package bls12-381

  1. Overview
  2. Docs
include Ff_sig.PRIME
include Ff_sig.BASE
exception Not_in_field of Stdlib.Bytes.t
type t
val order : Z.t

The order of the finite field

val size_in_bytes : int

minimal number of bytes required to encode a value of the field.

val zero : t

The neutral element for the addition

val one : t

The neutral element for the multiplication

val is_zero : t -> bool

is_zero x returns true if x is the neutral element for the addition

val is_one : t -> bool

is_one x returns true if x is the neutral element for the multiplication

val random : ?state:Stdlib.Random.State.t -> unit -> t

Use carefully! random () returns a random element of the field. A state for the PRNG can be given to initialize the PRNG in the requested state. If no state is given, no initialisation is performed

val non_null_random : ?state:Stdlib.Random.State.t -> unit -> t

Use carefully! non_null_random () returns a non null random element of the field. A state for the PRNG can be given to initialize the PRNG in the requested state. If no state is given, no initialisation is performed

val add : t -> t -> t

add a b returns a + b mod order

val (+) : t -> t -> t

Infix operator for add

val sub : t -> t -> t

sub a b returns a - b mod order

val mul : t -> t -> t

mul a b returns a * b mod order

val (*) : t -> t -> t

Infix operator for mul

val eq : t -> t -> bool

eq a b returns true if a = b mod order, else false

val (=) : t -> t -> bool

Infix operator for eq

val negate : t -> t

negate x returns -x mod order. Equivalently, negate x returns the unique y such that x + y mod order = 0

val (-) : t -> t

Infix operator for negate

val inverse_exn : t -> t

inverse_exn x returns x^-1 if x is not 0, else raise Division_by_zero

val inverse_opt : t -> t option

inverse_opt x returns x^-1 if x is not 0 as an option, else None

val div_exn : t -> t -> t

div_exn a b returns a * b^-1. Raise Division_by_zero if b = zero

val div_opt : t -> t -> t option

div_opt a b returns a * b^-1 as an option. Return None if b = zero

val (/) : t -> t -> t

Infix operator for div_exn

val square : t -> t

square x returns x^2

val double : t -> t

double x returns 2x

val pow : t -> Z.t -> t

pow x n returns x^n

val (**) : t -> Z.t -> t

Infix operator for pow

val of_bytes_exn : Stdlib.Bytes.t -> t

Construct a value of type t from the bytes representation in little endian of the field element. For non prime fields, the encoding starts with the coefficient of the constant monomial. Raise Not_in_field if the bytes do not represent an element in the field.

val of_bytes_opt : Stdlib.Bytes.t -> t option

From a predefined little endian bytes representation, construct a value of type t. The same representation than of_bytes_exn is used. Return None if the bytes do not represent an element in the field.

val to_bytes : t -> Stdlib.Bytes.t

Convert the value t to a bytes representation. The number of bytes is size_in_bytes and the encoding must be in little endian. For instance, the encoding of 1 in prime fields is always a bytes sequence of size size_in_bytes starting with the byte 0b00000001. For non prime fields, the encoding starts with the coefficient of the constant monomial.

val factor_power_of_two : int * Z.t

Returns s, q such that order - 1 = 2^s * q

val of_string : string -> t

Create a value t from a predefined string representation. It is not required that to_string of_string t = t. By default, decimal representation of the number is used, modulo the order of the field

val to_string : t -> string

String representation of a value t. It is not required that to_string of_string t = t. By default, decimal representation of the number is used

val of_z : Z.t -> t

of_z x builds an element t from the Zarith element x. mod order is applied if x >= order

val to_z : t -> Z.t

to_z x builds a Zarith element, using the decimal representation. Arithmetic on the result can be done using the modular functions on integers

val legendre_symbol : t -> Z.t

Returns the Legendre symbol of the parameter. Note it does not work for p = 2

val is_quadratic_residue : t -> bool

is_quadratic_residue x returns true if x is a quadratic residue i.e. if there exists n such that n^2 mod p = 1

val sqrt_opt : t -> t option

sqrt_opt x returns a square root of x

val size_in_memory : int

Actual number of bytes allocated for a value of type t

val check_bytes : Stdlib.Bytes.t -> bool

Check if a point, represented as a byte array, is in the field *

val fft : domain:t array -> points:t array -> t array

fft ~domain ~points performs a Fourier transform on points using domain The domain should be of the form w^{i} where w is a principal root of unity. If the domain is of size n, w must be a n-th principal root of unity. The number of points can be smaller than the domain size, but not larger. The complexity is in O(n log(m)) where n is the domain size and m the number of points. A new array of size n is allocated and is returned. The parameters are not modified.

val fft_inplace : domain:t array -> points:t array -> unit

fft_inplace ~domain ~points performs a Fourier transform on points using domain The domain should be of the form w^{i} where w is a principal root of unity. If the domain is of size n, w must be a n-th principal root of unity. The number of points must be in the same size than the domain. It does not return anything but modified the points directly. It does only perform one allocation of a scalar for the FFT. It is recommended to use this function if side-effect is acceptable.

val ifft : domain:t array -> points:t array -> t array

ifft ~domain ~points performs an inverse Fourier transform on points using domain. The domain should be of the form w^{-i} (i.e the "inverse domain") where w is a principal root of unity. If the domain is of size n, w must be a n-th principal root of unity. The domain size must be exactly the same than the number of points. The complexity is O(n log(n)) where n is the domain size. A new array of size n is allocated and is returned. The parameters are not modified.

val ifft_inplace : domain:t array -> points:t array -> unit

ifft_inplace ~domain ~points is the same than ifft but modifies the array points instead of returning a new array

val add_inplace : t -> t -> unit

add_inplace a b is the same than add but writes the result in the first argument, i.e. a. No allocation happens.

val sub_inplace : t -> t -> unit

sub_inplace a b is the same than sub but writes the result in the first argument, i.e. a. No allocation happens.

val mul_inplace : t -> t -> unit

mul_inplace a b is the same than sub but writes the result in the first argument, i.e. a. No allocation happens.

val inverse_exn_inplace : t -> unit

inverse_exn_inplace a is the same than inverse_exn but writes the result in a. No allocation happens.

val double_inplace : t -> unit

double_inplace a is the same than double but writes the result in a. No allocation happens.

val square_inplace : t -> unit

square_inplace a is the same than square but writes the result in a. No allocation happens.

val negate_inplace : t -> unit

negate_inplace a is the same than negate but writes the result in a. No allocation happens.

val copy : t -> t

copy x return a fresh copy of x

val add_bulk : t list -> t

add_bulk xs returns the sum of the elements of xs by performing only one allocation for the output. This method is recommended to save the allocation overhead of using n times add.

val mul_bulk : t list -> t

mul_bulk xs returns the product of the elements of xs by performing only one allocation for the output. This method is recommended to save the allocation overhead of using n times mul.

val compare : t -> t -> int

compare a b compares the elements a and b based on their bytes representation

val inner_product_exn : t array -> t array -> t

inner_product_exn a b returns the inner product of a and b, i.e. sum(a_i * b_i). Raise Invalid_argument if the arguments are not of the same length. Only two allocations are used.

val inner_product_opt : t array -> t array -> t option

Same than inner_product_exn but returns an option instead of raising an exception.

val of_int : int -> t

of_int x is equivalent to of_z (Z.of_int x). If x is is negative, returns the element order - |x|.

OCaml

Innovation. Community. Security.