Merge pull request #9 from ZeroPass/develop

Add SHA-384, EC point in Jacobi coords  and optimize `ec_mul_add_fast`

Author: smlu

.gitignore

@@ -3,6 +3,9 @@
 ##
 ## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore
 
+# tv generated code
+tests/tv/**/*.hpp
+
 # User-specific files
 *.rsuser
 *.suo
@@ -355,3 +358,6 @@ MigrationBackup/
 
 # Built Visual Studio Code Extensions
 *.vsix
+
+# Allow RSP test vectors
+!tests/tv/**/*.rsp

README.md

@@ -82,16 +82,38 @@ If configured correctly, you should be able to add the antelope.ck library to yo
 ```cpp
   #include <ack/ack.hpp>
 
-  // Calculate sum of 2 EC points on secp256k1 curve
+  // Calculate sum of 2 EC points on secp256k1 curve using affine coordinates
   const auto p1 = ack::ec_curve::secp256k1.make_point( p1_x, p1_y );
   const auto p2 = ack::ec_curve::secp256k1.generate_point( "85d0c2e48955214783ecf50a4f041" );
   const auto p3 = p1 + p2;
 
-  // triple the p3 point
+  // Triple the p3 point
   const auto p4 = p3 * 3;
 
-  // multiply the inverse of p4 by integer 0x73c5f6a67456ae48209b5a32d1b8
+  // Multiply the inverse of p4 by integer 0x73c5f6a67456ae48209b5a32d1b8
   const auto p5 = -p4 * "73c5f6a67456ae48209b5a32d1b8";
+  
+  // Generate 2 EC points on secp256r1 curve using Jacobi coordinates representation
+  using secp256r1_t     = decltype( ack::ec_curve::secp256r1 );
+  using point_r1_jacobi = ack::ec_point_fp_jacobi<secp256r1_t>;
+  
+  const auto p1         = ack::ec_curve::secp256k1.generate_point<point_r1_jacobi>( "5d0c2e48955214783ecf50a4f041" );
+  const auto p2_affine  = ack::ec_curve::secp256k1.make_point( p2_x, p2_y );
+  const auto p2         = point_r1_jacobi( p2_affine );
+  
+  // Calculate sum of 2 EC points on secp256r1 curve in Jacobi coordinates
+  const auto p3 = p1 + p2;
+
+  // Double point p3 
+  const auto p4 = p3 * 2; // or p3.doubled();
+  
+  // Verify point p4 is not identity and lies on the curve
+  eosio::check( !p4.is_identity(), "invalid point" );
+  eosio::check( p4.is_on_curve() , "invalid point" );
+  eosio::check( p4.is_valid()    , "invalid point" );
+  
+  // Convert point p4 to affine coordinates
+  const auto p4_affine = p4.to_affine();
 
   // Verify secp256k1 ECDSA-SHA256 signature
   auto pub_point = ack::ec_curve::secp256k1.make_point( pubkey_x, pubkey_y );
@@ -139,11 +161,14 @@ If configured correctly, you should be able to add the antelope.ck library to yo
     // Do something...
   }
 
+  // Calculate SHA384
+  hash384 mdsh384 = ack::sha384( byte_data );
+
   // Calculate SHA3-384
-  eosio::fixed_bytes<48> mdsh3 = ack::sha3_384( byte_data );
+  hash384 mdsh3 = ack::sha3_384( byte_data );
 
   // Calculate fixed size SHAKE-128 hash
-  eosio::checksum160 mdshk128 = ack::shake128_fixed<20>( byte_data );
+  hash160 mdshk128 = ack::shake128_fixed<20>( byte_data );
 
   // calculate var-long SHAKE-256 hash
   bytes mdshk256 = ack::shake256( byte_data, /*hash_len=*/16 );

include/ack/bigint.hpp

@@ -29,6 +29,7 @@
 #include <bit>
 #include <cstdlib>
 #include <cstddef>
+#include <vector>
 #include <type_traits>
 
 namespace ack {
@@ -1448,6 +1449,41 @@ namespace ack {
                 return data;
             }
 
+            /**
+             * Converts this integer to non-adjacent form (NAF).
+             * @return NAF representation of this integer.
+            */
+            [[nodiscard]] std::vector<char> to_naf() const
+            {
+                std::vector<char> nafv;
+                nafv.reserve( bit_length() + 1 );
+                auto num = *this;
+                while ( num > 0U ) {
+                    if ( num.is_odd() ) {
+                        int32_t nd;
+                        (num % 4).get_int32( nd );
+                        nd = 2 - nd;
+                        nafv.push_back( nd );
+                        num -= nd;
+                    } else {
+                        nafv.push_back( 0 );
+                    }
+                    num >>= 1;
+                }
+                return nafv;
+            }
+
+            /**
+             * Converts this integer to reversed non-adjacent form (NAF).
+             * @return reversed NAF representation of this integer.
+            */
+            [[nodiscard]] inline std::vector<char> to_rnaf() const
+            {
+                auto naf = to_naf();
+                std::reverse(naf.begin(), naf.end());
+                return naf;
+            }
+
             constexpr void clear()
             {
                 *this = 0;
@@ -1616,6 +1652,30 @@ namespace ack {
                 return !is_odd();
             }
 
+            /**
+             * Extracts integer as int32_t.
+             * Integer can be extracted only if the bit size of number is less than or equal to 32 bit integer.
+             *
+             * @param n - Reference of type int32_t to receive extracted integer.
+             * @return true if integer could be extracted otherwise false.
+            */
+            constexpr bool get_int32(int32_t& n) const
+            {
+                static_assert( sizeof(word_t) == sizeof(uint32_t) );
+                if (word_length() > 1) {
+                    return false;
+                }
+
+                n = 0;
+                if (word_length() > 0) {
+                    n = buf_[0];
+                    if ( is_negative() && n > 0 ) {
+                        n = -n;
+                    }
+                }
+                return true;
+            }
+
             constexpr const word_t* get_word() const // get pointer to word data
             {
                 return &buf_[0];
@@ -2470,13 +2530,13 @@ namespace ack {
      */
     template<std::size_t MaxBitSize>
     using fixed_bigint = bigint<fixed_word_buffer<get_word_size_from_bitsize(MaxBitSize)>>;
-    
+
     template <typename>
     struct is_bigint : std::false_type {};
 
     template <typename T>
     struct is_bigint<bigint<T>> : std::true_type {};
-    
+
     template<typename T>
     constexpr bool is_bigint_v = is_bigint<T>::value;
 }