mirror of
https://github.com/tornadocash/snarkjs.git
synced 2024-06-17 01:43:31 +02:00
138 lines
3.3 KiB
JavaScript
138 lines
3.3 KiB
JavaScript
/*
|
|
Copyright 2018 0kims association.
|
|
|
|
This file is part of snarkjs.
|
|
|
|
snarkjs is a free software: you can redistribute it and/or
|
|
modify it under the terms of the GNU General Public License as published by the
|
|
Free Software Foundation, either version 3 of the License, or (at your option)
|
|
any later version.
|
|
|
|
snarkjs is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
|
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
|
|
more details.
|
|
|
|
You should have received a copy of the GNU General Public License along with
|
|
snarkjs. If not, see <https://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
const fUtils = require("./futils.js");
|
|
|
|
class F2Field {
|
|
constructor(F, nonResidue) {
|
|
this.F = F;
|
|
this.zero = [this.F.zero, this.F.zero];
|
|
this.one = [this.F.one, this.F.zero];
|
|
this.nonResidue = nonResidue;
|
|
}
|
|
|
|
_mulByNonResidue(a) {
|
|
return this.F.mul(this.nonResidue, a);
|
|
}
|
|
|
|
copy(a) {
|
|
return [this.F.copy(a[0]), this.F.copy(a[1])];
|
|
}
|
|
|
|
add(a, b) {
|
|
return [
|
|
this.F.add(a[0], b[0]),
|
|
this.F.add(a[1], b[1])
|
|
];
|
|
}
|
|
|
|
double(a) {
|
|
return this.add(a,a);
|
|
}
|
|
|
|
sub(a, b) {
|
|
return [
|
|
this.F.sub(a[0], b[0]),
|
|
this.F.sub(a[1], b[1])
|
|
];
|
|
}
|
|
|
|
neg(a) {
|
|
return this.sub(this.zero, a);
|
|
}
|
|
|
|
mul(a, b) {
|
|
const aA = this.F.mul(a[0] , b[0]);
|
|
const bB = this.F.mul(a[1] , b[1]);
|
|
|
|
return [
|
|
this.F.add( aA , this._mulByNonResidue(bB)),
|
|
this.F.sub(
|
|
this.F.mul(
|
|
this.F.add(a[0], a[1]),
|
|
this.F.add(b[0], b[1])),
|
|
this.F.add(aA, bB))];
|
|
}
|
|
|
|
inverse(a) {
|
|
const t0 = this.F.square(a[0]);
|
|
const t1 = this.F.square(a[1]);
|
|
const t2 = this.F.sub(t0, this._mulByNonResidue(t1));
|
|
const t3 = this.F.inverse(t2);
|
|
return [
|
|
this.F.mul(a[0], t3),
|
|
this.F.neg(this.F.mul( a[1], t3)) ];
|
|
}
|
|
|
|
div(a, b) {
|
|
return this.mul(a, this.inverse(b));
|
|
}
|
|
|
|
square(a) {
|
|
const ab = this.F.mul(a[0] , a[1]);
|
|
|
|
/*
|
|
[
|
|
(a + b) * (a + non_residue * b) - ab - non_residue * ab,
|
|
ab + ab
|
|
];
|
|
*/
|
|
|
|
return [
|
|
this.F.sub(
|
|
this.F.mul(
|
|
this.F.add(a[0], a[1]) ,
|
|
this.F.add(
|
|
a[0] ,
|
|
this._mulByNonResidue(a[1]))),
|
|
this.F.add(
|
|
ab,
|
|
this._mulByNonResidue(ab))),
|
|
this.F.add(ab, ab)
|
|
];
|
|
}
|
|
|
|
isZero(a) {
|
|
return this.F.isZero(a[0]) && this.F.isZero(a[1]);
|
|
}
|
|
|
|
equals(a, b) {
|
|
return this.F.equals(a[0], b[0]) && this.F.equals(a[1], b[1]);
|
|
}
|
|
|
|
affine(a) {
|
|
return [this.F.affine(a[0]), this.F.affine(a[1])];
|
|
}
|
|
|
|
mulScalar(base, e) {
|
|
return fUtils.mulScalar(this, base, e);
|
|
}
|
|
|
|
exp(base, e) {
|
|
return fUtils.exp(this, base, e);
|
|
}
|
|
|
|
toString(a) {
|
|
const cp = this.affine(a);
|
|
return `[ ${this.F.toString(cp[0])} , ${this.F.toString(cp[1])} ]`;
|
|
}
|
|
}
|
|
|
|
module.exports = F2Field;
|