Safe Haskell	Safe-Inferred
Language	Haskell2010

Cardano.Crypto.EllipticCurve.BLS12_381

Contents

Types
BLS Class
Point / Group operations
PT operations
Pairings
The period (modulo) of scalars

Synopsis

data Point curve
type Point1 = Point Curve1
type Point2 = Point Curve2
data PT
data Curve1
data Curve2
data BLSTError
- = BLST_SUCCESS
- | BLST_BAD_ENCODING
- | BLST_POINT_NOT_ON_CURVE
- | BLST_POINT_NOT_IN_GROUP
- | BLST_AGGR_TYPE_MISMATCH
- | BLST_VERIFY_FAIL
- | BLST_PK_IS_INFINITY
- | BLST_BAD_SCALAR
- | BLST_UNKNOWN_ERROR
class BLS curve
blsInGroup ∷ BLS curve ⇒ Point curve → Bool
blsAddOrDouble ∷ BLS curve ⇒ Point curve → Point curve → Point curve
blsMult ∷ BLS curve ⇒ Point curve → Integer → Point curve
blsCneg ∷ BLS curve ⇒ Point curve → Bool → Point curve
blsNeg ∷ BLS curve ⇒ Point curve → Point curve
blsMSM ∷ ∀ curve. BLS curve ⇒ Int → [(Integer, Point curve)] → Point curve
blsCompress ∷ ∀ curve. BLS curve ⇒ Point curve → ByteString
blsSerialize ∷ ∀ curve. BLS curve ⇒ Point curve → ByteString
blsUncompress ∷ ∀ curve. BLS curve ⇒ ByteString → Either BLSTError (Point curve)
blsDeserialize ∷ ∀ curve. BLS curve ⇒ ByteString → Either BLSTError (Point curve)
blsHash ∷ BLS curve ⇒ ByteString → Maybe ByteString → Maybe ByteString → Point curve
blsGenerator ∷ BLS curve ⇒ Point curve
blsIsInf ∷ BLS curve ⇒ Point curve → Bool
ptMult ∷ PT → PT → PT
ptFinalVerify ∷ PT → PT → Bool
millerLoop ∷ Point1 → Point2 → PT
scalarPeriod ∷ Integer

Types

data Point curve Source #

A point on an elliptic curve. This type guarantees that the point is part of the | prime order subgroup.

Instances

Instances details

BLS curve ⇒ Eq (Point curve) Source #
Instance details Defined in Cardano.Crypto.EllipticCurve.BLS12_381.Internal Methods (==) ∷ Point curve → Point curve → Bool # (/=) ∷ Point curve → Point curve → Bool #

type Point1 = Point Curve1 Source #

type Point2 = Point Curve2 Source #

data PT Source #

Target element without the final exponantiation. By defining target elements | as such, we save up the final exponantiation when computing a pairing, and only | compute it when necessary (e.g. comparison with another point or serialisation)

Instances

Instances details

Eq PT Source #
Instance details Defined in Cardano.Crypto.EllipticCurve.BLS12_381.Internal Methods (==) ∷ PT → PT → Bool # (/=) ∷ PT → PT → Bool #

data Curve1 Source #

Instances

Instances details

BLS Curve1 Source #

Instance details

Defined in Cardano.Crypto.EllipticCurve.BLS12_381.Internal

Methods

c_blst_on_curve ∷ PointPtr Curve1 → IO Bool Source #

c_blst_add_or_double ∷ PointPtr Curve1 → PointPtr Curve1 → PointPtr Curve1 → IO () Source #

c_blst_mult ∷ PointPtr Curve1 → PointPtr Curve1 → ScalarPtr → CSize → IO () Source #

c_blst_cneg ∷ PointPtr Curve1 → Bool → IO () Source #

c_blst_scratch_sizeof ∷ Proxy Curve1 → CSize → CSize Source #

c_blst_to_affines ∷ AffineBlockPtr Curve1 → PointArrayPtr Curve1 → CSize → IO () Source #

c_blst_mult_pippenger ∷ PointPtr Curve1 → AffineArrayPtr Curve1 → CSize → ScalarArrayPtr → CSize → ScratchPtr → IO () Source #

c_blst_hash ∷ PointPtr Curve1 → Ptr CChar → CSize → Ptr CChar → CSize → Ptr CChar → CSize → IO () Source #

c_blst_compress ∷ Ptr CChar → PointPtr Curve1 → IO () Source #

c_blst_serialize ∷ Ptr CChar → PointPtr Curve1 → IO () Source #

c_blst_uncompress ∷ AffinePtr Curve1 → Ptr CChar → IO CInt Source #

c_blst_deserialize ∷ AffinePtr Curve1 → Ptr CChar → IO CInt Source #

c_blst_in_g ∷ PointPtr Curve1 → IO Bool Source #

c_blst_to_affine ∷ AffinePtr Curve1 → PointPtr Curve1 → IO () Source #

c_blst_from_affine ∷ PointPtr Curve1 → AffinePtr Curve1 → IO () Source #

c_blst_affine_in_g ∷ AffinePtr Curve1 → IO Bool Source #

c_blst_generator ∷ PointPtr Curve1 Source #

c_blst_p_is_equal ∷ PointPtr Curve1 → PointPtr Curve1 → IO Bool Source #

c_blst_p_is_inf ∷ PointPtr Curve1 → IO Bool Source #

sizePoint_ ∷ Proxy Curve1 → CSize

serializedSizePoint_ ∷ Proxy Curve1 → CSize

compressedSizePoint_ ∷ Proxy Curve1 → CSize

sizeAffine_ ∷ Proxy Curve1 → CSize

data Curve2 Source #

Instances

Instances details

BLS Curve2 Source #

Instance details

Defined in Cardano.Crypto.EllipticCurve.BLS12_381.Internal

Methods

c_blst_on_curve ∷ PointPtr Curve2 → IO Bool Source #

c_blst_add_or_double ∷ PointPtr Curve2 → PointPtr Curve2 → PointPtr Curve2 → IO () Source #

c_blst_mult ∷ PointPtr Curve2 → PointPtr Curve2 → ScalarPtr → CSize → IO () Source #

c_blst_cneg ∷ PointPtr Curve2 → Bool → IO () Source #

c_blst_scratch_sizeof ∷ Proxy Curve2 → CSize → CSize Source #

c_blst_to_affines ∷ AffineBlockPtr Curve2 → PointArrayPtr Curve2 → CSize → IO () Source #

c_blst_mult_pippenger ∷ PointPtr Curve2 → AffineArrayPtr Curve2 → CSize → ScalarArrayPtr → CSize → ScratchPtr → IO () Source #

c_blst_hash ∷ PointPtr Curve2 → Ptr CChar → CSize → Ptr CChar → CSize → Ptr CChar → CSize → IO () Source #

c_blst_compress ∷ Ptr CChar → PointPtr Curve2 → IO () Source #

c_blst_serialize ∷ Ptr CChar → PointPtr Curve2 → IO () Source #

c_blst_uncompress ∷ AffinePtr Curve2 → Ptr CChar → IO CInt Source #

c_blst_deserialize ∷ AffinePtr Curve2 → Ptr CChar → IO CInt Source #

c_blst_in_g ∷ PointPtr Curve2 → IO Bool Source #

c_blst_to_affine ∷ AffinePtr Curve2 → PointPtr Curve2 → IO () Source #

c_blst_from_affine ∷ PointPtr Curve2 → AffinePtr Curve2 → IO () Source #

c_blst_affine_in_g ∷ AffinePtr Curve2 → IO Bool Source #

c_blst_generator ∷ PointPtr Curve2 Source #

c_blst_p_is_equal ∷ PointPtr Curve2 → PointPtr Curve2 → IO Bool Source #

c_blst_p_is_inf ∷ PointPtr Curve2 → IO Bool Source #

sizePoint_ ∷ Proxy Curve2 → CSize

serializedSizePoint_ ∷ Proxy Curve2 → CSize

compressedSizePoint_ ∷ Proxy Curve2 → CSize

sizeAffine_ ∷ Proxy Curve2 → CSize

data BLSTError Source #

Constructors

BLST_SUCCESS
BLST_BAD_ENCODING
BLST_POINT_NOT_ON_CURVE
BLST_POINT_NOT_IN_GROUP
BLST_AGGR_TYPE_MISMATCH
BLST_VERIFY_FAIL
BLST_PK_IS_INFINITY
BLST_BAD_SCALAR
BLST_UNKNOWN_ERROR

Instances

Instances details

Bounded BLSTError Source #
Instance details Defined in Cardano.Crypto.EllipticCurve.BLS12_381.Internal Methods minBound ∷ BLSTError # maxBound ∷ BLSTError #
Enum BLSTError Source #
Instance details Defined in Cardano.Crypto.EllipticCurve.BLS12_381.Internal Methods succ ∷ BLSTError → BLSTError # pred ∷ BLSTError → BLSTError # toEnum ∷ Int → BLSTError # fromEnum ∷ BLSTError → Int # enumFrom ∷ BLSTError → [BLSTError] # enumFromThen ∷ BLSTError → BLSTError → [BLSTError] # enumFromTo ∷ BLSTError → BLSTError → [BLSTError] # enumFromThenTo ∷ BLSTError → BLSTError → BLSTError → [BLSTError] #
Show BLSTError Source #
Instance details Defined in Cardano.Crypto.EllipticCurve.BLS12_381.Internal Methods showsPrec ∷ Int → BLSTError → ShowS # show ∷ BLSTError → String # showList ∷ [BLSTError] → ShowS #
Eq BLSTError Source #
Instance details Defined in Cardano.Crypto.EllipticCurve.BLS12_381.Internal Methods (==) ∷ BLSTError → BLSTError → Bool # (/=) ∷ BLSTError → BLSTError → Bool #
Ord BLSTError Source #
Instance details Defined in Cardano.Crypto.EllipticCurve.BLS12_381.Internal Methods compare ∷ BLSTError → BLSTError → Ordering # (<) ∷ BLSTError → BLSTError → Bool # (<=) ∷ BLSTError → BLSTError → Bool # (>) ∷ BLSTError → BLSTError → Bool # (>=) ∷ BLSTError → BLSTError → Bool # max ∷ BLSTError → BLSTError → BLSTError # min ∷ BLSTError → BLSTError → BLSTError #

BLS Class

class BLS curve Source #

BLS curve operations. Class methods are low-level; user code will want to use higher-level wrappers such as blsAddOrDouble, blsMult, blsCneg, blsNeg, etc.

Minimal complete definition

c_blst_on_curve, c_blst_add_or_double, c_blst_mult, c_blst_cneg, c_blst_scratch_sizeof, c_blst_to_affines, c_blst_mult_pippenger, c_blst_hash, c_blst_compress, c_blst_serialize, c_blst_uncompress, c_blst_deserialize, c_blst_in_g, c_blst_to_affine, c_blst_from_affine, c_blst_affine_in_g, c_blst_generator, c_blst_p_is_equal, c_blst_p_is_inf, sizePoint_, serializedSizePoint_, compressedSizePoint_, sizeAffine_

Instances

Instances details

BLS Curve1 Source #
Instance details Defined in Cardano.Crypto.EllipticCurve.BLS12_381.Internal Methods c_blst_on_curve ∷ PointPtr Curve1 → IO Bool Source # c_blst_add_or_double ∷ PointPtr Curve1 → PointPtr Curve1 → PointPtr Curve1 → IO () Source # c_blst_mult ∷ PointPtr Curve1 → PointPtr Curve1 → ScalarPtr → CSize → IO () Source # c_blst_cneg ∷ PointPtr Curve1 → Bool → IO () Source # c_blst_scratch_sizeof ∷ Proxy Curve1 → CSize → CSize Source # c_blst_to_affines ∷ AffineBlockPtr Curve1 → PointArrayPtr Curve1 → CSize → IO () Source # c_blst_mult_pippenger ∷ PointPtr Curve1 → AffineArrayPtr Curve1 → CSize → ScalarArrayPtr → CSize → ScratchPtr → IO () Source # c_blst_hash ∷ PointPtr Curve1 → Ptr CChar → CSize → Ptr CChar → CSize → Ptr CChar → CSize → IO () Source # c_blst_compress ∷ Ptr CChar → PointPtr Curve1 → IO () Source # c_blst_serialize ∷ Ptr CChar → PointPtr Curve1 → IO () Source # c_blst_uncompress ∷ AffinePtr Curve1 → Ptr CChar → IO CInt Source # c_blst_deserialize ∷ AffinePtr Curve1 → Ptr CChar → IO CInt Source # c_blst_in_g ∷ PointPtr Curve1 → IO Bool Source # c_blst_to_affine ∷ AffinePtr Curve1 → PointPtr Curve1 → IO () Source # c_blst_from_affine ∷ PointPtr Curve1 → AffinePtr Curve1 → IO () Source # c_blst_affine_in_g ∷ AffinePtr Curve1 → IO Bool Source # c_blst_generator ∷ PointPtr Curve1 Source # c_blst_p_is_equal ∷ PointPtr Curve1 → PointPtr Curve1 → IO Bool Source # c_blst_p_is_inf ∷ PointPtr Curve1 → IO Bool Source # sizePoint_ ∷ Proxy Curve1 → CSize serializedSizePoint_ ∷ Proxy Curve1 → CSize compressedSizePoint_ ∷ Proxy Curve1 → CSize sizeAffine_ ∷ Proxy Curve1 → CSize
BLS Curve2 Source #
Instance details Defined in Cardano.Crypto.EllipticCurve.BLS12_381.Internal Methods c_blst_on_curve ∷ PointPtr Curve2 → IO Bool Source # c_blst_add_or_double ∷ PointPtr Curve2 → PointPtr Curve2 → PointPtr Curve2 → IO () Source # c_blst_mult ∷ PointPtr Curve2 → PointPtr Curve2 → ScalarPtr → CSize → IO () Source # c_blst_cneg ∷ PointPtr Curve2 → Bool → IO () Source # c_blst_scratch_sizeof ∷ Proxy Curve2 → CSize → CSize Source # c_blst_to_affines ∷ AffineBlockPtr Curve2 → PointArrayPtr Curve2 → CSize → IO () Source # c_blst_mult_pippenger ∷ PointPtr Curve2 → AffineArrayPtr Curve2 → CSize → ScalarArrayPtr → CSize → ScratchPtr → IO () Source # c_blst_hash ∷ PointPtr Curve2 → Ptr CChar → CSize → Ptr CChar → CSize → Ptr CChar → CSize → IO () Source # c_blst_compress ∷ Ptr CChar → PointPtr Curve2 → IO () Source # c_blst_serialize ∷ Ptr CChar → PointPtr Curve2 → IO () Source # c_blst_uncompress ∷ AffinePtr Curve2 → Ptr CChar → IO CInt Source # c_blst_deserialize ∷ AffinePtr Curve2 → Ptr CChar → IO CInt Source # c_blst_in_g ∷ PointPtr Curve2 → IO Bool Source # c_blst_to_affine ∷ AffinePtr Curve2 → PointPtr Curve2 → IO () Source # c_blst_from_affine ∷ PointPtr Curve2 → AffinePtr Curve2 → IO () Source # c_blst_affine_in_g ∷ AffinePtr Curve2 → IO Bool Source # c_blst_generator ∷ PointPtr Curve2 Source # c_blst_p_is_equal ∷ PointPtr Curve2 → PointPtr Curve2 → IO Bool Source # c_blst_p_is_inf ∷ PointPtr Curve2 → IO Bool Source # sizePoint_ ∷ Proxy Curve2 → CSize serializedSizePoint_ ∷ Proxy Curve2 → CSize compressedSizePoint_ ∷ Proxy Curve2 → CSize sizeAffine_ ∷ Proxy Curve2 → CSize

Point / Group operations

These work on both curves, and take phantom parameters of type Curve1 or Curve2 to select one of the two provided elliptic curves.

blsInGroup ∷ BLS curve ⇒ Point curve → Bool Source #

Check whether a point is in the group corresponding to its elliptic curve

blsAddOrDouble ∷ BLS curve ⇒ Point curve → Point curve → Point curve Source #

Curve point addition.

blsMult ∷ BLS curve ⇒ Point curve → Integer → Point curve Source #

Scalar multiplication of a curve point. The scalar will be brought into the range of modular arithmetic by means of a modulo operation over the scalarPeriod. Negative number will also be brought to the range [0, scalarPeriod - 1] via modular reduction.

blsCneg ∷ BLS curve ⇒ Point curve → Bool → Point curve Source #

Conditional curve point negation. blsCneg x cond = if cond then neg x else x

blsNeg ∷ BLS curve ⇒ Point curve → Point curve Source #

Unconditional curve point negation

blsMSM ∷ ∀ curve. BLS curve ⇒ Int → [(Integer, Point curve)] → Point curve Source #

Multi-scalar multiplication using the Pippenger algorithm. The scalars will be brought into the range of modular arithmetic by means of a modulo operation over the scalarPeriod. Negative numbers will also be brought to the range [0, scalarPeriod - 1] via modular reduction.

blsCompress ∷ ∀ curve. BLS curve ⇒ Point curve → ByteString Source #

blsSerialize ∷ ∀ curve. BLS curve ⇒ Point curve → ByteString Source #

blsUncompress ∷ ∀ curve. BLS curve ⇒ ByteString → Either BLSTError (Point curve) Source #

blsDeserialize ∷ ∀ curve. BLS curve ⇒ ByteString → Either BLSTError (Point curve) Source #

blsHash ∷ BLS curve ⇒ ByteString → Maybe ByteString → Maybe ByteString → Point curve Source #

blsHash msg mDST mAug generates the elliptic curve blsHash for the given message msg; mDST and mAug are the optional aug and dst arguments.

blsGenerator ∷ BLS curve ⇒ Point curve Source #

blsIsInf ∷ BLS curve ⇒ Point curve → Bool Source #

Infinity check on curve points.

PT operations

ptMult ∷ PT → PT → PT Source #

ptFinalVerify ∷ PT → PT → Bool Source #

Pairings

millerLoop ∷ Point1 → Point2 → PT Source #

The period (modulo) of scalars

scalarPeriod ∷ Integer Source #

The period of scalar modulo operations.