspace = true } From 5f6eb32024910b0b94350759e20ae9c513c02035 Mon Sep 17 00:00:00 2001 From: samkim-crypto Date: Mon, 1 Dec 2025 17:50:16 +0900 Subject: [PATCH 5/5] wip --- Cargo.lock | 7 + Cargo.toml | 1 + bls12-381-core/Cargo.toml | 1 + bls12-381-core/src/addition.rs | 159 ++++++++++++++++++ bls12-381-core/src/lib.rs | 2 + bls12-381-core/src/test_vectors/addition.rs | 49 ++++++ .../src/test_vectors/decompression.rs | 37 ++++ .../src/test_vectors/multiplication.rs | 49 ++++++ bls12-381-core/src/test_vectors/pairing.rs | 0 .../src/test_vectors/subtraction.rs | 49 ++++++ bls12-381-core/src/test_vectors/validation.rs | 41 +++++ 11 files changed, 395 insertions(+) create mode 100644 bls12-381-core/src/test_vectors/addition.rs create mode 100644 bls12-381-core/src/test_vectors/decompression.rs create mode 100644 bls12-381-core/src/test_vectors/multiplication.rs create mode 100644 bls12-381-core/src/test_vectors/pairing.rs create mode 100644 bls12-381-core/src/test_vectors/subtraction.rs create mode 100644 bls12-381-core/src/test_vectors/validation.rs diff --git a/Cargo.lock b/Cargo.lock index 9e7115946..535ba52e0 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1340,6 +1340,12 @@ version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" +[[package]] +name = "hex-literal" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e712f64ec3850b98572bffac52e2c6f282b29fe6c5fa6d42334b30be438d95c1" + [[package]] name = "hmac" version = "0.12.1" @@ -2790,6 +2796,7 @@ dependencies = [ "blstrs", "criterion", "group", + "hex-literal", "pairing", "serde", "serde_derive", diff --git a/Cargo.toml b/Cargo.toml index 5a9fc4e92..fd59a248b 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -177,6 +177,7 @@ five8_const = "1.0.0" getrandom = "0.2.10" group = "0.13.0" hex = "0.4.3" +hex-literal = "1.1.0" hmac = "0.12.1" im = "15.1.0" indicatif = "0.17.9" diff --git a/bls12-381-core/Cargo.toml b/bls12-381-core/Cargo.toml index 65fc47ef8..36ca78ea2 100644 --- a/bls12-381-core/Cargo.toml +++ b/bls12-381-core/Cargo.toml @@ -29,6 +29,7 @@ solana-define-syscall = { workspace = true } [dev-dependencies] array-bytes = { workspace = true } criterion = { workspace = true } +hex-literal = { workspace = true } serde = { workspace = true } serde_derive = { workspace = true } serde_json = { workspace = true } diff --git a/bls12-381-core/src/addition.rs b/bls12-381-core/src/addition.rs index 314dcda9b..248095d13 100644 --- a/bls12-381-core/src/addition.rs +++ b/bls12-381-core/src/addition.rs @@ -93,3 +93,162 @@ pub fn bls12_381_g2_addition( } Some(sum_affine.to_vec()) } + +#[cfg(test)] +mod tests { + use {super::*, crate::test_vectors::*}; + + fn run_g1_test( + op_name: &str, + func: fn(Version, &[u8], Endianness) -> Option>, + input_be: &[u8], + output_be: &[u8], + input_le: &[u8], + output_le: &[u8], + ) { + // Test Big Endian + let result_be = func(Version::V0, input_be, Endianness::BE); + assert_eq!( + result_be, + Some(output_be.to_vec()), + "G1 {} BE Test Failed", + op_name + ); + + // Test Little Endian + let result_le = func(Version::V0, input_le, Endianness::LE); + assert_eq!( + result_le, + Some(output_le.to_vec()), + "G1 {} LE Test Failed", + op_name + ); + } + + fn run_g2_test( + op_name: &str, + func: fn(Version, &[u8], Endianness) -> Option>, + input_be: &[u8], + output_be: &[u8], + input_le: &[u8], + output_le: &[u8], + ) { + // Test Big Endian + let result_be = func(Version::V0, input_be, Endianness::BE); + assert_eq!( + result_be, + Some(output_be.to_vec()), + "G2 {} BE Test Failed", + op_name + ); + + // Test Little Endian + let result_le = func(Version::V0, input_le, Endianness::LE); + assert_eq!( + result_le, + Some(output_le.to_vec()), + "G2 {} LE Test Failed", + op_name + ); + } + + #[test] + fn test_g1_addition_random() { + run_g1_test( + "ADD", + bls12_381_g1_addition, + INPUT_BE_G1_ADD_RANDOM, + OUTPUT_BE_G1_ADD_RANDOM, + INPUT_LE_G1_ADD_RANDOM, + OUTPUT_LE_G1_ADD_RANDOM, + ); + } + + #[test] + fn test_g1_addition_doubling() { + run_g1_test( + "ADD", + bls12_381_g1_addition, + INPUT_BE_G1_ADD_DOUBLING, + OUTPUT_BE_G1_ADD_DOUBLING, + INPUT_LE_G1_ADD_DOUBLING, + OUTPUT_LE_G1_ADD_DOUBLING, + ); + } + + #[test] + fn test_g1_addition_infinity_edge_cases() { + // P + Inf + run_g1_test( + "ADD", + bls12_381_g1_addition, + INPUT_BE_G1_ADD_P_PLUS_INF, + OUTPUT_BE_G1_ADD_P_PLUS_INF, + INPUT_LE_G1_ADD_P_PLUS_INF, + OUTPUT_LE_G1_ADD_P_PLUS_INF, + ); + // Inf + Inf + run_g1_test( + "ADD", + bls12_381_g1_addition, + INPUT_BE_G1_ADD_INF_PLUS_INF, + OUTPUT_BE_G1_ADD_INF_PLUS_INF, + INPUT_LE_G1_ADD_INF_PLUS_INF, + OUTPUT_LE_G1_ADD_INF_PLUS_INF, + ); + } + + #[test] + fn test_g2_addition_random() { + run_g2_test( + "ADD", + bls12_381_g2_addition, + INPUT_BE_G2_ADD_RANDOM, + OUTPUT_BE_G2_ADD_RANDOM, + INPUT_LE_G2_ADD_RANDOM, + OUTPUT_LE_G2_ADD_RANDOM, + ); + } + + #[test] + fn test_g2_addition_doubling() { + run_g2_test( + "ADD", + bls12_381_g2_addition, + INPUT_BE_G2_ADD_DOUBLING, + OUTPUT_BE_G2_ADD_DOUBLING, + INPUT_LE_G2_ADD_DOUBLING, + OUTPUT_LE_G2_ADD_DOUBLING, + ); + } + + #[test] + fn test_g2_addition_infinity_edge_cases() { + // P + Inf + run_g2_test( + "ADD", + bls12_381_g2_addition, + INPUT_BE_G2_ADD_P_PLUS_INF, + OUTPUT_BE_G2_ADD_P_PLUS_INF, + INPUT_LE_G2_ADD_P_PLUS_INF, + OUTPUT_LE_G2_ADD_P_PLUS_INF, + ); + // Inf + Inf + run_g2_test( + "ADD", + bls12_381_g2_addition, + INPUT_BE_G2_ADD_INF_PLUS_INF, + OUTPUT_BE_G2_ADD_INF_PLUS_INF, + INPUT_LE_G2_ADD_INF_PLUS_INF, + OUTPUT_LE_G2_ADD_INF_PLUS_INF, + ); + } + + #[test] + fn test_invalid_length() { + // G1 expects 192 bytes + assert!(bls12_381_g1_addition(Version::V0, &[0u8; 191], Endianness::BE).is_none()); + // G2 expects 384 bytes + assert!(bls12_381_g2_addition(Version::V0, &[0u8; 383], Endianness::BE).is_none()); + } +} diff --git a/bls12-381-core/src/lib.rs b/bls12-381-core/src/lib.rs index ee4f76015..15265b373 100644 --- a/bls12-381-core/src/lib.rs +++ b/bls12-381-core/src/lib.rs @@ -15,6 +15,8 @@ pub(crate) mod decompression; pub(crate) mod multiplication; pub(crate) mod pairing; pub(crate) mod subtraction; +#[cfg(test)] +pub(crate) mod test_vectors; pub(crate) mod validation; pub enum Endianness { diff --git a/bls12-381-core/src/test_vectors/addition.rs b/bls12-381-core/src/test_vectors/addition.rs new file mode 100644 index 000000000..aec4ae53b --- /dev/null +++ b/bls12-381-core/src/test_vectors/addition.rs @@ -0,0 +1,49 @@ +use hex_literal::hex; + +// Test Case: G1_ADD_RANDOM +pub const INPUT_BE_G1_ADD_RANDOM: &[u8] = &hex!("0956a9d4ecf511657fb7380d6364b785396b60dcc6c502d7e1afd439a88f687f75f2b4c8a287489b589a3a5a3a2ef8b00ace1970f00139590a1ea55ea4fcdbe185d6a10476b17b353935e9ff7075f1f7b9c3e8247b1fdd0639b0fba3c32723af0d203dd7537cbabd52004ff443a7153230e5086b330f132f4b4df6b93f428f6dedd39992a3af4a4532c6ebda09aae12e16d37454207382e06afacd8fee734acfeec1e8103b8c14fc0722902f8938beaaebbdee2d613ac7ca2da48bc8bed7093b"); +pub const INPUT_LE_G1_ADD_RANDOM: &[u8] = &hex!("b0f82e3a5a3a9a589b4887a2c8b4f2757f688fa839d4afe1d702c5c6dc606b3985b764630d38b77f6511f5ecd4a95609af2327c3a3fbb03906dd1f7b24e8c3b9f7f17570ffe93539357bb17604a1d685e1dbfca45ea51e0a593901f07019ce0a2ee1aa09daebc632454aafa39299d3ed6d8f423fb9f64d4b2f130f336b08e5303215a743f44f0052bdba7c53d73d200d3b09d7bec88ba42dcac73a612deebdebaabe38892f902207fc148c3b10e8c1eecf4a73ee8fcdfa6ae08273205474d316"); +pub const OUTPUT_BE_G1_ADD_RANDOM: &[u8] = &hex!("173eff899dbc6256c06688abbb319b53cc85d99089670f04744b7f411d59df9320a15b6860d3ef66e95f3082cf9a13bd127066912449111b2f60742d381910bf381556d885f5cf479e1f1d3354b9868a404437a13799d69bfa15e904037529ef"); +pub const OUTPUT_LE_G1_ADD_RANDOM: &[u8] = &hex!("bd139acf82305fe966efd360685ba12093df591d417f4b74040f678990d985cc539b31bbab8866c05662bc9d89ff3e17ef29750304e915fa9bd69937a13744408a86b954331d1f9e47cff585d8561538bf1019382d74602f1b11492491667012"); + +// Test Case: G1_ADD_DOUBLING +pub const INPUT_BE_G1_ADD_DOUBLING: &[u8] = &hex!("0956a9d4ecf511657fb7380d6364b785396b60dcc6c502d7e1afd439a88f687f75f2b4c8a287489b589a3a5a3a2ef8b00ace1970f00139590a1ea55ea4fcdbe185d6a10476b17b353935e9ff7075f1f7b9c3e8247b1fdd0639b0fba3c32723af0956a9d4ecf511657fb7380d6364b785396b60dcc6c502d7e1afd439a88f687f75f2b4c8a287489b589a3a5a3a2ef8b00ace1970f00139590a1ea55ea4fcdbe185d6a10476b17b353935e9ff7075f1f7b9c3e8247b1fdd0639b0fba3c32723af"); +pub const INPUT_LE_G1_ADD_DOUBLING: &[u8] = &hex!("b0f82e3a5a3a9a589b4887a2c8b4f2757f688fa839d4afe1d702c5c6dc606b3985b764630d38b77f6511f5ecd4a95609af2327c3a3fbb03906dd1f7b24e8c3b9f7f17570ffe93539357bb17604a1d685e1dbfca45ea51e0a593901f07019ce0ab0f82e3a5a3a9a589b4887a2c8b4f2757f688fa839d4afe1d702c5c6dc606b3985b764630d38b77f6511f5ecd4a95609af2327c3a3fbb03906dd1f7b24e8c3b9f7f17570ffe93539357bb17604a1d685e1dbfca45ea51e0a593901f07019ce0a"); +pub const OUTPUT_BE_G1_ADD_DOUBLING: &[u8] = &hex!("14673e7a2b8871c549e78b4470a0659e6590ab002cd0c141a41db171d508f90310f07dfaf61a1d5bc83cfc80c5b6c4351700fec75600968a207694b7dcf41b177b8ab65a1887260d5584735c34f53758144328bc7866736fc05be9cce148356c"); +pub const OUTPUT_LE_G1_ADD_DOUBLING: &[u8] = &hex!("35c4b6c580fc3cc85b1d1af6fa7df01003f908d571b11da441c1d02c00ab90659e65a070448be749c571882b7a3e67146c3548e1cce95bc06f736678bc2843145837f5345c7384550d2687185ab68a7b171bf4dcb79476208a960056c7fe0017"); + +// Test Case: G1_ADD_P_PLUS_INF +pub const INPUT_BE_G1_ADD_P_PLUS_INF: &[u8] = &hex!("0956a9d4ecf511657fb7380d6364b785396b60dcc6c502d7e1afd439a88f687f75f2b4c8a287489b589a3a5a3a2ef8b00ace1970f00139590a1ea55ea4fcdbe185d6a10476b17b353935e9ff7075f1f7b9c3e8247b1fdd0639b0fba3c32723af400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const INPUT_LE_G1_ADD_P_PLUS_INF: &[u8] = &hex!("b0f82e3a5a3a9a589b4887a2c8b4f2757f688fa839d4afe1d702c5c6dc606b3985b764630d38b77f6511f5ecd4a95609af2327c3a3fbb03906dd1f7b24e8c3b9f7f17570ffe93539357bb17604a1d685e1dbfca45ea51e0a593901f07019ce0a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const OUTPUT_BE_G1_ADD_P_PLUS_INF: &[u8] = &hex!("0956a9d4ecf511657fb7380d6364b785396b60dcc6c502d7e1afd439a88f687f75f2b4c8a287489b589a3a5a3a2ef8b00ace1970f00139590a1ea55ea4fcdbe185d6a10476b17b353935e9ff7075f1f7b9c3e8247b1fdd0639b0fba3c32723af"); +pub const OUTPUT_LE_G1_ADD_P_PLUS_INF: &[u8] = &hex!("b0f82e3a5a3a9a589b4887a2c8b4f2757f688fa839d4afe1d702c5c6dc606b3985b764630d38b77f6511f5ecd4a95609af2327c3a3fbb03906dd1f7b24e8c3b9f7f17570ffe93539357bb17604a1d685e1dbfca45ea51e0a593901f07019ce0a"); + +// Test Case: G1_ADD_INF_PLUS_INF +pub const INPUT_BE_G1_ADD_INF_PLUS_INF: &[u8] = &hex!("400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const INPUT_LE_G1_ADD_INF_PLUS_INF: &[u8] = &hex!("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const OUTPUT_BE_G1_ADD_INF_PLUS_INF: &[u8] = &hex!("400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const OUTPUT_LE_G1_ADD_INF_PLUS_INF: &[u8] = &hex!("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); + +// Test Case: G2_ADD_RANDOM +pub const INPUT_BE_G2_ADD_RANDOM: &[u8] = &hex!("0b53153e04ae7b83a3133ed8c03019b839cf5046fd3381a957b68e019466cb63566fcf37cc75528ac75983cf9ef4cc8b1297d6c99e2765fcbd35fbeccd1b98a3e86535c512eef146b6716ff9637a2adc377f37f7aca4b7a992e5dab990b056ae1584961df1f1d74d0c4bee67175abdbf5548b5d655fdb7969e08fab2dca9d7f392d5960c0628bcc538d22e7d57051107181ba01663720907f46cb3c9262199db0ad302d44a5f97dfc86079a60aba7a28de5722e331a6c38b25dd2ce35677be290e6eb4ae2e4a917d5e1c27cd6b7e35bc2445a262694f319488e50580c5bb00ea8dc9f6df674bb121024b5a218b989c59195b9e64140c8782bfb505295ec35924b56fee18bbb2b38f11b544cbb886b9c3b01b5a021da5d1108f0be0fb3fbcda2917475b5aca6c50a0c8c2a26dc86005669cf52bf7dd8b94fefdb7a153fdf71647855d247fa2f83140adc911d208d6124107de0b0478115531cd5f84d098885c13c3b088275acf11c30ed721bfe83b03564e4e95a5b391a1bef743f3fc89012747"); +pub const INPUT_LE_G2_ADD_RANDOM: &[u8] = &hex!("ae56b090b9dae592a9b7a4acf7377f37dc2a7a63f96f71b646f1ee12c53565e8a3981bcdecfb35bdfc65279ec9d697128bccf49ecf8359c78a5275cc37cf6f5663cb6694018eb657a98133fd4650cf39b81930c0d83e13a3837bae043e15530b29be7756e32cdd258bc3a631e32257de287aba0aa67960c8df975f4ad402d30adb992126c9b36cf40709726316a01b18071105577d2ed238c5bc28060c96d592f3d7a9dcb2fa089e96b7fd55d6b54855bfbd5a1767ee4b0c4dd7f1f11d96841529dabc3ffbe00b8f10d1a51d025a1bb0c3b986b8cb44b5118fb3b2bb18ee6fb52459c35e2905b5bf82870c14649e5b19599c988b215a4b0221b14b67dff6c98dea00bbc58005e58894314f6962a24524bc357e6bcd271c5e7d914a2eaeb46e0e47270189fcf343f7bea191b3a5954e4e56033be8bf21d70ec311cf5a2788b0c3135c8898d0845fcd31551178040bde074112d608d211c9ad4031f8a27f245d854716f7fd53a1b7fdfe948bddf72bf59c660560c86da2c2c8a0506cca5a5b4717"); +pub const OUTPUT_BE_G2_ADD_RANDOM: &[u8] = &hex!("159d0afb9c3818ae185b62c92125444c29a10ca61080a11f6c1f5cd838c5c642d206406a9a608739aa77dcd2ee4962530f924a7a4628ba7bbf8b0bf9dd140c3e5125bf16f8714e7c1d9de4dcbb06fc0f3bec62c6fccdb0bec0c79ad55c7ebd37026d080f80be1f6ab48260d77d320b7c4777531c41d1802f072ed49de6c733628fdc9dfeb3cbba74294c231c7bcf361105f824f7c1c97476cac97dc9c80d44f427cf46ce0c75cec009e83e218958491079be8b5b9e5093cf7d17b15de3846759"); +pub const OUTPUT_LE_G2_ADD_RANDOM: &[u8] = &hex!("37bd7e5cd59ac7c0beb0cdfcc662ec3b0ffc06bbdce49d1d7c4e71f816bf25513e0c14ddf90b8bbf7bba28467a4a920f536249eed2dc77aa3987609a6a4006d242c6c538d85c1f6c1fa18010a60ca1294c442521c9625b18ae18389cfb0a9d15596784e35db1177dcf93509e5b8bbe7910495889213ee809c0ce750cce46cf27f4440dc8c97dc9ca7674c9c1f724f8051136cf7b1c234c2974bacbb3fe9ddc8f6233c7e69dd42e072f80d1411c5377477c0b327dd76082b46a1fbe800f086d02"); + +// Test Case: G2_ADD_DOUBLING +pub const INPUT_BE_G2_ADD_DOUBLING: &[u8] = &hex!("0b53153e04ae7b83a3133ed8c03019b839cf5046fd3381a957b68e019466cb63566fcf37cc75528ac75983cf9ef4cc8b1297d6c99e2765fcbd35fbeccd1b98a3e86535c512eef146b6716ff9637a2adc377f37f7aca4b7a992e5dab990b056ae1584961df1f1d74d0c4bee67175abdbf5548b5d655fdb7969e08fab2dca9d7f392d5960c0628bcc538d22e7d57051107181ba01663720907f46cb3c9262199db0ad302d44a5f97dfc86079a60aba7a28de5722e331a6c38b25dd2ce35677be290b53153e04ae7b83a3133ed8c03019b839cf5046fd3381a957b68e019466cb63566fcf37cc75528ac75983cf9ef4cc8b1297d6c99e2765fcbd35fbeccd1b98a3e86535c512eef146b6716ff9637a2adc377f37f7aca4b7a992e5dab990b056ae1584961df1f1d74d0c4bee67175abdbf5548b5d655fdb7969e08fab2dca9d7f392d5960c0628bcc538d22e7d57051107181ba01663720907f46cb3c9262199db0ad302d44a5f97dfc86079a60aba7a28de5722e331a6c38b25dd2ce35677be29"); +pub const INPUT_LE_G2_ADD_DOUBLING: &[u8] = &hex!("ae56b090b9dae592a9b7a4acf7377f37dc2a7a63f96f71b646f1ee12c53565e8a3981bcdecfb35bdfc65279ec9d697128bccf49ecf8359c78a5275cc37cf6f5663cb6694018eb657a98133fd4650cf39b81930c0d83e13a3837bae043e15530b29be7756e32cdd258bc3a631e32257de287aba0aa67960c8df975f4ad402d30adb992126c9b36cf40709726316a01b18071105577d2ed238c5bc28060c96d592f3d7a9dcb2fa089e96b7fd55d6b54855bfbd5a1767ee4b0c4dd7f1f11d968415ae56b090b9dae592a9b7a4acf7377f37dc2a7a63f96f71b646f1ee12c53565e8a3981bcdecfb35bdfc65279ec9d697128bccf49ecf8359c78a5275cc37cf6f5663cb6694018eb657a98133fd4650cf39b81930c0d83e13a3837bae043e15530b29be7756e32cdd258bc3a631e32257de287aba0aa67960c8df975f4ad402d30adb992126c9b36cf40709726316a01b18071105577d2ed238c5bc28060c96d592f3d7a9dcb2fa089e96b7fd55d6b54855bfbd5a1767ee4b0c4dd7f1f11d968415"); +pub const OUTPUT_BE_G2_ADD_DOUBLING: &[u8] = &hex!("1530e89c2912b7761679a292a428089239f047c47d3656ea16abf60fe5e7f3e50fc5f95f38de7ccb1c2b5fdd7aed524d0eaeb83d207093219506de0b08f0e4e9a4dc47a7a9862b0108e128b2d805f0cbfd9a7aaa5f302637102ce607f0cbbdce174d83a7b7176827d5bc9513c76c88cdbb0befd3eefea516bb06fc46b15da1bf8d48a8420c8725ee96d2d25d5ca205d6027b96fc85a504b88078dddb68a57c9038f77673b9064095bf4f9adbbd18ae7834b7ed5a212eb7238781f6a096511f30"); +pub const OUTPUT_LE_G2_ADD_DOUBLING: &[u8] = &hex!("cebdcbf007e62c103726305faa7a9afdcbf005d8b228e108012b86a9a747dca4e9e4f0080bde0695219370203db8ae0e4d52ed7add5f2b1ccb7cde385ff9c50fe5f3e7e50ff6ab16ea56367dc447f039920828a492a2791676b712299ce83015301f5196a0f6818723b72e215aedb73478ae18bddb9a4fbf954006b97376f738907ca568dbdd7880b804a585fc967b02d605a25c5dd2d296ee25870c42a8488dbfa15db146fc06bb16a5feeed3ef0bbbcd886cc71395bcd5276817b7a7834d17"); + +// Test Case: G2_ADD_P_PLUS_INF +pub const INPUT_BE_G2_ADD_P_PLUS_INF: &[u8] = &hex!("0b53153e04ae7b83a3133ed8c03019b839cf5046fd3381a957b68e019466cb63566fcf37cc75528ac75983cf9ef4cc8b1297d6c99e2765fcbd35fbeccd1b98a3e86535c512eef146b6716ff9637a2adc377f37f7aca4b7a992e5dab990b056ae1584961df1f1d74d0c4bee67175abdbf5548b5d655fdb7969e08fab2dca9d7f392d5960c0628bcc538d22e7d57051107181ba01663720907f46cb3c9262199db0ad302d44a5f97dfc86079a60aba7a28de5722e331a6c38b25dd2ce35677be29400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const INPUT_LE_G2_ADD_P_PLUS_INF: &[u8] = &hex!("ae56b090b9dae592a9b7a4acf7377f37dc2a7a63f96f71b646f1ee12c53565e8a3981bcdecfb35bdfc65279ec9d697128bccf49ecf8359c78a5275cc37cf6f5663cb6694018eb657a98133fd4650cf39b81930c0d83e13a3837bae043e15530b29be7756e32cdd258bc3a631e32257de287aba0aa67960c8df975f4ad402d30adb992126c9b36cf40709726316a01b18071105577d2ed238c5bc28060c96d592f3d7a9dcb2fa089e96b7fd55d6b54855bfbd5a1767ee4b0c4dd7f1f11d968415000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const OUTPUT_BE_G2_ADD_P_PLUS_INF: &[u8] = &hex!("0b53153e04ae7b83a3133ed8c03019b839cf5046fd3381a957b68e019466cb63566fcf37cc75528ac75983cf9ef4cc8b1297d6c99e2765fcbd35fbeccd1b98a3e86535c512eef146b6716ff9637a2adc377f37f7aca4b7a992e5dab990b056ae1584961df1f1d74d0c4bee67175abdbf5548b5d655fdb7969e08fab2dca9d7f392d5960c0628bcc538d22e7d57051107181ba01663720907f46cb3c9262199db0ad302d44a5f97dfc86079a60aba7a28de5722e331a6c38b25dd2ce35677be29"); +pub const OUTPUT_LE_G2_ADD_P_PLUS_INF: &[u8] = &hex!("ae56b090b9dae592a9b7a4acf7377f37dc2a7a63f96f71b646f1ee12c53565e8a3981bcdecfb35bdfc65279ec9d697128bccf49ecf8359c78a5275cc37cf6f5663cb6694018eb657a98133fd4650cf39b81930c0d83e13a3837bae043e15530b29be7756e32cdd258bc3a631e32257de287aba0aa67960c8df975f4ad402d30adb992126c9b36cf40709726316a01b18071105577d2ed238c5bc28060c96d592f3d7a9dcb2fa089e96b7fd55d6b54855bfbd5a1767ee4b0c4dd7f1f11d968415"); + +// Test Case: G2_ADD_INF_PLUS_INF +pub const INPUT_BE_G2_ADD_INF_PLUS_INF: &[u8] = &hex!("400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const INPUT_LE_G2_ADD_INF_PLUS_INF: &[u8] = &hex!("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const OUTPUT_BE_G2_ADD_INF_PLUS_INF: &[u8] = &hex!("400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const OUTPUT_LE_G2_ADD_INF_PLUS_INF: &[u8] = &hex!("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); diff --git a/bls12-381-core/src/test_vectors/decompression.rs b/bls12-381-core/src/test_vectors/decompression.rs new file mode 100644 index 000000000..acd7a56d5 --- /dev/null +++ b/bls12-381-core/src/test_vectors/decompression.rs @@ -0,0 +1,37 @@ +use hex_literal::hex; + +// Test Case: G1_DECOMPRESS_RANDOM +pub const INPUT_BE_G1_DECOMPRESS_RANDOM: &[u8] = &hex!("8956a9d4ecf511657fb7380d6364b785396b60dcc6c502d7e1afd439a88f687f75f2b4c8a287489b589a3a5a3a2ef8b0"); +pub const INPUT_LE_G1_DECOMPRESS_RANDOM: &[u8] = &hex!("b0f82e3a5a3a9a589b4887a2c8b4f2757f688fa839d4afe1d702c5c6dc606b3985b764630d38b77f6511f5ecd4a95689"); +pub const OUTPUT_BE_G1_DECOMPRESS_RANDOM: &[u8] = &hex!("0956a9d4ecf511657fb7380d6364b785396b60dcc6c502d7e1afd439a88f687f75f2b4c8a287489b589a3a5a3a2ef8b00ace1970f00139590a1ea55ea4fcdbe185d6a10476b17b353935e9ff7075f1f7b9c3e8247b1fdd0639b0fba3c32723af"); +pub const OUTPUT_LE_G1_DECOMPRESS_RANDOM: &[u8] = &hex!("b0f82e3a5a3a9a589b4887a2c8b4f2757f688fa839d4afe1d702c5c6dc606b3985b764630d38b77f6511f5ecd4a95609af2327c3a3fbb03906dd1f7b24e8c3b9f7f17570ffe93539357bb17604a1d685e1dbfca45ea51e0a593901f07019ce0a"); + +// Test Case: G1_DECOMPRESS_INFINITY +pub const INPUT_BE_G1_DECOMPRESS_INFINITY: &[u8] = &hex!("c00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const INPUT_LE_G1_DECOMPRESS_INFINITY: &[u8] = &hex!("0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0"); +pub const OUTPUT_BE_G1_DECOMPRESS_INFINITY: &[u8] = &hex!("400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const OUTPUT_LE_G1_DECOMPRESS_INFINITY: &[u8] = &hex!("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); + +// Test Case: G1_DECOMPRESS_GENERATOR +pub const INPUT_BE_G1_DECOMPRESS_GENERATOR: &[u8] = &hex!("97f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb"); +pub const INPUT_LE_G1_DECOMPRESS_GENERATOR: &[u8] = &hex!("bbc622db0af03afbef1a7af93fe8556c58ac1b173f3a4ea105b974974f8c68c30faca94f8c63952694d79731a7d3f197"); +pub const OUTPUT_BE_G1_DECOMPRESS_GENERATOR: &[u8] = &hex!("17f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb08b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1"); +pub const OUTPUT_LE_G1_DECOMPRESS_GENERATOR: &[u8] = &hex!("bbc622db0af03afbef1a7af93fe8556c58ac1b173f3a4ea105b974974f8c68c30faca94f8c63952694d79731a7d3f117e1e7c5462923aa0ce48a88a244c73cd0edb3042ccb18db00f60ad0d595e0f5fce48a1d74ed309ea0f1a0aae381f4b308"); + +// Test Case: G2_DECOMPRESS_RANDOM +pub const INPUT_BE_G2_DECOMPRESS_RANDOM: &[u8] = &hex!("ab53153e04ae7b83a3133ed8c03019b839cf5046fd3381a957b68e019466cb63566fcf37cc75528ac75983cf9ef4cc8b1297d6c99e2765fcbd35fbeccd1b98a3e86535c512eef146b6716ff9637a2adc377f37f7aca4b7a992e5dab990b056ae"); +pub const INPUT_LE_G2_DECOMPRESS_RANDOM: &[u8] = &hex!("ae56b090b9dae592a9b7a4acf7377f37dc2a7a63f96f71b646f1ee12c53565e8a3981bcdecfb35bdfc65279ec9d697128bccf49ecf8359c78a5275cc37cf6f5663cb6694018eb657a98133fd4650cf39b81930c0d83e13a3837bae043e1553ab"); +pub const OUTPUT_BE_G2_DECOMPRESS_RANDOM: &[u8] = &hex!("0b53153e04ae7b83a3133ed8c03019b839cf5046fd3381a957b68e019466cb63566fcf37cc75528ac75983cf9ef4cc8b1297d6c99e2765fcbd35fbeccd1b98a3e86535c512eef146b6716ff9637a2adc377f37f7aca4b7a992e5dab990b056ae1584961df1f1d74d0c4bee67175abdbf5548b5d655fdb7969e08fab2dca9d7f392d5960c0628bcc538d22e7d57051107181ba01663720907f46cb3c9262199db0ad302d44a5f97dfc86079a60aba7a28de5722e331a6c38b25dd2ce35677be29"); +pub const OUTPUT_LE_G2_DECOMPRESS_RANDOM: &[u8] = &hex!("ae56b090b9dae592a9b7a4acf7377f37dc2a7a63f96f71b646f1ee12c53565e8a3981bcdecfb35bdfc65279ec9d697128bccf49ecf8359c78a5275cc37cf6f5663cb6694018eb657a98133fd4650cf39b81930c0d83e13a3837bae043e15530b29be7756e32cdd258bc3a631e32257de287aba0aa67960c8df975f4ad402d30adb992126c9b36cf40709726316a01b18071105577d2ed238c5bc28060c96d592f3d7a9dcb2fa089e96b7fd55d6b54855bfbd5a1767ee4b0c4dd7f1f11d968415"); + +// Test Case: G2_DECOMPRESS_INFINITY +pub const INPUT_BE_G2_DECOMPRESS_INFINITY: &[u8] = &hex!("c00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const INPUT_LE_G2_DECOMPRESS_INFINITY: &[u8] = &hex!("0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0"); +pub const OUTPUT_BE_G2_DECOMPRESS_INFINITY: &[u8] = &hex!("400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const OUTPUT_LE_G2_DECOMPRESS_INFINITY: &[u8] = &hex!("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); + +// Test Case: G2_DECOMPRESS_GENERATOR +pub const INPUT_BE_G2_DECOMPRESS_GENERATOR: &[u8] = &hex!("93e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb8"); +pub const INPUT_LE_G2_DECOMPRESS_GENERATOR: &[u8] = &hex!("b8bd21c1c85680d4efbb05a82603ac0b77d1e37a640b51b4023b40fad47ae4c65110c52d27050826910a8ff0b2a24a027e2b045d057dace5575d941312f14c3349507fdcbb61dab51ab62099d0d06b59654f2788a0d3ac7d609f7152602be093"); +pub const OUTPUT_BE_G2_DECOMPRESS_GENERATOR: &[u8] = &hex!("13e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801"); +pub const OUTPUT_LE_G2_DECOMPRESS_GENERATOR: &[u8] = &hex!("b8bd21c1c85680d4efbb05a82603ac0b77d1e37a640b51b4023b40fad47ae4c65110c52d27050826910a8ff0b2a24a027e2b045d057dace5575d941312f14c3349507fdcbb61dab51ab62099d0d06b59654f2788a0d3ac7d609f7152602be0130128b808865493e189a2ac3bccc93a922cd16051699a426da7d3bd8caa9bfdad1a352edac6cdc98c116e7d7227d5e50cbe795ff05f07a9aaa11dec5c270d373fab992e57ab927426af63a7857e283ecb998bc22bb0d2ac32cc34a72ea0c40606"); diff --git a/bls12-381-core/src/test_vectors/multiplication.rs b/bls12-381-core/src/test_vectors/multiplication.rs new file mode 100644 index 000000000..d341b074e --- /dev/null +++ b/bls12-381-core/src/test_vectors/multiplication.rs @@ -0,0 +1,49 @@ +use hex_literal::hex; + +// Test Case: G1_MUL_RANDOM +pub const INPUT_BE_G1_MUL_RANDOM: &[u8] = &hex!("30dd2e006ef3f10fd1efc33ef9a8800d18e2833abf19469e4e770b47a83e1b3e0956a9d4ecf511657fb7380d6364b785396b60dcc6c502d7e1afd439a88f687f75f2b4c8a287489b589a3a5a3a2ef8b00ace1970f00139590a1ea55ea4fcdbe185d6a10476b17b353935e9ff7075f1f7b9c3e8247b1fdd0639b0fba3c32723af"); +pub const INPUT_LE_G1_MUL_RANDOM: &[u8] = &hex!("30dd2e006ef3f10fd1efc33ef9a8800d18e2833abf19469e4e770b47a83e1b3eb0f82e3a5a3a9a589b4887a2c8b4f2757f688fa839d4afe1d702c5c6dc606b3985b764630d38b77f6511f5ecd4a95609af2327c3a3fbb03906dd1f7b24e8c3b9f7f17570ffe93539357bb17604a1d685e1dbfca45ea51e0a593901f07019ce0a"); +pub const OUTPUT_BE_G1_MUL_RANDOM: &[u8] = &hex!("08955293d437eb235d83cd94ed35a25b59b083277541f555decd1ad8bed9e00b33e056faffbd451a4f9a662dae665b1c164aa37b585ec2f5a3aea7f7b0df45121e7b06f00053ff234315d61d6e0981a66011596e6d5b193c779fdb75d2517b66"); +pub const OUTPUT_LE_G1_MUL_RANDOM: &[u8] = &hex!("1c5b66ae2d669a4f1a45bdfffa56e0330be0d9bed81acdde55f541752783b0595ba235ed94cd835d23eb37d493529508667b51d275db9f773c195b6d6e591160a681096e1dd6154323ff5300f0067b1e1245dfb0f7a7aea3f5c25e587ba34a16"); + +// Test Case: G1_MUL_SCALAR_ZERO +pub const INPUT_BE_G1_MUL_SCALAR_ZERO: &[u8] = &hex!("00000000000000000000000000000000000000000000000000000000000000000956a9d4ecf511657fb7380d6364b785396b60dcc6c502d7e1afd439a88f687f75f2b4c8a287489b589a3a5a3a2ef8b00ace1970f00139590a1ea55ea4fcdbe185d6a10476b17b353935e9ff7075f1f7b9c3e8247b1fdd0639b0fba3c32723af"); +pub const INPUT_LE_G1_MUL_SCALAR_ZERO: &[u8] = &hex!("0000000000000000000000000000000000000000000000000000000000000000b0f82e3a5a3a9a589b4887a2c8b4f2757f688fa839d4afe1d702c5c6dc606b3985b764630d38b77f6511f5ecd4a95609af2327c3a3fbb03906dd1f7b24e8c3b9f7f17570ffe93539357bb17604a1d685e1dbfca45ea51e0a593901f07019ce0a"); +pub const OUTPUT_BE_G1_MUL_SCALAR_ZERO: &[u8] = &hex!("400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const OUTPUT_LE_G1_MUL_SCALAR_ZERO: &[u8] = &hex!("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); + +// Test Case: G1_MUL_SCALAR_ONE +pub const INPUT_BE_G1_MUL_SCALAR_ONE: &[u8] = &hex!("00000000000000000000000000000000000000000000000000000000000000000956a9d4ecf511657fb7380d6364b785396b60dcc6c502d7e1afd439a88f687f75f2b4c8a287489b589a3a5a3a2ef8b00ace1970f00139590a1ea55ea4fcdbe185d6a10476b17b353935e9ff7075f1f7b9c3e8247b1fdd0639b0fba3c32723af"); +pub const INPUT_LE_G1_MUL_SCALAR_ONE: &[u8] = &hex!("0000000000000000000000000000000000000000000000000000000000000000b0f82e3a5a3a9a589b4887a2c8b4f2757f688fa839d4afe1d702c5c6dc606b3985b764630d38b77f6511f5ecd4a95609af2327c3a3fbb03906dd1f7b24e8c3b9f7f17570ffe93539357bb17604a1d685e1dbfca45ea51e0a593901f07019ce0a"); +pub const OUTPUT_BE_G1_MUL_SCALAR_ONE: &[u8] = &hex!("400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const OUTPUT_LE_G1_MUL_SCALAR_ONE: &[u8] = &hex!("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); + +// Test Case: G1_MUL_POINT_INFINITY +pub const INPUT_BE_G1_MUL_POINT_INFINITY: &[u8] = &hex!("30dd2e006ef3f10fd1efc33ef9a8800d18e2833abf19469e4e770b47a83e1b3e400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const INPUT_LE_G1_MUL_POINT_INFINITY: &[u8] = &hex!("30dd2e006ef3f10fd1efc33ef9a8800d18e2833abf19469e4e770b47a83e1b3e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const OUTPUT_BE_G1_MUL_POINT_INFINITY: &[u8] = &hex!("400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const OUTPUT_LE_G1_MUL_POINT_INFINITY: &[u8] = &hex!("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); + +// Test Case: G2_MUL_RANDOM +pub const INPUT_BE_G2_MUL_RANDOM: &[u8] = &hex!("30dd2e006ef3f10fd1efc33ef9a8800d18e2833abf19469e4e770b47a83e1b3e0b53153e04ae7b83a3133ed8c03019b839cf5046fd3381a957b68e019466cb63566fcf37cc75528ac75983cf9ef4cc8b1297d6c99e2765fcbd35fbeccd1b98a3e86535c512eef146b6716ff9637a2adc377f37f7aca4b7a992e5dab990b056ae1584961df1f1d74d0c4bee67175abdbf5548b5d655fdb7969e08fab2dca9d7f392d5960c0628bcc538d22e7d57051107181ba01663720907f46cb3c9262199db0ad302d44a5f97dfc86079a60aba7a28de5722e331a6c38b25dd2ce35677be29"); +pub const INPUT_LE_G2_MUL_RANDOM: &[u8] = &hex!("30dd2e006ef3f10fd1efc33ef9a8800d18e2833abf19469e4e770b47a83e1b3eae56b090b9dae592a9b7a4acf7377f37dc2a7a63f96f71b646f1ee12c53565e8a3981bcdecfb35bdfc65279ec9d697128bccf49ecf8359c78a5275cc37cf6f5663cb6694018eb657a98133fd4650cf39b81930c0d83e13a3837bae043e15530b29be7756e32cdd258bc3a631e32257de287aba0aa67960c8df975f4ad402d30adb992126c9b36cf40709726316a01b18071105577d2ed238c5bc28060c96d592f3d7a9dcb2fa089e96b7fd55d6b54855bfbd5a1767ee4b0c4dd7f1f11d968415"); +pub const OUTPUT_BE_G2_MUL_RANDOM: &[u8] = &hex!("0537b3701b2abbbef5955c895616aa4a7668997d0082cd4c68d30deb0c17a7163ed806290a9cf9eb7ed68add62a38ceb167bcf9be2622d650d9054d87312e7e0303b69e211537bc6d281f091971aca2cd602a16f2c215d17015eb8652159ed45131cfffeebf3133e5bfdf3f1aa51c208cb8e13c2eadcf54530bce6b5dddf2a5c50cb5340cca663453bf6e497fb65ee6e0c76ebfd92ba7c5c252b231c4d91595e738611f142e242b23f37edb5e96117f7fda56f4f2b81f611bf5dabc7184498f4"); +pub const OUTPUT_LE_G2_MUL_RANDOM: &[u8] = &hex!("45ed592165b85e01175d212c6fa102d62cca1a9791f081d2c67b5311e2693b30e0e71273d854900d652d62e29bcf7b16eb8ca362dd8ad67eebf99c0a2906d83e16a7170ceb0dd3684ccd82007d9968764aaa1656895c95f5bebb2a1b70b33705f4984418c7ab5dbf11f6812b4f6fa5fdf71761e9b5ed373fb242e242f11186735e59914d1c232b255c7cba92fdeb760c6eee65fb97e4f63b4563a6cc4053cb505c2adfddb5e6bc3045f5dceac2138ecb08c251aaf1f3fd5b3e13f3ebfeff1c13"); + +// Test Case: G2_MUL_SCALAR_ZERO +pub const INPUT_BE_G2_MUL_SCALAR_ZERO: &[u8] = &hex!("00000000000000000000000000000000000000000000000000000000000000000b53153e04ae7b83a3133ed8c03019b839cf5046fd3381a957b68e019466cb63566fcf37cc75528ac75983cf9ef4cc8b1297d6c99e2765fcbd35fbeccd1b98a3e86535c512eef146b6716ff9637a2adc377f37f7aca4b7a992e5dab990b056ae1584961df1f1d74d0c4bee67175abdbf5548b5d655fdb7969e08fab2dca9d7f392d5960c0628bcc538d22e7d57051107181ba01663720907f46cb3c9262199db0ad302d44a5f97dfc86079a60aba7a28de5722e331a6c38b25dd2ce35677be29"); +pub const INPUT_LE_G2_MUL_SCALAR_ZERO: &[u8] = &hex!("0000000000000000000000000000000000000000000000000000000000000000ae56b090b9dae592a9b7a4acf7377f37dc2a7a63f96f71b646f1ee12c53565e8a3981bcdecfb35bdfc65279ec9d697128bccf49ecf8359c78a5275cc37cf6f5663cb6694018eb657a98133fd4650cf39b81930c0d83e13a3837bae043e15530b29be7756e32cdd258bc3a631e32257de287aba0aa67960c8df975f4ad402d30adb992126c9b36cf40709726316a01b18071105577d2ed238c5bc28060c96d592f3d7a9dcb2fa089e96b7fd55d6b54855bfbd5a1767ee4b0c4dd7f1f11d968415"); +pub const OUTPUT_BE_G2_MUL_SCALAR_ZERO: &[u8] = &hex!("400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const OUTPUT_LE_G2_MUL_SCALAR_ZERO: &[u8] = &hex!("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); + +// Test Case: G2_MUL_SCALAR_ONE +pub const INPUT_BE_G2_MUL_SCALAR_ONE: &[u8] = &hex!("00000000000000000000000000000000000000000000000000000000000000000b53153e04ae7b83a3133ed8c03019b839cf5046fd3381a957b68e019466cb63566fcf37cc75528ac75983cf9ef4cc8b1297d6c99e2765fcbd35fbeccd1b98a3e86535c512eef146b6716ff9637a2adc377f37f7aca4b7a992e5dab990b056ae1584961df1f1d74d0c4bee67175abdbf5548b5d655fdb7969e08fab2dca9d7f392d5960c0628bcc538d22e7d57051107181ba01663720907f46cb3c9262199db0ad302d44a5f97dfc86079a60aba7a28de5722e331a6c38b25dd2ce35677be29"); +pub const INPUT_LE_G2_MUL_SCALAR_ONE: &[u8] = &hex!("0000000000000000000000000000000000000000000000000000000000000000ae56b090b9dae592a9b7a4acf7377f37dc2a7a63f96f71b646f1ee12c53565e8a3981bcdecfb35bdfc65279ec9d697128bccf49ecf8359c78a5275cc37cf6f5663cb6694018eb657a98133fd4650cf39b81930c0d83e13a3837bae043e15530b29be7756e32cdd258bc3a631e32257de287aba0aa67960c8df975f4ad402d30adb992126c9b36cf40709726316a01b18071105577d2ed238c5bc28060c96d592f3d7a9dcb2fa089e96b7fd55d6b54855bfbd5a1767ee4b0c4dd7f1f11d968415"); +pub const OUTPUT_BE_G2_MUL_SCALAR_ONE: &[u8] = &hex!("400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const OUTPUT_LE_G2_MUL_SCALAR_ONE: &[u8] = &hex!("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); + +// Test Case: G2_MUL_POINT_INFINITY +pub const INPUT_BE_G2_MUL_POINT_INFINITY: &[u8] = &hex!("30dd2e006ef3f10fd1efc33ef9a8800d18e2833abf19469e4e770b47a83e1b3e400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const INPUT_LE_G2_MUL_POINT_INFINITY: &[u8] = &hex!("30dd2e006ef3f10fd1efc33ef9a8800d18e2833abf19469e4e770b47a83e1b3e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const OUTPUT_BE_G2_MUL_POINT_INFINITY: &[u8] = &hex!("400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const OUTPUT_LE_G2_MUL_POINT_INFINITY: &[u8] = &hex!("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); diff --git a/bls12-381-core/src/test_vectors/pairing.rs b/bls12-381-core/src/test_vectors/pairing.rs new file mode 100644 index 000000000..e69de29bb diff --git a/bls12-381-core/src/test_vectors/subtraction.rs b/bls12-381-core/src/test_vectors/subtraction.rs new file mode 100644 index 000000000..631745242 --- /dev/null +++ b/bls12-381-core/src/test_vectors/subtraction.rs @@ -0,0 +1,49 @@ +use hex_literal::hex; + +// Test Case: G1_SUB_RANDOM +pub const INPUT_BE_G1_SUB_RANDOM: &[u8] = &hex!("0956a9d4ecf511657fb7380d6364b785396b60dcc6c502d7e1afd439a88f687f75f2b4c8a287489b589a3a5a3a2ef8b00ace1970f00139590a1ea55ea4fcdbe185d6a10476b17b353935e9ff7075f1f7b9c3e8247b1fdd0639b0fba3c32723af0d203dd7537cbabd52004ff443a7153230e5086b330f132f4b4df6b93f428f6dedd39992a3af4a4532c6ebda09aae12e16d37454207382e06afacd8fee734acfeec1e8103b8c14fc0722902f8938beaaebbdee2d613ac7ca2da48bc8bed7093b"); +pub const INPUT_LE_G1_SUB_RANDOM: &[u8] = &hex!("b0f82e3a5a3a9a589b4887a2c8b4f2757f688fa839d4afe1d702c5c6dc606b3985b764630d38b77f6511f5ecd4a95609af2327c3a3fbb03906dd1f7b24e8c3b9f7f17570ffe93539357bb17604a1d685e1dbfca45ea51e0a593901f07019ce0a2ee1aa09daebc632454aafa39299d3ed6d8f423fb9f64d4b2f130f336b08e5303215a743f44f0052bdba7c53d73d200d3b09d7bec88ba42dcac73a612deebdebaabe38892f902207fc148c3b10e8c1eecf4a73ee8fcdfa6ae08273205474d316"); +pub const OUTPUT_BE_G1_SUB_RANDOM: &[u8] = &hex!("162d1a20e2b829528a877d2c34b21058c1e978cdec7e36882bf2bcedb2723a8be976f3ea5710de02fc58524ea54e278a0b328d8d5989ab02d46dc16ee66431dcc8c1616ebb881e4ce6553e2f774471ca59a5349121e5769f8591149c97606191"); +pub const OUTPUT_LE_G1_SUB_RANDOM: &[u8] = &hex!("8a274ea54e5258fc02de1057eaf376e98b3a72b2edbcf22b88367eeccd78e9c15810b2342c7d878a5229b8e2201a2d16916160979c1491859f76e5219134a559ca7144772f3e55e64c1e88bb6e61c1c8dc3164e66ec16dd402ab89598d8d320b"); + +// Test Case: G1_SUB_P_MINUS_P +pub const INPUT_BE_G1_SUB_P_MINUS_P: &[u8] = &hex!("0956a9d4ecf511657fb7380d6364b785396b60dcc6c502d7e1afd439a88f687f75f2b4c8a287489b589a3a5a3a2ef8b00ace1970f00139590a1ea55ea4fcdbe185d6a10476b17b353935e9ff7075f1f7b9c3e8247b1fdd0639b0fba3c32723af0956a9d4ecf511657fb7380d6364b785396b60dcc6c502d7e1afd439a88f687f75f2b4c8a287489b589a3a5a3a2ef8b00ace1970f00139590a1ea55ea4fcdbe185d6a10476b17b353935e9ff7075f1f7b9c3e8247b1fdd0639b0fba3c32723af"); +pub const INPUT_LE_G1_SUB_P_MINUS_P: &[u8] = &hex!("b0f82e3a5a3a9a589b4887a2c8b4f2757f688fa839d4afe1d702c5c6dc606b3985b764630d38b77f6511f5ecd4a95609af2327c3a3fbb03906dd1f7b24e8c3b9f7f17570ffe93539357bb17604a1d685e1dbfca45ea51e0a593901f07019ce0ab0f82e3a5a3a9a589b4887a2c8b4f2757f688fa839d4afe1d702c5c6dc606b3985b764630d38b77f6511f5ecd4a95609af2327c3a3fbb03906dd1f7b24e8c3b9f7f17570ffe93539357bb17604a1d685e1dbfca45ea51e0a593901f07019ce0a"); +pub const OUTPUT_BE_G1_SUB_P_MINUS_P: &[u8] = &hex!("400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const OUTPUT_LE_G1_SUB_P_MINUS_P: &[u8] = &hex!("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); + +// Test Case: G1_SUB_INF_MINUS_P +pub const INPUT_BE_G1_SUB_INF_MINUS_P: &[u8] = &hex!("4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000956a9d4ecf511657fb7380d6364b785396b60dcc6c502d7e1afd439a88f687f75f2b4c8a287489b589a3a5a3a2ef8b00ace1970f00139590a1ea55ea4fcdbe185d6a10476b17b353935e9ff7075f1f7b9c3e8247b1fdd0639b0fba3c32723af"); +pub const INPUT_LE_G1_SUB_INF_MINUS_P: &[u8] = &hex!("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b0f82e3a5a3a9a589b4887a2c8b4f2757f688fa839d4afe1d702c5c6dc606b3985b764630d38b77f6511f5ecd4a95609af2327c3a3fbb03906dd1f7b24e8c3b9f7f17570ffe93539357bb17604a1d685e1dbfca45ea51e0a593901f07019ce0a"); +pub const OUTPUT_BE_G1_SUB_INF_MINUS_P: &[u8] = &hex!("0956a9d4ecf511657fb7380d6364b785396b60dcc6c502d7e1afd439a88f687f75f2b4c8a287489b589a3a5a3a2ef8b00f32f879497ead4140fd02579e4ed0f5dea0aa807cd3978a2dfae8a1863b042c64e817da363422f9804e045c3cd886fc"); +pub const OUTPUT_LE_G1_SUB_INF_MINUS_P: &[u8] = &hex!("b0f82e3a5a3a9a589b4887a2c8b4f2757f688fa839d4afe1d702c5c6dc606b3985b764630d38b77f6511f5ecd4a95609fc86d83c5c044e80f9223436da17e8642c043b86a1e8fa2d8a97d37c80aaa0def5d04e9e5702fd4041ad7e4979f8320f"); + +// Test Case: G1_SUB_P_MINUS_INF +pub const INPUT_BE_G1_SUB_P_MINUS_INF: &[u8] = &hex!("0956a9d4ecf511657fb7380d6364b785396b60dcc6c502d7e1afd439a88f687f75f2b4c8a287489b589a3a5a3a2ef8b00ace1970f00139590a1ea55ea4fcdbe185d6a10476b17b353935e9ff7075f1f7b9c3e8247b1fdd0639b0fba3c32723af400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const INPUT_LE_G1_SUB_P_MINUS_INF: &[u8] = &hex!("b0f82e3a5a3a9a589b4887a2c8b4f2757f688fa839d4afe1d702c5c6dc606b3985b764630d38b77f6511f5ecd4a95609af2327c3a3fbb03906dd1f7b24e8c3b9f7f17570ffe93539357bb17604a1d685e1dbfca45ea51e0a593901f07019ce0a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const OUTPUT_BE_G1_SUB_P_MINUS_INF: &[u8] = &hex!("0956a9d4ecf511657fb7380d6364b785396b60dcc6c502d7e1afd439a88f687f75f2b4c8a287489b589a3a5a3a2ef8b00ace1970f00139590a1ea55ea4fcdbe185d6a10476b17b353935e9ff7075f1f7b9c3e8247b1fdd0639b0fba3c32723af"); +pub const OUTPUT_LE_G1_SUB_P_MINUS_INF: &[u8] = &hex!("b0f82e3a5a3a9a589b4887a2c8b4f2757f688fa839d4afe1d702c5c6dc606b3985b764630d38b77f6511f5ecd4a95609af2327c3a3fbb03906dd1f7b24e8c3b9f7f17570ffe93539357bb17604a1d685e1dbfca45ea51e0a593901f07019ce0a"); + +// Test Case: G2_SUB_RANDOM +pub const INPUT_BE_G2_SUB_RANDOM: &[u8] = &hex!("0b53153e04ae7b83a3133ed8c03019b839cf5046fd3381a957b68e019466cb63566fcf37cc75528ac75983cf9ef4cc8b1297d6c99e2765fcbd35fbeccd1b98a3e86535c512eef146b6716ff9637a2adc377f37f7aca4b7a992e5dab990b056ae1584961df1f1d74d0c4bee67175abdbf5548b5d655fdb7969e08fab2dca9d7f392d5960c0628bcc538d22e7d57051107181ba01663720907f46cb3c9262199db0ad302d44a5f97dfc86079a60aba7a28de5722e331a6c38b25dd2ce35677be290e6eb4ae2e4a917d5e1c27cd6b7e35bc2445a262694f319488e50580c5bb00ea8dc9f6df674bb121024b5a218b989c59195b9e64140c8782bfb505295ec35924b56fee18bbb2b38f11b544cbb886b9c3b01b5a021da5d1108f0be0fb3fbcda2917475b5aca6c50a0c8c2a26dc86005669cf52bf7dd8b94fefdb7a153fdf71647855d247fa2f83140adc911d208d6124107de0b0478115531cd5f84d098885c13c3b088275acf11c30ed721bfe83b03564e4e95a5b391a1bef743f3fc89012747"); +pub const INPUT_LE_G2_SUB_RANDOM: &[u8] = &hex!("ae56b090b9dae592a9b7a4acf7377f37dc2a7a63f96f71b646f1ee12c53565e8a3981bcdecfb35bdfc65279ec9d697128bccf49ecf8359c78a5275cc37cf6f5663cb6694018eb657a98133fd4650cf39b81930c0d83e13a3837bae043e15530b29be7756e32cdd258bc3a631e32257de287aba0aa67960c8df975f4ad402d30adb992126c9b36cf40709726316a01b18071105577d2ed238c5bc28060c96d592f3d7a9dcb2fa089e96b7fd55d6b54855bfbd5a1767ee4b0c4dd7f1f11d96841529dabc3ffbe00b8f10d1a51d025a1bb0c3b986b8cb44b5118fb3b2bb18ee6fb52459c35e2905b5bf82870c14649e5b19599c988b215a4b0221b14b67dff6c98dea00bbc58005e58894314f6962a24524bc357e6bcd271c5e7d914a2eaeb46e0e47270189fcf343f7bea191b3a5954e4e56033be8bf21d70ec311cf5a2788b0c3135c8898d0845fcd31551178040bde074112d608d211c9ad4031f8a27f245d854716f7fd53a1b7fdfe948bddf72bf59c660560c86da2c2c8a0506cca5a5b4717"); +pub const OUTPUT_BE_G2_SUB_RANDOM: &[u8] = &hex!("01d71af6898b31fca6a241410323707454e35a5231a06655889c0582d0e3bdd0a9e195484959f25175ab5870259f29d50880f6d131d722ddb54c0ad43ba2d2ad3c631eafa7607f9c574fe219dedad25e9b7c0e8f01d8ef4c697207e728784ae90c0aac99968943e7533ffbd0b80bc2144e5e856be3114b2e3497248e954ff7194a02119222ccc73c1547cc731eb165d210f083cb90ba205b16e968aa9a6252d132a2684ff80243875bf08e462e0682221be22f223ed0f107f243199ca5e0981a"); +pub const OUTPUT_LE_G2_SUB_RANDOM: &[u8] = &hex!("e94a7828e70772694cefd8018f0e7c9b5ed2dade19e24f579c7f60a7af1e633cadd2a23bd40a4cb5dd22d731d1f68008d5299f257058ab7551f259494895e1a9d0bde3d082059c885566a031525ae354747023034141a2a6fc318b89f61ad7011a98e0a59c1943f207f1d03e222fe21b2282062e468ef05b874302f84f68a232d152629aaa68e9165b20ba90cb83f010d265b11e73cc47153cc7cc229211024a19f74f958e2497342e4b11e36b855e4e14c20bb8d0fb3f53e743899699ac0a0c"); + +// Test Case: G2_SUB_P_MINUS_P +pub const INPUT_BE_G2_SUB_P_MINUS_P: &[u8] = &hex!("0b53153e04ae7b83a3133ed8c03019b839cf5046fd3381a957b68e019466cb63566fcf37cc75528ac75983cf9ef4cc8b1297d6c99e2765fcbd35fbeccd1b98a3e86535c512eef146b6716ff9637a2adc377f37f7aca4b7a992e5dab990b056ae1584961df1f1d74d0c4bee67175abdbf5548b5d655fdb7969e08fab2dca9d7f392d5960c0628bcc538d22e7d57051107181ba01663720907f46cb3c9262199db0ad302d44a5f97dfc86079a60aba7a28de5722e331a6c38b25dd2ce35677be290b53153e04ae7b83a3133ed8c03019b839cf5046fd3381a957b68e019466cb63566fcf37cc75528ac75983cf9ef4cc8b1297d6c99e2765fcbd35fbeccd1b98a3e86535c512eef146b6716ff9637a2adc377f37f7aca4b7a992e5dab990b056ae1584961df1f1d74d0c4bee67175abdbf5548b5d655fdb7969e08fab2dca9d7f392d5960c0628bcc538d22e7d57051107181ba01663720907f46cb3c9262199db0ad302d44a5f97dfc86079a60aba7a28de5722e331a6c38b25dd2ce35677be29"); +pub const INPUT_LE_G2_SUB_P_MINUS_P: &[u8] = &hex!("ae56b090b9dae592a9b7a4acf7377f37dc2a7a63f96f71b646f1ee12c53565e8a3981bcdecfb35bdfc65279ec9d697128bccf49ecf8359c78a5275cc37cf6f5663cb6694018eb657a98133fd4650cf39b81930c0d83e13a3837bae043e15530b29be7756e32cdd258bc3a631e32257de287aba0aa67960c8df975f4ad402d30adb992126c9b36cf40709726316a01b18071105577d2ed238c5bc28060c96d592f3d7a9dcb2fa089e96b7fd55d6b54855bfbd5a1767ee4b0c4dd7f1f11d968415ae56b090b9dae592a9b7a4acf7377f37dc2a7a63f96f71b646f1ee12c53565e8a3981bcdecfb35bdfc65279ec9d697128bccf49ecf8359c78a5275cc37cf6f5663cb6694018eb657a98133fd4650cf39b81930c0d83e13a3837bae043e15530b29be7756e32cdd258bc3a631e32257de287aba0aa67960c8df975f4ad402d30adb992126c9b36cf40709726316a01b18071105577d2ed238c5bc28060c96d592f3d7a9dcb2fa089e96b7fd55d6b54855bfbd5a1767ee4b0c4dd7f1f11d968415"); +pub const OUTPUT_BE_G2_SUB_P_MINUS_P: &[u8] = &hex!("400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const OUTPUT_LE_G2_SUB_P_MINUS_P: &[u8] = &hex!("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); + +// Test Case: G2_SUB_INF_MINUS_P +pub const INPUT_BE_G2_SUB_INF_MINUS_P: &[u8] = &hex!("4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b53153e04ae7b83a3133ed8c03019b839cf5046fd3381a957b68e019466cb63566fcf37cc75528ac75983cf9ef4cc8b1297d6c99e2765fcbd35fbeccd1b98a3e86535c512eef146b6716ff9637a2adc377f37f7aca4b7a992e5dab990b056ae1584961df1f1d74d0c4bee67175abdbf5548b5d655fdb7969e08fab2dca9d7f392d5960c0628bcc538d22e7d57051107181ba01663720907f46cb3c9262199db0ad302d44a5f97dfc86079a60aba7a28de5722e331a6c38b25dd2ce35677be29"); +pub const INPUT_LE_G2_SUB_INF_MINUS_P: &[u8] = &hex!("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ae56b090b9dae592a9b7a4acf7377f37dc2a7a63f96f71b646f1ee12c53565e8a3981bcdecfb35bdfc65279ec9d697128bccf49ecf8359c78a5275cc37cf6f5663cb6694018eb657a98133fd4650cf39b81930c0d83e13a3837bae043e15530b29be7756e32cdd258bc3a631e32257de287aba0aa67960c8df975f4ad402d30adb992126c9b36cf40709726316a01b18071105577d2ed238c5bc28060c96d592f3d7a9dcb2fa089e96b7fd55d6b54855bfbd5a1767ee4b0c4dd7f1f11d968415"); +pub const OUTPUT_BE_G2_SUB_INF_MINUS_P: &[u8] = &hex!("0b53153e04ae7b83a3133ed8c03019b839cf5046fd3381a957b68e019466cb63566fcf37cc75528ac75983cf9ef4cc8b1297d6c99e2765fcbd35fbeccd1b98a3e86535c512eef146b6716ff9637a2adc377f37f7aca4b7a992e5dab990b056ae047c7bcc478e0f4d3ecfb94f2bf0ef180f2e95ae9d875b28c927d7ee1a071e308bd669f2ab2b433a812cd182a8fa99a401e571d3d60ddd9256aef3ed1d2a12fc59a448b0a9257adf9ed058faebf67bfb4054dd1b7fad3c749421d31ca987ec82"); +pub const OUTPUT_LE_G2_SUB_INF_MINUS_P: &[u8] = &hex!("ae56b090b9dae592a9b7a4acf7377f37dc2a7a63f96f71b646f1ee12c53565e8a3981bcdecfb35bdfc65279ec9d697128bccf49ecf8359c78a5275cc37cf6f5663cb6694018eb657a98133fd4650cf39b81930c0d83e13a3837bae043e15530b82ec87a91cd32194743cad7f1bdd5440fb7bf6ebfa58d09edf7a25a9b048a459fc122a1dedf3ae5692dd0dd6d371e501a499faa882d12c813a432babf269d68b301e071aeed727c9285b879dae952e0f18eff02b4fb9cf3e4d0f8e47cc7b7c04"); + +// Test Case: G2_SUB_P_MINUS_INF +pub const INPUT_BE_G2_SUB_P_MINUS_INF: &[u8] = &hex!("0b53153e04ae7b83a3133ed8c03019b839cf5046fd3381a957b68e019466cb63566fcf37cc75528ac75983cf9ef4cc8b1297d6c99e2765fcbd35fbeccd1b98a3e86535c512eef146b6716ff9637a2adc377f37f7aca4b7a992e5dab990b056ae1584961df1f1d74d0c4bee67175abdbf5548b5d655fdb7969e08fab2dca9d7f392d5960c0628bcc538d22e7d57051107181ba01663720907f46cb3c9262199db0ad302d44a5f97dfc86079a60aba7a28de5722e331a6c38b25dd2ce35677be29400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const INPUT_LE_G2_SUB_P_MINUS_INF: &[u8] = &hex!("ae56b090b9dae592a9b7a4acf7377f37dc2a7a63f96f71b646f1ee12c53565e8a3981bcdecfb35bdfc65279ec9d697128bccf49ecf8359c78a5275cc37cf6f5663cb6694018eb657a98133fd4650cf39b81930c0d83e13a3837bae043e15530b29be7756e32cdd258bc3a631e32257de287aba0aa67960c8df975f4ad402d30adb992126c9b36cf40709726316a01b18071105577d2ed238c5bc28060c96d592f3d7a9dcb2fa089e96b7fd55d6b54855bfbd5a1767ee4b0c4dd7f1f11d968415000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const OUTPUT_BE_G2_SUB_P_MINUS_INF: &[u8] = &hex!("0b53153e04ae7b83a3133ed8c03019b839cf5046fd3381a957b68e019466cb63566fcf37cc75528ac75983cf9ef4cc8b1297d6c99e2765fcbd35fbeccd1b98a3e86535c512eef146b6716ff9637a2adc377f37f7aca4b7a992e5dab990b056ae1584961df1f1d74d0c4bee67175abdbf5548b5d655fdb7969e08fab2dca9d7f392d5960c0628bcc538d22e7d57051107181ba01663720907f46cb3c9262199db0ad302d44a5f97dfc86079a60aba7a28de5722e331a6c38b25dd2ce35677be29"); +pub const OUTPUT_LE_G2_SUB_P_MINUS_INF: &[u8] = &hex!("ae56b090b9dae592a9b7a4acf7377f37dc2a7a63f96f71b646f1ee12c53565e8a3981bcdecfb35bdfc65279ec9d697128bccf49ecf8359c78a5275cc37cf6f5663cb6694018eb657a98133fd4650cf39b81930c0d83e13a3837bae043e15530b29be7756e32cdd258bc3a631e32257de287aba0aa67960c8df975f4ad402d30adb992126c9b36cf40709726316a01b18071105577d2ed238c5bc28060c96d592f3d7a9dcb2fa089e96b7fd55d6b54855bfbd5a1767ee4b0c4dd7f1f11d968415"); diff --git a/bls12-381-core/src/test_vectors/validation.rs b/bls12-381-core/src/test_vectors/validation.rs new file mode 100644 index 000000000..8d886f60c --- /dev/null +++ b/bls12-381-core/src/test_vectors/validation.rs @@ -0,0 +1,41 @@ +use hex_literal::hex; + +// Test Case: G1_VALIDATE_RANDOM_VALID +pub const INPUT_BE_G1_VALIDATE_RANDOM_VALID: &[u8] = &hex!("0956a9d4ecf511657fb7380d6364b785396b60dcc6c502d7e1afd439a88f687f75f2b4c8a287489b589a3a5a3a2ef8b00ace1970f00139590a1ea55ea4fcdbe185d6a10476b17b353935e9ff7075f1f7b9c3e8247b1fdd0639b0fba3c32723af"); +pub const INPUT_LE_G1_VALIDATE_RANDOM_VALID: &[u8] = &hex!("b0f82e3a5a3a9a589b4887a2c8b4f2757f688fa839d4afe1d702c5c6dc606b3985b764630d38b77f6511f5ecd4a95609af2327c3a3fbb03906dd1f7b24e8c3b9f7f17570ffe93539357bb17604a1d685e1dbfca45ea51e0a593901f07019ce0a"); +pub const EXPECTED_G1_VALIDATE_RANDOM_VALID: bool = true; + +// Test Case: G1_VALIDATE_INFINITY_VALID +pub const INPUT_BE_G1_VALIDATE_INFINITY_VALID: &[u8] = &hex!("400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const INPUT_LE_G1_VALIDATE_INFINITY_VALID: &[u8] = &hex!("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const EXPECTED_G1_VALIDATE_INFINITY_VALID: bool = true; + +// Test Case: G1_VALIDATE_GENERATOR_VALID +pub const INPUT_BE_G1_VALIDATE_GENERATOR_VALID: &[u8] = &hex!("17f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb08b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1"); +pub const INPUT_LE_G1_VALIDATE_GENERATOR_VALID: &[u8] = &hex!("bbc622db0af03afbef1a7af93fe8556c58ac1b173f3a4ea105b974974f8c68c30faca94f8c63952694d79731a7d3f117e1e7c5462923aa0ce48a88a244c73cd0edb3042ccb18db00f60ad0d595e0f5fce48a1d74ed309ea0f1a0aae381f4b308"); +pub const EXPECTED_G1_VALIDATE_GENERATOR_VALID: bool = true; + +// Test Case: G2_VALIDATE_RANDOM_VALID +pub const INPUT_BE_G2_VALIDATE_RANDOM_VALID: &[u8] = &hex!("0b53153e04ae7b83a3133ed8c03019b839cf5046fd3381a957b68e019466cb63566fcf37cc75528ac75983cf9ef4cc8b1297d6c99e2765fcbd35fbeccd1b98a3e86535c512eef146b6716ff9637a2adc377f37f7aca4b7a992e5dab990b056ae1584961df1f1d74d0c4bee67175abdbf5548b5d655fdb7969e08fab2dca9d7f392d5960c0628bcc538d22e7d57051107181ba01663720907f46cb3c9262199db0ad302d44a5f97dfc86079a60aba7a28de5722e331a6c38b25dd2ce35677be29"); +pub const INPUT_LE_G2_VALIDATE_RANDOM_VALID: &[u8] = &hex!("ae56b090b9dae592a9b7a4acf7377f37dc2a7a63f96f71b646f1ee12c53565e8a3981bcdecfb35bdfc65279ec9d697128bccf49ecf8359c78a5275cc37cf6f5663cb6694018eb657a98133fd4650cf39b81930c0d83e13a3837bae043e15530b29be7756e32cdd258bc3a631e32257de287aba0aa67960c8df975f4ad402d30adb992126c9b36cf40709726316a01b18071105577d2ed238c5bc28060c96d592f3d7a9dcb2fa089e96b7fd55d6b54855bfbd5a1767ee4b0c4dd7f1f11d968415"); +pub const EXPECTED_G2_VALIDATE_RANDOM_VALID: bool = true; + +// Test Case: G2_VALIDATE_INFINITY_VALID +pub const INPUT_BE_G2_VALIDATE_INFINITY_VALID: &[u8] = &hex!("400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const INPUT_LE_G2_VALIDATE_INFINITY_VALID: &[u8] = &hex!("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); +pub const EXPECTED_G2_VALIDATE_INFINITY_VALID: bool = true; + +// Test Case: G1_VALIDATE_NOT_ON_CURVE_INVALID +pub const INPUT_BE_G1_VALIDATE_NOT_ON_CURVE_INVALID: &[u8] = &hex!("0956a9d4ecf511657fb7380d6364b785396b60dcc6c502d7e1afd439a88f687f75f2b4c8a287489b589a3a5a3a2ef8b00ace1970f00139590a1ea55ea4fcdbe185d6a10476b17b353935e9ff7075f1f7b9c3e8247b1fdd0639b0fba3c32723b4"); +pub const INPUT_LE_G1_VALIDATE_NOT_ON_CURVE_INVALID: &[u8] = &hex!("b0f82e3a5a3a9a589b4887a2c8b4f2757f688fa839d4afe1d702c5c6dc606b3985b764630d38b77f6511f5ecd4a95609b42327c3a3fbb03906dd1f7b24e8c3b9f7f17570ffe93539357bb17604a1d685e1dbfca45ea51e0a593901f07019ce0a"); +pub const EXPECTED_G1_VALIDATE_NOT_ON_CURVE_INVALID: bool = false; + +// Test Case: G1_VALIDATE_FIELD_X_EQ_P_INVALID +pub const INPUT_BE_G1_VALIDATE_FIELD_X_EQ_P_INVALID: &[u8] = &hex!("1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab08b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1"); +pub const INPUT_LE_G1_VALIDATE_FIELD_X_EQ_P_INVALID: &[u8] = &hex!("abaafffffffffeb9ffff53b1feffab1e24f6b0f6a0d23067bf1285f3844b7764d7ac4b43b6a71b4b9ae67f39ea11011ae1e7c5462923aa0ce48a88a244c73cd0edb3042ccb18db00f60ad0d595e0f5fce48a1d74ed309ea0f1a0aae381f4b308"); +pub const EXPECTED_G1_VALIDATE_FIELD_X_EQ_P_INVALID: bool = false; + +// Test Case: G2_VALIDATE_NOT_ON_CURVE_INVALID +pub const INPUT_BE_G2_VALIDATE_NOT_ON_CURVE_INVALID: &[u8] = &hex!("0b53153e04ae7b83a3133ed8c03019b839cf5046fd3381a957b68e019466cb63566fcf37cc75528ac75983cf9ef4cc8b1297d6c99e2765fcbd35fbeccd1b98a3e86535c512eef146b6716ff9637a2adc377f37f7aca4b7a992e5dab990b056ae1584961df1f1d74d0c4bee67175abdbf5548b5d655fdb7969e08fab2dca9d7f392d5960c0628bcc538d22e7d57051107181ba01663720907f46cb3c9262199db0ad302d44a5f97dfc86079a60aba7a28de5722e331a6c38b25dd2ce35677be2e"); +pub const INPUT_LE_G2_VALIDATE_NOT_ON_CURVE_INVALID: &[u8] = &hex!("ae56b090b9dae592a9b7a4acf7377f37dc2a7a63f96f71b646f1ee12c53565e8a3981bcdecfb35bdfc65279ec9d697128bccf49ecf8359c78a5275cc37cf6f5663cb6694018eb657a98133fd4650cf39b81930c0d83e13a3837bae043e15530b2ebe7756e32cdd258bc3a631e32257de287aba0aa67960c8df975f4ad402d30adb992126c9b36cf40709726316a01b18071105577d2ed238c5bc28060c96d592f3d7a9dcb2fa089e96b7fd55d6b54855bfbd5a1767ee4b0c4dd7f1f11d968415"); +pub const EXPECTED_G2_VALIDATE_NOT_ON_CURVE_INVALID: bool = false;