1// Copyright 2020 The go-ethereum Authors
2// This file is part of the go-ethereum library.
3//
4// The go-ethereum library is free software: you can redistribute it and/or modify
5// it under the terms of the GNU Lesser General Public License as published by
6// the Free Software Foundation, either version 3 of the License, or
7// (at your option) any later version.
8//
9// The go-ethereum library is distributed in the hope that it will be useful,
10// but WITHOUT ANY WARRANTY; without even the implied warranty of
11// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12// GNU Lesser General Public License for more details.
13//
14// You should have received a copy of the GNU Lesser General Public License
15// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
16
17package bls12381
18
19import (
20	"errors"
21	"math/big"
22)
23
24// E is type for target group element
25type E = fe12
26
27// GT is type for target multiplicative group GT.
28type GT struct {
29	fp12 *fp12
30}
31
32func (e *E) Set(e2 *E) *E {
33	return e.set(e2)
34}
35
36// One sets a new target group element to one
37func (e *E) One() *E {
38	e = new(fe12).one()
39	return e
40}
41
42// IsOne returns true if given element equals to one
43func (e *E) IsOne() bool {
44	return e.isOne()
45}
46
47// Equal returns true if given two element is equal, otherwise returns false
48func (g *E) Equal(g2 *E) bool {
49	return g.equal(g2)
50}
51
52// NewGT constructs new target group instance.
53func NewGT() *GT {
54	fp12 := newFp12(nil)
55	return &GT{fp12}
56}
57
58// Q returns group order in big.Int.
59func (g *GT) Q() *big.Int {
60	return new(big.Int).Set(q)
61}
62
63// FromBytes expects 576 byte input and returns target group element
64// FromBytes returns error if given element is not on correct subgroup.
65func (g *GT) FromBytes(in []byte) (*E, error) {
66	e, err := g.fp12.fromBytes(in)
67	if err != nil {
68		return nil, err
69	}
70	if !g.IsValid(e) {
71		return e, errors.New("invalid element")
72	}
73	return e, nil
74}
75
76// ToBytes serializes target group element.
77func (g *GT) ToBytes(e *E) []byte {
78	return g.fp12.toBytes(e)
79}
80
81// IsValid checks whether given target group element is in correct subgroup.
82func (g *GT) IsValid(e *E) bool {
83	r := g.New()
84	g.fp12.exp(r, e, q)
85	return r.isOne()
86}
87
88// New initializes a new target group element which is equal to one
89func (g *GT) New() *E {
90	return new(E).One()
91}
92
93// Add adds two field element `a` and `b` and assigns the result to the element in first argument.
94func (g *GT) Add(c, a, b *E) {
95	g.fp12.add(c, a, b)
96}
97
98// Sub subtracts two field element `a` and `b`, and assigns the result to the element in first argument.
99func (g *GT) Sub(c, a, b *E) {
100	g.fp12.sub(c, a, b)
101}
102
103// Mul multiplies two field element `a` and `b` and assigns the result to the element in first argument.
104func (g *GT) Mul(c, a, b *E) {
105	g.fp12.mul(c, a, b)
106}
107
108// Square squares an element `a` and assigns the result to the element in first argument.
109func (g *GT) Square(c, a *E) {
110	g.fp12.cyclotomicSquare(c, a)
111}
112
113// Exp exponents an element `a` by a scalar `s` and assigns the result to the element in first argument.
114func (g *GT) Exp(c, a *E, s *big.Int) {
115	g.fp12.cyclotomicExp(c, a, s)
116}
117
118// Inverse inverses an element `a` and assigns the result to the element in first argument.
119func (g *GT) Inverse(c, a *E) {
120	g.fp12.inverse(c, a)
121}
122