diff --git a/.github/workflows/go-tests.yml b/.github/workflows/go-tests.yml index 41260a2ed..124d2d865 100644 --- a/.github/workflows/go-tests.yml +++ b/.github/workflows/go-tests.yml @@ -9,12 +9,23 @@ on: jobs: tests: - runs-on: ubuntu-latest + runs-on: ${{ matrix.os }} + strategy: + matrix: + os: + - ubuntu-latest + - macos-latest + - windows-latest + go-version: + - 1.13.x + - 1.19.x + - 1.20.x + steps: - name: Setup Go uses: actions/setup-go@v2 with: - go-version: ^1.19 + go-version: ${{ matrix.go-version }} id: go - uses: actions/checkout@v3 with: @@ -22,12 +33,8 @@ jobs: - name: Test run: | cd bindings/go - CGO_CFLAGS="-O2 -D__BLST_PORTABLE__" go test + go test - name: Benchmark run: | cd bindings/go - CGO_CFLAGS="-O2 -D__BLST_PORTABLE__" go test -bench=Benchmark - - name: Check headers - run: | - cmp blst/bindings/blst.h bindings/go/blst_headers/blst.h - cmp blst/bindings/blst_aux.h bindings/go/blst_headers/blst_aux.h + go test -bench=Benchmark diff --git a/bindings/go/README.md b/bindings/go/README.md index 8ce8f9a13..6d70e1b0b 100644 --- a/bindings/go/README.md +++ b/bindings/go/README.md @@ -11,9 +11,7 @@ go get github.com/ethereum/c-kzg-4844 ## Go version -This package requires `1.19rc1` or later. Version `1.19beta1` and before will -not work. These versions have a linking issue and are unable to see `blst` -functions. +This package should work with Go 1.13 and later. ## Example diff --git a/bindings/go/blst.S b/bindings/go/blst.S new file mode 100644 index 000000000..86b3d5e61 --- /dev/null +++ b/bindings/go/blst.S @@ -0,0 +1,8 @@ +/* + * For CGO to assemble the blst assembly files, the file MUST exist in the same + * directory as the main.go file. Instead of copying the whole + * blst/build/assembly.S file here, it should have the same effect to include + * it. Keep in mind, this while not work on Windows systems compiling with + * MSVC, but it will work with mingw32. + */ +#include "assembly.S" diff --git a/bindings/go/blst_headers/blst.h b/bindings/go/blst_headers/blst.h deleted file mode 100644 index 47fb13a58..000000000 --- a/bindings/go/blst_headers/blst.h +++ /dev/null @@ -1,483 +0,0 @@ -/* - * Copyright Supranational LLC - * Licensed under the Apache License, Version 2.0, see LICENSE for details. - * SPDX-License-Identifier: Apache-2.0 - */ -#ifndef __BLST_H__ -#define __BLST_H__ - -#ifdef __SIZE_TYPE__ -typedef __SIZE_TYPE__ size_t; -#else -#include -#endif - -#if defined(__UINT8_TYPE__) && defined(__UINT32_TYPE__) \ - && defined(__UINT64_TYPE__) -typedef __UINT8_TYPE__ uint8_t; -typedef __UINT32_TYPE__ uint32_t; -typedef __UINT64_TYPE__ uint64_t; -#else -#include -#endif - -#ifdef __cplusplus -extern "C" { -#elif defined(__BLST_CGO__) -typedef _Bool bool; /* it's assumed that cgo calls modern enough compiler */ -#elif defined(__STDC_VERSION__) && __STDC_VERSION__>=199901 -# define bool _Bool -#else -# define bool int -#endif - -#ifdef SWIG -# define DEFNULL =NULL -#elif defined __cplusplus -# define DEFNULL =0 -#else -# define DEFNULL -#endif - -typedef enum { - BLST_SUCCESS = 0, - BLST_BAD_ENCODING, - BLST_POINT_NOT_ON_CURVE, - BLST_POINT_NOT_IN_GROUP, - BLST_AGGR_TYPE_MISMATCH, - BLST_VERIFY_FAIL, - BLST_PK_IS_INFINITY, - BLST_BAD_SCALAR, -} BLST_ERROR; - -typedef uint8_t byte; -typedef uint64_t limb_t; - -typedef struct { byte b[256/8]; } blst_scalar; -typedef struct { limb_t l[256/8/sizeof(limb_t)]; } blst_fr; -typedef struct { limb_t l[384/8/sizeof(limb_t)]; } blst_fp; -/* 0 is "real" part, 1 is "imaginary" */ -typedef struct { blst_fp fp[2]; } blst_fp2; -typedef struct { blst_fp2 fp2[3]; } blst_fp6; -typedef struct { blst_fp6 fp6[2]; } blst_fp12; - -void blst_scalar_from_uint32(blst_scalar *out, const uint32_t a[8]); -void blst_uint32_from_scalar(uint32_t out[8], const blst_scalar *a); -void blst_scalar_from_uint64(blst_scalar *out, const uint64_t a[4]); -void blst_uint64_from_scalar(uint64_t out[4], const blst_scalar *a); -void blst_scalar_from_bendian(blst_scalar *out, const byte a[32]); -void blst_bendian_from_scalar(byte out[32], const blst_scalar *a); -void blst_scalar_from_lendian(blst_scalar *out, const byte a[32]); -void blst_lendian_from_scalar(byte out[32], const blst_scalar *a); -bool blst_scalar_fr_check(const blst_scalar *a); -bool blst_sk_check(const blst_scalar *a); -bool blst_sk_add_n_check(blst_scalar *out, const blst_scalar *a, - const blst_scalar *b); -bool blst_sk_sub_n_check(blst_scalar *out, const blst_scalar *a, - const blst_scalar *b); -bool blst_sk_mul_n_check(blst_scalar *out, const blst_scalar *a, - const blst_scalar *b); -void blst_sk_inverse(blst_scalar *out, const blst_scalar *a); -bool blst_scalar_from_le_bytes(blst_scalar *out, const byte *in, size_t len); -bool blst_scalar_from_be_bytes(blst_scalar *out, const byte *in, size_t len); - -#ifndef SWIG -/* - * BLS12-381-specific Fr operations. - */ -void blst_fr_add(blst_fr *ret, const blst_fr *a, const blst_fr *b); -void blst_fr_sub(blst_fr *ret, const blst_fr *a, const blst_fr *b); -void blst_fr_mul_by_3(blst_fr *ret, const blst_fr *a); -void blst_fr_lshift(blst_fr *ret, const blst_fr *a, size_t count); -void blst_fr_rshift(blst_fr *ret, const blst_fr *a, size_t count); -void blst_fr_mul(blst_fr *ret, const blst_fr *a, const blst_fr *b); -void blst_fr_sqr(blst_fr *ret, const blst_fr *a); -void blst_fr_cneg(blst_fr *ret, const blst_fr *a, bool flag); -void blst_fr_eucl_inverse(blst_fr *ret, const blst_fr *a); -void blst_fr_inverse(blst_fr *ret, const blst_fr *a); -#ifdef BLST_FR_PENTAROOT -void blst_fr_pentaroot(blst_fr *ret, const blst_fr *a); -void blst_fr_pentapow(blst_fr *ret, const blst_fr *a); -#endif - -void blst_fr_from_uint64(blst_fr *ret, const uint64_t a[4]); -void blst_uint64_from_fr(uint64_t ret[4], const blst_fr *a); -void blst_fr_from_scalar(blst_fr *ret, const blst_scalar *a); -void blst_scalar_from_fr(blst_scalar *ret, const blst_fr *a); - -/* - * BLS12-381-specific Fp operations. - */ -void blst_fp_add(blst_fp *ret, const blst_fp *a, const blst_fp *b); -void blst_fp_sub(blst_fp *ret, const blst_fp *a, const blst_fp *b); -void blst_fp_mul_by_3(blst_fp *ret, const blst_fp *a); -void blst_fp_mul_by_8(blst_fp *ret, const blst_fp *a); -void blst_fp_lshift(blst_fp *ret, const blst_fp *a, size_t count); -void blst_fp_mul(blst_fp *ret, const blst_fp *a, const blst_fp *b); -void blst_fp_sqr(blst_fp *ret, const blst_fp *a); -void blst_fp_cneg(blst_fp *ret, const blst_fp *a, bool flag); -void blst_fp_eucl_inverse(blst_fp *ret, const blst_fp *a); -void blst_fp_inverse(blst_fp *ret, const blst_fp *a); -bool blst_fp_sqrt(blst_fp *ret, const blst_fp *a); - -void blst_fp_from_uint32(blst_fp *ret, const uint32_t a[12]); -void blst_uint32_from_fp(uint32_t ret[12], const blst_fp *a); -void blst_fp_from_uint64(blst_fp *ret, const uint64_t a[6]); -void blst_uint64_from_fp(uint64_t ret[6], const blst_fp *a); -void blst_fp_from_bendian(blst_fp *ret, const byte a[48]); -void blst_bendian_from_fp(byte ret[48], const blst_fp *a); -void blst_fp_from_lendian(blst_fp *ret, const byte a[48]); -void blst_lendian_from_fp(byte ret[48], const blst_fp *a); - -/* - * BLS12-381-specific Fp2 operations. - */ -void blst_fp2_add(blst_fp2 *ret, const blst_fp2 *a, const blst_fp2 *b); -void blst_fp2_sub(blst_fp2 *ret, const blst_fp2 *a, const blst_fp2 *b); -void blst_fp2_mul_by_3(blst_fp2 *ret, const blst_fp2 *a); -void blst_fp2_mul_by_8(blst_fp2 *ret, const blst_fp2 *a); -void blst_fp2_lshift(blst_fp2 *ret, const blst_fp2 *a, size_t count); -void blst_fp2_mul(blst_fp2 *ret, const blst_fp2 *a, const blst_fp2 *b); -void blst_fp2_sqr(blst_fp2 *ret, const blst_fp2 *a); -void blst_fp2_cneg(blst_fp2 *ret, const blst_fp2 *a, bool flag); -void blst_fp2_eucl_inverse(blst_fp2 *ret, const blst_fp2 *a); -void blst_fp2_inverse(blst_fp2 *ret, const blst_fp2 *a); -bool blst_fp2_sqrt(blst_fp2 *ret, const blst_fp2 *a); - -/* - * BLS12-381-specific Fp12 operations. - */ -void blst_fp12_sqr(blst_fp12 *ret, const blst_fp12 *a); -void blst_fp12_cyclotomic_sqr(blst_fp12 *ret, const blst_fp12 *a); -void blst_fp12_mul(blst_fp12 *ret, const blst_fp12 *a, const blst_fp12 *b); -void blst_fp12_mul_by_xy00z0(blst_fp12 *ret, const blst_fp12 *a, - const blst_fp6 *xy00z0); -void blst_fp12_conjugate(blst_fp12 *a); -void blst_fp12_inverse(blst_fp12 *ret, const blst_fp12 *a); -/* caveat lector! |n| has to be non-zero and not more than 3! */ -void blst_fp12_frobenius_map(blst_fp12 *ret, const blst_fp12 *a, size_t n); -bool blst_fp12_is_equal(const blst_fp12 *a, const blst_fp12 *b); -bool blst_fp12_is_one(const blst_fp12 *a); -bool blst_fp12_in_group(const blst_fp12 *a); -const blst_fp12 *blst_fp12_one(void); -#endif // SWIG - -/* - * BLS12-381-specific point operations. - */ -typedef struct { blst_fp x, y, z; } blst_p1; -typedef struct { blst_fp x, y; } blst_p1_affine; - -void blst_p1_add(blst_p1 *out, const blst_p1 *a, const blst_p1 *b); -void blst_p1_add_or_double(blst_p1 *out, const blst_p1 *a, const blst_p1 *b); -void blst_p1_add_affine(blst_p1 *out, const blst_p1 *a, - const blst_p1_affine *b); -void blst_p1_add_or_double_affine(blst_p1 *out, const blst_p1 *a, - const blst_p1_affine *b); -void blst_p1_double(blst_p1 *out, const blst_p1 *a); -void blst_p1_mult(blst_p1 *out, const blst_p1 *p, const byte *scalar, - size_t nbits); -void blst_p1_cneg(blst_p1 *p, bool cbit); -void blst_p1_to_affine(blst_p1_affine *out, const blst_p1 *in); -void blst_p1_from_affine(blst_p1 *out, const blst_p1_affine *in); -bool blst_p1_on_curve(const blst_p1 *p); -bool blst_p1_in_g1(const blst_p1 *p); -bool blst_p1_is_equal(const blst_p1 *a, const blst_p1 *b); -bool blst_p1_is_inf(const blst_p1 *a); -const blst_p1 *blst_p1_generator(void); - -bool blst_p1_affine_on_curve(const blst_p1_affine *p); -bool blst_p1_affine_in_g1(const blst_p1_affine *p); -bool blst_p1_affine_is_equal(const blst_p1_affine *a, const blst_p1_affine *b); -bool blst_p1_affine_is_inf(const blst_p1_affine *a); -const blst_p1_affine *blst_p1_affine_generator(void); - -typedef struct { blst_fp2 x, y, z; } blst_p2; -typedef struct { blst_fp2 x, y; } blst_p2_affine; - -void blst_p2_add(blst_p2 *out, const blst_p2 *a, const blst_p2 *b); -void blst_p2_add_or_double(blst_p2 *out, const blst_p2 *a, const blst_p2 *b); -void blst_p2_add_affine(blst_p2 *out, const blst_p2 *a, - const blst_p2_affine *b); -void blst_p2_add_or_double_affine(blst_p2 *out, const blst_p2 *a, - const blst_p2_affine *b); -void blst_p2_double(blst_p2 *out, const blst_p2 *a); -void blst_p2_mult(blst_p2 *out, const blst_p2 *p, const byte *scalar, - size_t nbits); -void blst_p2_cneg(blst_p2 *p, bool cbit); -void blst_p2_to_affine(blst_p2_affine *out, const blst_p2 *in); -void blst_p2_from_affine(blst_p2 *out, const blst_p2_affine *in); -bool blst_p2_on_curve(const blst_p2 *p); -bool blst_p2_in_g2(const blst_p2 *p); -bool blst_p2_is_equal(const blst_p2 *a, const blst_p2 *b); -bool blst_p2_is_inf(const blst_p2 *a); -const blst_p2 *blst_p2_generator(void); - -bool blst_p2_affine_on_curve(const blst_p2_affine *p); -bool blst_p2_affine_in_g2(const blst_p2_affine *p); -bool blst_p2_affine_is_equal(const blst_p2_affine *a, const blst_p2_affine *b); -bool blst_p2_affine_is_inf(const blst_p2_affine *a); -const blst_p2_affine *blst_p2_affine_generator(void); - -/* - * Multi-scalar multiplications and other multi-point operations. - */ - -void blst_p1s_to_affine(blst_p1_affine dst[], const blst_p1 *const points[], - size_t npoints); -void blst_p1s_add(blst_p1 *ret, const blst_p1_affine *const points[], - size_t npoints); - -size_t blst_p1s_mult_wbits_precompute_sizeof(size_t wbits, size_t npoints); -void blst_p1s_mult_wbits_precompute(blst_p1_affine table[], size_t wbits, - const blst_p1_affine *const points[], - size_t npoints); -size_t blst_p1s_mult_wbits_scratch_sizeof(size_t npoints); -void blst_p1s_mult_wbits(blst_p1 *ret, const blst_p1_affine table[], - size_t wbits, size_t npoints, - const byte *const scalars[], size_t nbits, - limb_t *scratch); - -size_t blst_p1s_mult_pippenger_scratch_sizeof(size_t npoints); -void blst_p1s_mult_pippenger(blst_p1 *ret, const blst_p1_affine *const points[], - size_t npoints, const byte *const scalars[], - size_t nbits, limb_t *scratch); -void blst_p1s_tile_pippenger(blst_p1 *ret, const blst_p1_affine *const points[], - size_t npoints, const byte *const scalars[], - size_t nbits, limb_t *scratch, - size_t bit0, size_t window); - -void blst_p2s_to_affine(blst_p2_affine dst[], const blst_p2 *const points[], - size_t npoints); -void blst_p2s_add(blst_p2 *ret, const blst_p2_affine *const points[], - size_t npoints); - -size_t blst_p2s_mult_wbits_precompute_sizeof(size_t wbits, size_t npoints); -void blst_p2s_mult_wbits_precompute(blst_p2_affine table[], size_t wbits, - const blst_p2_affine *const points[], - size_t npoints); -size_t blst_p2s_mult_wbits_scratch_sizeof(size_t npoints); -void blst_p2s_mult_wbits(blst_p2 *ret, const blst_p2_affine table[], - size_t wbits, size_t npoints, - const byte *const scalars[], size_t nbits, - limb_t *scratch); - -size_t blst_p2s_mult_pippenger_scratch_sizeof(size_t npoints); -void blst_p2s_mult_pippenger(blst_p2 *ret, const blst_p2_affine *const points[], - size_t npoints, const byte *const scalars[], - size_t nbits, limb_t *scratch); -void blst_p2s_tile_pippenger(blst_p2 *ret, const blst_p2_affine *const points[], - size_t npoints, const byte *const scalars[], - size_t nbits, limb_t *scratch, - size_t bit0, size_t window); - -/* - * Hash-to-curve operations. - */ -#ifndef SWIG -void blst_map_to_g1(blst_p1 *out, const blst_fp *u, const blst_fp *v DEFNULL); -void blst_map_to_g2(blst_p2 *out, const blst_fp2 *u, const blst_fp2 *v DEFNULL); -#endif - -void blst_encode_to_g1(blst_p1 *out, - const byte *msg, size_t msg_len, - const byte *DST DEFNULL, size_t DST_len DEFNULL, - const byte *aug DEFNULL, size_t aug_len DEFNULL); -void blst_hash_to_g1(blst_p1 *out, - const byte *msg, size_t msg_len, - const byte *DST DEFNULL, size_t DST_len DEFNULL, - const byte *aug DEFNULL, size_t aug_len DEFNULL); - -void blst_encode_to_g2(blst_p2 *out, - const byte *msg, size_t msg_len, - const byte *DST DEFNULL, size_t DST_len DEFNULL, - const byte *aug DEFNULL, size_t aug_len DEFNULL); -void blst_hash_to_g2(blst_p2 *out, - const byte *msg, size_t msg_len, - const byte *DST DEFNULL, size_t DST_len DEFNULL, - const byte *aug DEFNULL, size_t aug_len DEFNULL); - -/* - * Zcash-compatible serialization/deserialization. - */ -void blst_p1_serialize(byte out[96], const blst_p1 *in); -void blst_p1_compress(byte out[48], const blst_p1 *in); -void blst_p1_affine_serialize(byte out[96], const blst_p1_affine *in); -void blst_p1_affine_compress(byte out[48], const blst_p1_affine *in); -BLST_ERROR blst_p1_uncompress(blst_p1_affine *out, const byte in[48]); -BLST_ERROR blst_p1_deserialize(blst_p1_affine *out, const byte in[96]); - -void blst_p2_serialize(byte out[192], const blst_p2 *in); -void blst_p2_compress(byte out[96], const blst_p2 *in); -void blst_p2_affine_serialize(byte out[192], const blst_p2_affine *in); -void blst_p2_affine_compress(byte out[96], const blst_p2_affine *in); -BLST_ERROR blst_p2_uncompress(blst_p2_affine *out, const byte in[96]); -BLST_ERROR blst_p2_deserialize(blst_p2_affine *out, const byte in[192]); - -/* - * Specification defines two variants, 'minimal-signature-size' and - * 'minimal-pubkey-size'. To unify appearance we choose to distinguish - * them by suffix referring to the public key type, more specifically - * _pk_in_g1 corresponds to 'minimal-pubkey-size' and _pk_in_g2 - to - * 'minimal-signature-size'. It might appear a bit counterintuitive - * in sign call, but no matter how you twist it, something is bound to - * turn a little odd. - */ -/* - * Secret-key operations. - */ -void blst_keygen(blst_scalar *out_SK, const byte *IKM, size_t IKM_len, - const byte *info DEFNULL, size_t info_len DEFNULL); -void blst_sk_to_pk_in_g1(blst_p1 *out_pk, const blst_scalar *SK); -void blst_sign_pk_in_g1(blst_p2 *out_sig, const blst_p2 *hash, - const blst_scalar *SK); -void blst_sk_to_pk_in_g2(blst_p2 *out_pk, const blst_scalar *SK); -void blst_sign_pk_in_g2(blst_p1 *out_sig, const blst_p1 *hash, - const blst_scalar *SK); - -/* - * Pairing interface. - */ -#ifndef SWIG -void blst_miller_loop(blst_fp12 *ret, const blst_p2_affine *Q, - const blst_p1_affine *P); -void blst_final_exp(blst_fp12 *ret, const blst_fp12 *f); -void blst_precompute_lines(blst_fp6 Qlines[68], const blst_p2_affine *Q); -void blst_miller_loop_lines(blst_fp12 *ret, const blst_fp6 Qlines[68], - const blst_p1_affine *P); -bool blst_fp12_finalverify(const blst_fp12 *gt1, const blst_fp12 *gt2); -#endif - -#ifdef __BLST_CGO__ -typedef limb_t blst_pairing; -#elif defined(__BLST_RUST_BINDGEN__) -typedef struct {} blst_pairing; -#else -typedef struct blst_opaque blst_pairing; -#endif - -size_t blst_pairing_sizeof(void); -void blst_pairing_init(blst_pairing *new_ctx, bool hash_or_encode, - const byte *DST DEFNULL, size_t DST_len DEFNULL); -const byte *blst_pairing_get_dst(const blst_pairing *ctx); -void blst_pairing_commit(blst_pairing *ctx); -BLST_ERROR blst_pairing_aggregate_pk_in_g2(blst_pairing *ctx, - const blst_p2_affine *PK, - const blst_p1_affine *signature, - const byte *msg, size_t msg_len, - const byte *aug DEFNULL, - size_t aug_len DEFNULL); -BLST_ERROR blst_pairing_chk_n_aggr_pk_in_g2(blst_pairing *ctx, - const blst_p2_affine *PK, - bool pk_grpchk, - const blst_p1_affine *signature, - bool sig_grpchk, - const byte *msg, size_t msg_len, - const byte *aug DEFNULL, - size_t aug_len DEFNULL); -BLST_ERROR blst_pairing_mul_n_aggregate_pk_in_g2(blst_pairing *ctx, - const blst_p2_affine *PK, - const blst_p1_affine *sig, - const byte *scalar, - size_t nbits, - const byte *msg, - size_t msg_len, - const byte *aug DEFNULL, - size_t aug_len DEFNULL); -BLST_ERROR blst_pairing_chk_n_mul_n_aggr_pk_in_g2(blst_pairing *ctx, - const blst_p2_affine *PK, - bool pk_grpchk, - const blst_p1_affine *sig, - bool sig_grpchk, - const byte *scalar, - size_t nbits, - const byte *msg, - size_t msg_len, - const byte *aug DEFNULL, - size_t aug_len DEFNULL); -BLST_ERROR blst_pairing_aggregate_pk_in_g1(blst_pairing *ctx, - const blst_p1_affine *PK, - const blst_p2_affine *signature, - const byte *msg, size_t msg_len, - const byte *aug DEFNULL, - size_t aug_len DEFNULL); -BLST_ERROR blst_pairing_chk_n_aggr_pk_in_g1(blst_pairing *ctx, - const blst_p1_affine *PK, - bool pk_grpchk, - const blst_p2_affine *signature, - bool sig_grpchk, - const byte *msg, size_t msg_len, - const byte *aug DEFNULL, - size_t aug_len DEFNULL); -BLST_ERROR blst_pairing_mul_n_aggregate_pk_in_g1(blst_pairing *ctx, - const blst_p1_affine *PK, - const blst_p2_affine *sig, - const byte *scalar, - size_t nbits, - const byte *msg, - size_t msg_len, - const byte *aug DEFNULL, - size_t aug_len DEFNULL); -BLST_ERROR blst_pairing_chk_n_mul_n_aggr_pk_in_g1(blst_pairing *ctx, - const blst_p1_affine *PK, - bool pk_grpchk, - const blst_p2_affine *sig, - bool sig_grpchk, - const byte *scalar, - size_t nbits, - const byte *msg, - size_t msg_len, - const byte *aug DEFNULL, - size_t aug_len DEFNULL); -BLST_ERROR blst_pairing_merge(blst_pairing *ctx, const blst_pairing *ctx1); -bool blst_pairing_finalverify(const blst_pairing *ctx, - const blst_fp12 *gtsig DEFNULL); - - -/* - * Customarily applications aggregate signatures separately. - * In which case application would have to pass NULLs for |signature| - * to blst_pairing_aggregate calls and pass aggregated signature - * collected with these calls to blst_pairing_finalverify. Inputs are - * Zcash-compatible "straight-from-wire" byte vectors, compressed or - * not. - */ -BLST_ERROR blst_aggregate_in_g1(blst_p1 *out, const blst_p1 *in, - const byte *zwire); -BLST_ERROR blst_aggregate_in_g2(blst_p2 *out, const blst_p2 *in, - const byte *zwire); - -void blst_aggregated_in_g1(blst_fp12 *out, const blst_p1_affine *signature); -void blst_aggregated_in_g2(blst_fp12 *out, const blst_p2_affine *signature); - -/* - * "One-shot" CoreVerify entry points. - */ -BLST_ERROR blst_core_verify_pk_in_g1(const blst_p1_affine *pk, - const blst_p2_affine *signature, - bool hash_or_encode, - const byte *msg, size_t msg_len, - const byte *DST DEFNULL, - size_t DST_len DEFNULL, - const byte *aug DEFNULL, - size_t aug_len DEFNULL); -BLST_ERROR blst_core_verify_pk_in_g2(const blst_p2_affine *pk, - const blst_p1_affine *signature, - bool hash_or_encode, - const byte *msg, size_t msg_len, - const byte *DST DEFNULL, - size_t DST_len DEFNULL, - const byte *aug DEFNULL, - size_t aug_len DEFNULL); - -extern const blst_p1_affine BLS12_381_G1; -extern const blst_p1_affine BLS12_381_NEG_G1; -extern const blst_p2_affine BLS12_381_G2; -extern const blst_p2_affine BLS12_381_NEG_G2; - -#include "blst_aux.h" - -#ifdef __cplusplus -} -#endif -#endif diff --git a/bindings/go/blst_headers/blst_aux.h b/bindings/go/blst_headers/blst_aux.h deleted file mode 100644 index 184a02de2..000000000 --- a/bindings/go/blst_headers/blst_aux.h +++ /dev/null @@ -1,111 +0,0 @@ -/* - * Copyright Supranational LLC - * Licensed under the Apache License, Version 2.0, see LICENSE for details. - * SPDX-License-Identifier: Apache-2.0 - */ -#ifndef __BLST_AUX_H__ -#define __BLST_AUX_H__ -/* - * This file lists interfaces that might be promoted to blst.h or removed, - * depending on their proven/unproven worthiness. - */ - -void blst_fr_to(blst_fr *ret, const blst_fr *a); -void blst_fr_from(blst_fr *ret, const blst_fr *a); - -void blst_fp_to(blst_fp *ret, const blst_fp *a); -void blst_fp_from(blst_fp *ret, const blst_fp *a); - -bool blst_fp_is_square(const blst_fp *a); -bool blst_fp2_is_square(const blst_fp2 *a); - -void blst_p1_from_jacobian(blst_p1 *out, const blst_p1 *in); -void blst_p2_from_jacobian(blst_p2 *out, const blst_p2 *in); - -/* - * Below functions produce both point and deserialized outcome of - * SkToPk and Sign. However, deserialized outputs are pre-decorated - * with sign and infinity bits. This means that you have to bring the - * output into compliance prior returning to application. If you want - * compressed point value, then do [equivalent of] - * - * byte temp[96]; - * blst_sk_to_pk2_in_g1(temp, out_pk, SK); - * temp[0] |= 0x80; - * memcpy(out, temp, 48); - * - * Otherwise do - * - * blst_sk_to_pk2_in_g1(out, out_pk, SK); - * out[0] &= ~0x20; - * - * Either |out| or |out_| can be NULL. - */ -void blst_sk_to_pk2_in_g1(byte out[96], blst_p1_affine *out_pk, - const blst_scalar *SK); -void blst_sign_pk2_in_g1(byte out[192], blst_p2_affine *out_sig, - const blst_p2 *hash, const blst_scalar *SK); -void blst_sk_to_pk2_in_g2(byte out[192], blst_p2_affine *out_pk, - const blst_scalar *SK); -void blst_sign_pk2_in_g2(byte out[96], blst_p1_affine *out_sig, - const blst_p1 *hash, const blst_scalar *SK); - -#ifdef __BLST_RUST_BINDGEN__ -typedef struct {} blst_uniq; -#else -typedef struct blst_opaque blst_uniq; -#endif - -size_t blst_uniq_sizeof(size_t n_nodes); -void blst_uniq_init(blst_uniq *tree); -bool blst_uniq_test(blst_uniq *tree, const byte *msg, size_t len); - -#ifdef expand_message_xmd -void expand_message_xmd(unsigned char *bytes, size_t len_in_bytes, - const unsigned char *aug, size_t aug_len, - const unsigned char *msg, size_t msg_len, - const unsigned char *DST, size_t DST_len); -#else -void blst_expand_message_xmd(byte *out, size_t out_len, - const byte *msg, size_t msg_len, - const byte *DST, size_t DST_len); -#endif - -void blst_p1_unchecked_mult(blst_p1 *out, const blst_p1 *p, const byte *scalar, - size_t nbits); -void blst_p2_unchecked_mult(blst_p2 *out, const blst_p2 *p, const byte *scalar, - size_t nbits); - -void blst_pairing_raw_aggregate(blst_pairing *ctx, const blst_p2_affine *q, - const blst_p1_affine *p); -blst_fp12 *blst_pairing_as_fp12(blst_pairing *ctx); -void blst_bendian_from_fp12(byte out[48*12], const blst_fp12 *a); - -void blst_keygen_v3(blst_scalar *out_SK, const byte *IKM, size_t IKM_len, - const byte *info DEFNULL, size_t info_len DEFNULL); -void blst_keygen_v4_5(blst_scalar *out_SK, const byte *IKM, size_t IKM_len, - const byte *salt, size_t salt_len, - const byte *info DEFNULL, size_t info_len DEFNULL); -void blst_keygen_v5(blst_scalar *out_SK, const byte *IKM, size_t IKM_len, - const byte *salt, size_t salt_len, - const byte *info DEFNULL, size_t info_len DEFNULL); -void blst_derive_master_eip2333(blst_scalar *out_SK, - const byte *IKM, size_t IKM_len); -void blst_derive_child_eip2333(blst_scalar *out_SK, const blst_scalar *SK, - uint32_t child_index); - -void blst_scalar_from_hexascii(blst_scalar *out, const byte *hex); -void blst_fr_from_hexascii(blst_fr *ret, const byte *hex); -void blst_fp_from_hexascii(blst_fp *ret, const byte *hex); - -size_t blst_p1_sizeof(void); -size_t blst_p1_affine_sizeof(void); -size_t blst_p2_sizeof(void); -size_t blst_p2_affine_sizeof(void); -size_t blst_fp12_sizeof(void); - -/* - * Single-shot SHA-256 hash function. - */ -void blst_sha256(byte out[32], const byte *msg, size_t msg_len); -#endif diff --git a/bindings/go/header.h b/bindings/go/header.h new file mode 100644 index 000000000..b4c2ca99b --- /dev/null +++ b/bindings/go/header.h @@ -0,0 +1,25 @@ +/* + * Default to the mainnet preset. + */ +#ifndef FIELD_ELEMENTS_PER_BLOB +#define FIELD_ELEMENTS_PER_BLOB 4096 +#endif + +/* + * The types from blst.h that C-KZG-4844 uses: + */ +typedef unsigned char byte; +typedef long long unsigned int limb_t; +typedef struct { byte b[256/8]; } blst_scalar; +typedef struct { limb_t l[256/8/sizeof(limb_t)]; } blst_fr; +typedef struct { limb_t l[384/8/sizeof(limb_t)]; } blst_fp; +typedef struct { blst_fp fp[2]; } blst_fp2; +typedef struct { blst_fp2 fp2[3]; } blst_fp6; +typedef struct { blst_fp6 fp6[2]; } blst_fp12; +typedef struct { blst_fp x, y, z; } blst_p1; +typedef struct { blst_fp x, y; } blst_p1_affine; +typedef struct { blst_fp2 x, y, z; } blst_p2; +typedef struct { blst_fp2 x, y; } blst_p2_affine; + +#include "server.c" +#include "c_kzg_4844.c" diff --git a/bindings/go/main.go b/bindings/go/main.go index aa7f14166..9e7fb1c8e 100644 --- a/bindings/go/main.go +++ b/bindings/go/main.go @@ -1,11 +1,11 @@ package ckzg4844 +// #cgo CFLAGS: -O2 -D__BLST_PORTABLE__ -D__GO_BINDINGS__ +// #cgo CFLAGS: -Wno-incompatible-pointer-types // #cgo CFLAGS: -I${SRCDIR}/../../src -// #cgo CFLAGS: -I${SRCDIR}/blst_headers -// #ifndef FIELD_ELEMENTS_PER_BLOB -// #define FIELD_ELEMENTS_PER_BLOB 4096 -// #endif -// #include "c_kzg_4844.c" +// #cgo CFLAGS: -I${SRCDIR}/../../blst/src +// #cgo CFLAGS: -I${SRCDIR}/../../blst/build +// #include "header.h" import "C" import ( @@ -13,9 +13,6 @@ import ( "errors" "fmt" "unsafe" - - // So its functions are available during compilation. - _ "github.com/supranational/blst/bindings/go" ) const ( diff --git a/go.mod b/go.mod index c35199f44..0b4e4c2c1 100644 --- a/go.mod +++ b/go.mod @@ -1,14 +1,8 @@ module github.com/ethereum/c-kzg-4844 -go 1.19 +go 1.13 require ( github.com/stretchr/testify v1.8.1 - github.com/supranational/blst v0.3.11-0.20230406105308-e9dfc5ee724b gopkg.in/yaml.v3 v3.0.1 ) - -require ( - github.com/davecgh/go-spew v1.1.1 // indirect - github.com/pmezard/go-difflib v1.0.0 // indirect -) diff --git a/go.sum b/go.sum index 94901857a..2ec90f70f 100644 --- a/go.sum +++ b/go.sum @@ -10,8 +10,6 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/supranational/blst v0.3.11-0.20230406105308-e9dfc5ee724b h1:u49mjRnygnB34h8OKbnNJFVUtWSKIKb1KukdV8bILUM= -github.com/supranational/blst v0.3.11-0.20230406105308-e9dfc5ee724b/go.mod h1:jZJtfjgudtNl4en1tzwPIV3KjUnQUvG3/j+w+fVonLw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/src/c_kzg_4844.h b/src/c_kzg_4844.h index d6c67c4a6..c8e1fe9b0 100644 --- a/src/c_kzg_4844.h +++ b/src/c_kzg_4844.h @@ -26,7 +26,13 @@ #include #include +/* + * We are currently doing a hack in the Go bindings to force them to always use + * the portable version of blst. That hack requires we not include this. + */ +#ifndef __GO_BINDINGS__ #include "blst.h" +#endif /* __GO_BINDINGS__ */ #ifdef __cplusplus extern "C" {