rename curve name

12 files changed, 66 insertions, 57 deletions

diff --git a/ffi/go/mcl/mcl.go b/ffi/go/mcl/mcl.go
index 8a030fc..bce2d56 100644
--- a/ffi/go/mcl/mcl.go
+++ b/ffi/go/mcl/mcl.go
@@ -18,6 +18,9 @@ const CurveFp382_1 = C.mclBn_CurveFp382_1
 // CurveFp382_2 -- 382 bit curve 2
 const CurveFp382_2 = C.mclBn_CurveFp382_2
 
+// BLS12_381
+const BLS12_381 = C.MCL_BLS12_381
+
 // Init --
 // call this function before calling all the other operations
 // this function is not thread safe
@@ -102,7 +105,7 @@ func (x *Fr) SetString(s string, base int) error {
 func (x *Fr) Deserialize(buf []byte) error {
 	// #nosec
 	err := C.mclBnFr_deserialize(x.getPointer(), unsafe.Pointer(&buf[0]), C.size_t(len(buf)))
-	if err != 0 {
+	if err == 0 {
 		return fmt.Errorf("err mclBnFr_deserialize %x", buf)
 	}
 	return nil
@@ -231,7 +234,7 @@ func (x *G1) SetString(s string, base int) error {
 func (x *G1) Deserialize(buf []byte) error {
 	// #nosec
 	err := C.mclBnG1_deserialize(x.getPointer(), unsafe.Pointer(&buf[0]), C.size_t(len(buf)))
-	if err != 0 {
+	if err == 0 {
 		return fmt.Errorf("err mclBnG1_deserialize %x", buf)
 	}
 	return nil
@@ -341,7 +344,7 @@ func (x *G2) SetString(s string, base int) error {
 func (x *G2) Deserialize(buf []byte) error {
 	// #nosec
 	err := C.mclBnG2_deserialize(x.getPointer(), unsafe.Pointer(&buf[0]), C.size_t(len(buf)))
-	if err != 0 {
+	if err == 0 {
 		return fmt.Errorf("err mclBnG2_deserialize %x", buf)
 	}
 	return nil
@@ -452,7 +455,7 @@ func (x *GT) SetString(s string, base int) error {
 func (x *GT) Deserialize(buf []byte) error {
 	// #nosec
 	err := C.mclBnGT_deserialize(x.getPointer(), unsafe.Pointer(&buf[0]), C.size_t(len(buf)))
-	if err != 0 {
+	if err == 0 {
 		return fmt.Errorf("err mclBnGT_deserialize %x", buf)
 	}
 	return nil
diff --git a/ffi/go/mcl/mcl_test.go b/ffi/go/mcl/mcl_test.go
index b1e0aba..85900be 100644
--- a/ffi/go/mcl/mcl_test.go
+++ b/ffi/go/mcl/mcl_test.go
@@ -124,7 +124,7 @@ func TestMclMain(t *testing.T) {
 	if GetMaxOpUnitSize() == 6 {
 		t.Log("CurveFp382_1")
 		testMcl(t, CurveFp382_1)
-		t.Log("CurveFp382_2")
-		testMcl(t, CurveFp382_2)
+		t.Log("BLS12_381")
+		testMcl(t, BLS12_381)
 	}
 }
diff --git a/include/mcl/bn.h b/include/mcl/bn.h
index b141f5e..1140c42 100644
--- a/include/mcl/bn.h
+++ b/include/mcl/bn.h
@@ -134,6 +134,7 @@ MCLBN_DLL_API int mclBn_getOpUnitSize();
 	58 if mclBn_CurveFpA462
 */
 MCLBN_DLL_API int mclBn_getG1ByteSize();
+MCLBN_DLL_API int mclBn_getFrByteSize();
 
 /*
 	return decimal string of the order of the curve(=the characteristic of Fr)
diff --git a/include/mcl/bn.hpp b/include/mcl/bn.hpp
index f8c5b85..b25f76c 100644
--- a/include/mcl/bn.hpp
+++ b/include/mcl/bn.hpp
@@ -37,10 +37,10 @@ struct CurveParam {
 	bool operator!=(const CurveParam& rhs) const { return !operator==(rhs); }
 };
 
-const CurveParam BN254BNb = { "-0x4080000000000001", 2, 1, false, MCL_BN254BNb }; // -(2^62 + 2^55 + 1)
+const CurveParam BN254 = { "-0x4080000000000001", 2, 1, false, MCL_BN254 }; // -(2^62 + 2^55 + 1)
 // provisional(experimental) param with maxBitSize = 384
-const CurveParam BN382_1 = { "-0x400011000000000000000001", 2, 1, false, MCL_BN382_1 }; // -(2^94 + 2^76 + 2^72 + 1) // A Family of Implementation-Friendly BN Elliptic Curves
-const CurveParam BN382_2 = { "-0x400040090001000000000001", 2, 1, false, MCL_BN382_2 }; // -(2^94 + 2^78 + 2^67 + 2^64 + 2^48 + 1) // used in relic-toolkit
+const CurveParam BN381_1 = { "-0x400011000000000000000001", 2, 1, false, MCL_BN381_1 }; // -(2^94 + 2^76 + 2^72 + 1) // A Family of Implementation-Friendly BN Elliptic Curves
+const CurveParam BN381_2 = { "-0x400040090001000000000001", 2, 1, false, MCL_BN381_2 }; // -(2^94 + 2^78 + 2^67 + 2^64 + 2^48 + 1) // used in relic-toolkit
 const CurveParam BN462 = { "0x4001fffffffffffffffffffffbfff", 5, 2, false, MCL_BN462 }; // 2^114 + 2^101 - 2^14 - 1 // https://eprint.iacr.org/2017/334
 const CurveParam BN_SNARK1 = { "4965661367192848881", 3, 9, false, MCL_BN_SNARK1 };
 const CurveParam BLS12_381 = { "-0xd201000000010000", 4, 1, true, MCL_BLS12_381 };
@@ -48,9 +48,9 @@ const CurveParam BLS12_381 = { "-0xd201000000010000", 4, 1, true, MCL_BLS12_381
 inline const CurveParam& getCurveParam(int type)
 {
 	switch (type) {
-	case MCL_BN254BNb: return mcl::BN254BNb;
-	case MCL_BN382_1: return mcl::BN382_1;
-	case MCL_BN382_2: return mcl::BN382_2;
+	case MCL_BN254: return mcl::BN254;
+	case MCL_BN381_1: return mcl::BN381_1;
+	case MCL_BN381_2: return mcl::BN381_2;
 	case MCL_BN462: return mcl::BN462;
 	case MCL_BN_SNARK1: return mcl::BN_SNARK1;
 	case MCL_BLS12_381: return mcl::BLS12_381;
@@ -990,7 +990,7 @@ struct BNT {
 		if (isNegative) s = -s;
 		param.glv2.pow(z, x, s, constTime);
 	}
-	static void init(const mcl::CurveParam& cp = mcl::BN254BNb, fp::Mode mode = fp::FP_AUTO)
+	static void init(const mcl::CurveParam& cp = mcl::BN254, fp::Mode mode = fp::FP_AUTO)
 	{
 		param.init(cp, mode);
 		G2withF::init(cp.isMtype);
@@ -1013,7 +1013,7 @@ struct BNT {
 	static void pow_z(Fp12& y, const Fp12& x)
 	{
 #if 1
-		if (param.cp.curveType == MCL_BN254BNb) {
+		if (param.cp.curveType == MCL_BN254) {
 			Compress::fixed_power(y, x);
 		} else {
 			Fp12 orgX = x;
@@ -1824,9 +1824,9 @@ util::ParamT<Fp> BNT<Fp>::param;
 
 // backward compatibility
 using mcl::CurveParam;
-static const CurveParam& CurveFp254BNb = BN254BNb;
-static const CurveParam& CurveFp382_1 = BN382_1;
-static const CurveParam& CurveFp382_2 = BN382_2;
+static const CurveParam& CurveFp254BNb = BN254;
+static const CurveParam& CurveFp382_1 = BN381_1;
+static const CurveParam& CurveFp382_2 = BN381_2;
 static const CurveParam& CurveFp462 = BN462;
 static const CurveParam& CurveSNARK1 = BN_SNARK1;
 
diff --git a/include/mcl/curve_type.h b/include/mcl/curve_type.h
index b7b0118..537ce11 100644
--- a/include/mcl/curve_type.h
+++ b/include/mcl/curve_type.h
@@ -8,9 +8,9 @@
 */
 
 enum {
-	MCL_BN254BNb = 0,
-	MCL_BN382_1 = 1,
-	MCL_BN382_2 = 2,
+	MCL_BN254 = 0,
+	MCL_BN381_1 = 1,
+	MCL_BN381_2 = 2,
 	MCL_BN462 = 3,
 	MCL_BN_SNARK1 = 4,
 	MCL_BLS12_381 = 5
diff --git a/readme.md b/readme.md
index 6517e32..bea95da 100644
--- a/readme.md
+++ b/readme.md
@@ -22,15 +22,15 @@ The current version supports the optimal Ate pairing over BN curves.
 

 p(z) = 36z^4 + 36z^3 + 24z^2 + 6z + 1.

 

-* CurveFp254BNb ; a BN curve over the 254-bit prime p(z) where z = -(2^62 + 2^55 + 1).

-* CurveSNARK1 ; a BN curve over a 254-bit prime p such that n := p + 1 - t has high 2-adicity.

-* CurveFp381 ; a BN curve over the 381-bit prime p(z) where z = -(2^94 + 2^76 + 2^72 + 1).

-* CurveFp462 ; a BN curve over the 462-bit prime p(z) where z = 2^114 + 2^101 - 2^14 - 1.

-* mcl::BLS12_381 ; new [a BLS12-381 curve](https://blog.z.cash/new-snark-curve/)

+* BN254 ; a BN curve over the 254-bit prime p(z) where z = -(2^62 + 2^55 + 1).

+* BN\_SNARK1 ; a BN curve over a 254-bit prime p such that n := p + 1 - t has high 2-adicity.

+* BN381\_1 ; a BN curve over the 381-bit prime p(z) where z = -(2^94 + 2^76 + 2^72 + 1).

+* BN462 ; a BN curve over the 462-bit prime p(z) where z = 2^114 + 2^101 - 2^14 - 1.

+* BLS12\_381 ; new [a BLS12-381 curve](https://blog.z.cash/new-snark-curve/)

 

 # Benchmark

 

-A benchmark of a BN curve CurveFp254BNb(2016/12/25).

+A benchmark of a BN curve BN254(2016/12/25).

 

 * x64, x86 ; Inte Core i7-6700 3.4GHz(Skylake) upto 4GHz on Ubuntu 16.04.

     * `sudo cpufreq-set -g performance`

@@ -54,17 +54,17 @@ cmake -DARITH=x64-asm-254 -DFP_PRIME=254 -DFPX_METHD="INTEG;INTEG;LAZYR" -DPP_ME
 

 For JavaScript(WebAssembly), see [ID based encryption demo](https://herumi.github.io/mcl-wasm/ibe-demo.html).

 

-paramter        |  x64| Firefox on x64|Safari on iPhone7|

-----------------|-----|---------------|-----------------|

-CurveFpBN254BNb | 0.29|           2.48|             4.78|

-CurveFp382_1    | 0.95|           7.91|            11.74|

-CurveFp462      | 2.16|          14.73|            22.77|

+paramter   |  x64| Firefox on x64|Safari on iPhone7|

+-----------|-----|---------------|-----------------|

+BN254      | 0.29|           2.48|             4.78|

+BN381\_1   | 0.95|           7.91|            11.74|

+BN462      | 2.16|          14.73|            22.77|

 

 * x64 : 'Kaby Lake Core i7-7700(3.6GHz)'.

 * Firefox : 64-bit version 58.

 * iPhone7 : iOS 11.2.1.

-* CurveFpBN254BNb is by `test/bn_test.cpp`.

-* CurveFp382_1 and CurveFp462 are  by `test/bn512_test.cpp`.

+* BN254 is by `test/bn_test.cpp`.

+* BN381\_1 and CurveFp462 are  by `test/bn512_test.cpp`.

 * All the timings  are given in ms(milliseconds).

 

 The other benchmark results are [bench.txt](bench.txt).

@@ -85,7 +85,7 @@ git clone git://github.com/herumi/cybozulib
 git clone git://github.com/herumi/xbyak ; for only x86/x64

 git clone git://github.com/herumi/cybozulib_ext ; for only Windows

 ```

-* Cybozulib_ext is a prerequisite for running OpenSSL and GMP on VC (Visual C++).

+* Cybozulib\_ext is a prerequisite for running OpenSSL and GMP on VC (Visual C++).

 

 # Build and test on x86-64 Linux, macOS, ARM and ARM64 Linux

 To make lib/libmcl.a and test it:

@@ -157,7 +157,7 @@ emcc -O3 -I ./include/ -I ../cybozulib/include/ src/fp.cpp test/bn_test.cpp -DND
 emrun --no_browser --port 8080 --no_emrun_detect .

 ```

 and open `http://<address>:8080/t.html`.

-The timing of a pairing on `CurveFp254BNb` is 2.8msec on 64-bit Firefox with Skylake 3.4GHz.

+The timing of a pairing on `BN254` is 2.8msec on 64-bit Firefox with Skylake 3.4GHz.

 

 ### Node.js

 

@@ -200,17 +200,17 @@ If you want to remove '_dy` of so files, then `makeSHARE_BASENAME_SUF=`.
 Call `mcl::bn256::initPairing` before calling any operations.

 ```

 #include <mcl/bn256.hpp>

-mcl::bn::CurveParam cp = mcl::bn::CurveFp254BNb; // or mcl::bn::CurveSNARK1

+mcl::bn::CurveParam cp = mcl::BN254; // or mcl::BN_SNARK1

 mcl::bn256::initPairing(cp);

 mcl::bn256::G1 P(...);

 mcl::bn256::G2 Q(...);

 mcl::bn256::Fp12 e;

 mcl::bn256::BN::pairing(e, P, Q);

 ```

-1. (CurveFp254BNb) a BN curve over the 254-bit prime p = p(z) where z = -(2^62 + 2^55 + 1).

-2. (CurveSNARK1) a BN curve over a 254-bit prime p such that n := p + 1 - t has high 2-adicity.

-3. CurveFp381 with `mcl/bn384.hpp`.

-4. CurveFp462 with `mcl/bn512.hpp`.

+1. (BN254) a BN curve over the 254-bit prime p = p(z) where z = -(2^62 + 2^55 + 1).

+2. (BN_SNARK1) a BN curve over a 254-bit prime p such that n := p + 1 - t has high 2-adicity.

+3. BN381_1 with `mcl/bn384.hpp`.

+4. BN462 with `mcl/bn512.hpp`.

 

 See [test/bn_test.cpp](https://github.com/herumi/mcl/blob/master/test/bn_test.cpp).

 

diff --git a/src/bn_c_impl.hpp b/src/bn_c_impl.hpp
index 9c3ee2a..1e00084 100644
--- a/src/bn_c_impl.hpp
+++ b/src/bn_c_impl.hpp
@@ -144,6 +144,11 @@ int mclBn_getG1ByteSize()
 	return (int)Fp::getByteSize();
 }
 
+int mclBn_getFrByteSize()
+{
+	return (int)Fr::getByteSize();
+}
+
 mclSize copyStrAndReturnSize(char *buf, mclSize maxBufSize, const std::string& str)
 {
 	if (str.size() >= maxBufSize) return 0;
diff --git a/src/she_c_impl.hpp b/src/she_c_impl.hpp
index 9c2c9dc..ca00903 100644
--- a/src/she_c_impl.hpp
+++ b/src/she_c_impl.hpp
@@ -61,14 +61,14 @@ int sheInit(int curve, int maxUnitSize)
 
 	mcl::CurveParam cp;
 	switch (curve) {
-	case MCL_BN254BNb:
-		cp = mcl::BN254BNb;
+	case MCL_BN254:
+		cp = mcl::BN254;
 		break;
-	case MCL_BN382_1:
-		cp = mcl::BN382_1;
+	case MCL_BN381_1:
+		cp = mcl::BN381_1;
 		break;
-	case MCL_BN382_2:
-		cp = mcl::BN382_2;
+	case MCL_BN381_2:
+		cp = mcl::BN381_2;
 		break;
 	case MCL_BN462:
 		cp = mcl::BN462;
diff --git a/test/bls12_test.cpp b/test/bls12_test.cpp
index aa650ce..7a60e8d 100644
--- a/test/bls12_test.cpp
+++ b/test/bls12_test.cpp
@@ -617,8 +617,8 @@ void testCurve(const mcl::CurveParam& cp)
 }
 CYBOZU_TEST_AUTO(multi)
 {
-	puts("BN254BNb");
-	testCurve(mcl::BN254BNb);
+	puts("BN254");
+	testCurve(mcl::BN254);
 	puts("BLS12_381");
 	testCurve(mcl::BLS12_381);
 }
diff --git a/test/bn384_test.cpp b/test/bn384_test.cpp
index abb6f84..a3c5a48 100644
--- a/test/bn384_test.cpp
+++ b/test/bn384_test.cpp
@@ -38,13 +38,13 @@ void testCurve(const mcl::CurveParam& cp)
 
 CYBOZU_TEST_AUTO(pairing)
 {
-	puts("BN254BNb");
+	puts("BN254");
 	// support 256-bit pairing
-	testCurve(mcl::BN254BNb);
-	puts("BN382_1");
-	testCurve(mcl::BN382_1);
-	puts("BN382_2");
-	testCurve(mcl::BN382_2);
+	testCurve(mcl::BN254);
+	puts("BN381_1");
+	testCurve(mcl::BN381_1);
+	puts("BN381_2");
+	testCurve(mcl::BN381_2);
 	puts("BLS12_381");
 	testCurve(mcl::BLS12_381);
 	// Q is not on EcT, but bad order
diff --git a/test/bn512_test.cpp b/test/bn512_test.cpp
index 0f6aaab..dae3d0e 100644
--- a/test/bn512_test.cpp
+++ b/test/bn512_test.cpp
@@ -41,9 +41,9 @@ CYBOZU_TEST_AUTO(pairing)
 	puts("CurveFp462");
 	testCurve(mcl::BN462);
 	puts("CurveFp382_1");
-	testCurve(mcl::BN382_1);
+	testCurve(mcl::BN381_1);
 	puts("CurveFp382_2");
-	testCurve(mcl::BN382_2);
+	testCurve(mcl::BN381_2);
 	puts("CurveFp254BNb");
 	testCurve(mcl::bn::CurveFp254BNb);
 }
diff --git a/test/bn_test.cpp b/test/bn_test.cpp
index 126602c..6fb3b7a 100644
--- a/test/bn_test.cpp
+++ b/test/bn_test.cpp
@@ -168,7 +168,7 @@ void testCyclotomic()
 
 void testCompress(const G1& P, const G2& Q)
 {
-	if (BN::param.cp.curveType != MCL_BN254BNb) return;
+	if (BN::param.cp.curveType != MCL_BN254) return;
 	Fp12 a;
 	BN::pairing(a, P, Q);
 	BN::mapToCyclotomic(a, a);