update components to support four limbs

sxt/field25/constant/one.h

@@ -23,6 +23,5 @@ namespace sxt::f25cn {
 //--------------------------------------------------------------------------------------------------
 // one_v
 //--------------------------------------------------------------------------------------------------
-static constexpr f12t::element one_v{f12b::r_v[0], f12b::r_v[1], f12b::r_v[2],
-                                     f12b::r_v[3], f12b::r_v[4], f12b::r_v[5]};
+static constexpr f25t::element one_v{f25b::r_v[0], f25b::r_v[1], f25b::r_v[2], f25b::r_v[3]};
 } // namespace sxt::f25cn

sxt/field25/constant/zero.h

@@ -22,5 +22,5 @@ namespace sxt::f25cn {
 //--------------------------------------------------------------------------------------------------
 // zero_v
 //--------------------------------------------------------------------------------------------------
-static constexpr f12t::element zero_v{0, 0, 0, 0, 0, 0};
+static constexpr f25t::element zero_v{0, 0, 0, 0};
 } // namespace sxt::f25cn

sxt/field25/property/BUILD

@@ -13,6 +13,7 @@ sxt_cc_component(
     is_cuda = True,
     test_deps = [
         "//sxt/base/test:unit_test",
+        "//sxt/field25/base:montgomery",
         "//sxt/field25/constant:one",
         "//sxt/field25/constant:zero",
         "//sxt/field25/type:element",

sxt/field25/property/lexicographically_largest.cc

@@ -34,24 +34,22 @@ namespace sxt::f25p {
 // lexicographically_largest
 //--------------------------------------------------------------------------------------------------
 CUDA_CALLABLE
-bool lexicographically_largest(const f12t::element& e) noexcept {
+bool lexicographically_largest(const f25t::element& e) noexcept {
   // Checking to see if the element is larger than (p - 1) / 2.
   // If we subtract by ((p - 1) / 2) + 1 and there is no underflow,
   // then the element must be larger than (p - 1) / 2.
 
-  // First, because self is in Montgomery form we need to reduce it.
-  f12t::element e_tmp;
-  uint64_t tmp[12]{e[0], e[1], e[2], e[3], e[4], e[5], 0, 0, 0, 0, 0, 0};
-  f12b::reduce(e_tmp.data(), tmp);
+  // First, because e is in Montgomery form we need to reduce it.
+  f25t::element e_tmp;
+  uint64_t tmp[8]{e[0], e[1], e[2], e[3], 0, 0, 0, 0};
+  f25b::reduce(e_tmp.data(), tmp);
 
   uint64_t dummy{0};
   uint64_t borrow{0};
-  basfld::sbb(dummy, borrow, e_tmp[0], 0xdcff7fffffffd556);
-  basfld::sbb(dummy, borrow, e_tmp[1], 0x0f55ffff58a9ffff);
-  basfld::sbb(dummy, borrow, e_tmp[2], 0xb39869507b587b12);
-  basfld::sbb(dummy, borrow, e_tmp[3], 0xb23ba5c279c2895f);
-  basfld::sbb(dummy, borrow, e_tmp[4], 0x258dd3db21a5d66b);
-  basfld::sbb(dummy, borrow, e_tmp[5], 0x0d0088f51cbff34d);
+  basfld::sbb(dummy, borrow, e_tmp[0], 0x9e10460b6c3e7ea4);
+  basfld::sbb(dummy, borrow, e_tmp[1], 0xcbc0b548b438e546);
+  basfld::sbb(dummy, borrow, e_tmp[2], 0xdc2822db40c0ac2e);
+  basfld::sbb(dummy, borrow, e_tmp[3], 0x183227397098d014);
 
   // If the element was smaller, the subtraction will underflow
   // producing a borrow value of 0xffff...ffff, otherwise it will

sxt/field25/property/lexicographically_largest.h

@@ -30,5 +30,5 @@ namespace sxt::f25p {
  * Returns whether or not this element is strictly lexicographically larger than its negation.
  */
 CUDA_CALLABLE
-bool lexicographically_largest(const f12t::element& e) noexcept;
+bool lexicographically_largest(const f25t::element& e) noexcept;
 } // namespace sxt::f25p

sxt/field25/property/lexicographically_largest.t.cc

@@ -14,18 +14,10 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-/**
- * Adopted from zkcrypto/bls12_381
- *
- * Copyright (c) 2021
- * Sean Bowe <[email protected]>
- * Jack Grigg <[email protected]>
- *
- * See third_party/license/zkcrypto.LICENSE
- */
 #include "sxt/field25/property/lexicographically_largest.h"
 
 #include "sxt/base/test/unit_test.h"
+#include "sxt/field25/base/montgomery.h"
 #include "sxt/field25/constant/one.h"
 #include "sxt/field25/constant/zero.h"
 #include "sxt/field25/type/element.h"
@@ -34,25 +26,25 @@ using namespace sxt;
 using namespace sxt::f25p;
 
 TEST_CASE("lexicographically largest correctly identifies") {
-  SECTION("zero is not largest") { REQUIRE(!lexicographically_largest(f12cn::zero_v)); }
+  SECTION("zero is not largest") { REQUIRE(!lexicographically_largest(f25cn::zero_v)); }
 
-  SECTION("one is not largest") { REQUIRE(!lexicographically_largest(f12cn::one_v)); }
+  SECTION("one is not largest") { REQUIRE(!lexicographically_largest(f25cn::one_v)); }
 
-  SECTION("pre-computed value that is not largest") {
-    constexpr f12t::element e{0xa1fafffffffe5557, 0x995bfff976a3fffe, 0x03f41d24d174ceb4,
-                              0xf6547998c1995dbd, 0x778a468f507a6034, 0x020559931f7f8103};
-    REQUIRE(!lexicographically_largest(e));
-  }
+  SECTION("(p_v-1)/2 in Montgomery form is not largest") {
+    constexpr f25t::element e{0x9e10460b6c3e7ea3, 0xcbc0b548b438e546, 0xdc2822db40c0ac2e,
+                              0x183227397098d014};
+    f25t::element e_montgomery;
+    f25b::to_montgomery_form(e_montgomery.data(), e.data());
 
-  SECTION("pre-computed value that is largest") {
-    constexpr f12t::element e{0x1804000000015554, 0x855000053ab00001, 0x633cb57c253c276f,
-                              0x6e22d1ec31ebb502, 0xd3916126f2d14ca2, 0x17fbb8571a006596};
-    REQUIRE(lexicographically_largest(e));
+    REQUIRE(!lexicographically_largest(e_montgomery));
   }
 
-  SECTION("another pre-computed value that is largest") {
-    constexpr f12t::element e{0x43f5fffffffcaaae, 0x32b7fff2ed47fffd, 0x07e83a49a2e99d69,
-                              0xeca8f3318332bb7a, 0xef148d1ea0f4c069, 0x040ab3263eff0206};
-    REQUIRE(lexicographically_largest(e));
+  SECTION("((p_v-1)/2)+1 in Montgomery form is largest") {
+    constexpr f25t::element e{0x9e10460b6c3e7ea4, 0xcbc0b548b438e546, 0xdc2822db40c0ac2e,
+                              0x183227397098d014};
+    f25t::element e_montgomery;
+    f25b::to_montgomery_form(e_montgomery.data(), e.data());
+
+    REQUIRE(lexicographically_largest(e_montgomery));
   }
 }

sxt/field25/property/zero.h

@@ -26,9 +26,9 @@ namespace sxt::f25p {
 // is_zero
 //--------------------------------------------------------------------------------------------------
 CUDA_CALLABLE
-inline bool is_zero(const f12t::element& e) noexcept {
-  unsigned char bytes[48];
-  f12b::to_bytes(bytes, e.data());
+inline bool is_zero(const f25t::element& e) noexcept {
+  unsigned char bytes[32];
+  f25b::to_bytes(bytes, e.data());
   return basbt::is_zero(bytes, sizeof(bytes));
 }
 } // namespace sxt::f25p

sxt/field25/property/zero.t.cc

@@ -23,11 +23,11 @@ using namespace sxt;
 using namespace sxt::f25p;
 
 TEST_CASE("is zero can identify a zero element") {
-  constexpr f12t::element e_zero{0, 0, 0, 0, 0, 0};
+  constexpr f25t::element e_zero{0, 0, 0, 0};
   REQUIRE(is_zero(e_zero));
 }
 
 TEST_CASE("is zero can identify a non-zero element") {
-  constexpr f12t::element e_one{1, 0, 0, 0, 0, 0};
+  constexpr f25t::element e_one{1, 0, 0, 0};
   REQUIRE(!is_zero(e_one));
 }

sxt/field25/random/element.cc

@@ -27,25 +27,25 @@ namespace sxt::f25rn {
 //--------------------------------------------------------------------------------------------------
 CUDA_DISABLE_HOSTDEV_WARNING
 template <class Rng>
-static CUDA_CALLABLE void generate_random_element_impl(f12t::element& e, Rng& generator) noexcept {
-  uint64_t data[6];
-  for (int i = 0; i < 6; ++i) {
+static CUDA_CALLABLE void generate_random_element_impl(f25t::element& e, Rng& generator) noexcept {
+  uint64_t data[4];
+  for (int i = 0; i < 4; ++i) {
     data[i] = generator();
   }
 
   bool is_below_modulus{false};
-  f12b::from_bytes(is_below_modulus, e.data(), reinterpret_cast<const uint8_t*>(data));
+  f25b::from_bytes(is_below_modulus, e.data(), reinterpret_cast<const uint8_t*>(data));
 }
 
 //--------------------------------------------------------------------------------------------------
 // generate_random_element
 //--------------------------------------------------------------------------------------------------
 CUDA_CALLABLE
-void generate_random_element(f12t::element& e, basn::fast_random_number_generator& rng) noexcept {
+void generate_random_element(f25t::element& e, basn::fast_random_number_generator& rng) noexcept {
   generate_random_element_impl(e, rng);
 }
 
-void generate_random_element(f12t::element& e, std::mt19937& rng) noexcept {
+void generate_random_element(f25t::element& e, std::mt19937& rng) noexcept {
   generate_random_element_impl(e, rng);
 }
 } // namespace sxt::f25rn

sxt/field25/random/element.h

@@ -35,7 +35,7 @@ namespace sxt::f25rn {
  * Not guaranteed to be uniform. Only random elements generated below the modulus will be accepted.
  */
 CUDA_CALLABLE
-void generate_random_element(f12t::element& e, basn::fast_random_number_generator& rng) noexcept;
+void generate_random_element(f25t::element& e, basn::fast_random_number_generator& rng) noexcept;
 
-void generate_random_element(f12t::element& e, std::mt19937& rng) noexcept;
+void generate_random_element(f25t::element& e, std::mt19937& rng) noexcept;
 } // namespace sxt::f25rn

sxt/field25/random/element.t.cc

@@ -29,7 +29,7 @@ TEST_CASE("random element generation") {
   basn::fast_random_number_generator rng{1, 2};
 
   SECTION("will return different values if called multiple times") {
-    f12t::element e1, e2;
+    f25t::element e1, e2;
     generate_random_element(e1, rng);
     generate_random_element(e2, rng);
     REQUIRE(e1 != e2);