Skip to main content

sqisign_verify/precomp/
mod.rs

1//!
2//! Contains the base curve E0, torsion point bases, and other per-level
3//! constant data needed by the EC and isogeny layers.
4//!
5//! Enable the `signing` feature to include quaternion data, endomorphism
6//! action matrices, and torsion degree constants needed by the signing path.
7
8use crate::params::SecurityLevel;
9
10pub mod level1;
11pub mod level3;
12pub mod level5;
13
14/// Level-specific precomputed constants needed by the verification and
15/// EC layers. Implemented for each security level marker type.
16pub trait LevelPrecomp: SecurityLevel {
17    /// Canonical 𝔽p²-encoded bytes for the x-coordinate of the first
18    /// generator of the 2ᶠ-torsion basis on E0.
19    fn basis_e0_px_bytes() -> &'static [u8];
20
21    /// Canonical 𝔽p²-encoded bytes for the x-coordinate of the second
22    /// generator of the 2ᶠ-torsion basis on E0.
23    fn basis_e0_qx_bytes() -> &'static [u8];
24
25    /// The odd cofactor (p+1) / 2ᶠ as 64-bit limbs (little-endian).
26    fn p_cofactor_for_2f() -> &'static [u64];
27
28    /// Bit-length of the odd cofactor.
29    fn p_cofactor_for_2f_bitlength() -> u32;
30
31    /// Exponent f such that the torsion subgroup is ℤ/2ᶠ × ℤ/2ᶠ.
32    fn torsion_even_power() -> u32;
33
34    /// 10 precomputed 4×4 basis change matrices for splitting transforms.
35    fn splitting_transforms() -> &'static [[[u8; 4]; 4]; 10];
36
37    /// 6 precomputed 4×4 normalization matrices for splitting.
38    fn normalization_transforms() -> &'static [[[u8; 4]; 4]; 6];
39
40    /// Character evaluation table for splitting.
41    fn chi_eval() -> &'static [[i32; 4]; 4];
42
43    /// Pairs of indices for the 10 possible zero-positions in splitting.
44    fn even_index() -> &'static [[i32; 2]; 10];
45}
46
47impl LevelPrecomp for crate::params::Level1 {
48    fn basis_e0_px_bytes() -> &'static [u8] {
49        &level1::BASIS_E0_PX_BYTES
50    }
51    fn basis_e0_qx_bytes() -> &'static [u8] {
52        &level1::BASIS_E0_QX_BYTES
53    }
54    fn p_cofactor_for_2f() -> &'static [u64] {
55        level1::P_COFACTOR_FOR_2F
56    }
57    fn p_cofactor_for_2f_bitlength() -> u32 {
58        level1::P_COFACTOR_FOR_2F_BITLENGTH
59    }
60    fn torsion_even_power() -> u32 {
61        level1::TORSION_EVEN_POWER
62    }
63    fn splitting_transforms() -> &'static [[[u8; 4]; 4]; 10] {
64        &level1::SPLITTING_TRANSFORMS
65    }
66    fn normalization_transforms() -> &'static [[[u8; 4]; 4]; 6] {
67        &level1::NORMALIZATION_TRANSFORMS
68    }
69    fn chi_eval() -> &'static [[i32; 4]; 4] {
70        &level1::CHI_EVAL
71    }
72    fn even_index() -> &'static [[i32; 2]; 10] {
73        &level1::EVEN_INDEX
74    }
75}
76
77impl LevelPrecomp for crate::params::Level3 {
78    fn basis_e0_px_bytes() -> &'static [u8] {
79        &level3::BASIS_E0_PX_BYTES
80    }
81    fn basis_e0_qx_bytes() -> &'static [u8] {
82        &level3::BASIS_E0_QX_BYTES
83    }
84    fn p_cofactor_for_2f() -> &'static [u64] {
85        level3::P_COFACTOR_FOR_2F
86    }
87    fn p_cofactor_for_2f_bitlength() -> u32 {
88        level3::P_COFACTOR_FOR_2F_BITLENGTH
89    }
90    fn torsion_even_power() -> u32 {
91        level3::TORSION_EVEN_POWER
92    }
93    fn splitting_transforms() -> &'static [[[u8; 4]; 4]; 10] {
94        &level3::SPLITTING_TRANSFORMS
95    }
96    fn normalization_transforms() -> &'static [[[u8; 4]; 4]; 6] {
97        &level3::NORMALIZATION_TRANSFORMS
98    }
99    fn chi_eval() -> &'static [[i32; 4]; 4] {
100        &level3::CHI_EVAL
101    }
102    fn even_index() -> &'static [[i32; 2]; 10] {
103        &level3::EVEN_INDEX
104    }
105}
106
107impl LevelPrecomp for crate::params::Level5 {
108    fn basis_e0_px_bytes() -> &'static [u8] {
109        &level5::BASIS_E0_PX_BYTES
110    }
111    fn basis_e0_qx_bytes() -> &'static [u8] {
112        &level5::BASIS_E0_QX_BYTES
113    }
114    fn p_cofactor_for_2f() -> &'static [u64] {
115        level5::P_COFACTOR_FOR_2F
116    }
117    fn p_cofactor_for_2f_bitlength() -> u32 {
118        level5::P_COFACTOR_FOR_2F_BITLENGTH
119    }
120    fn torsion_even_power() -> u32 {
121        level5::TORSION_EVEN_POWER
122    }
123    fn splitting_transforms() -> &'static [[[u8; 4]; 4]; 10] {
124        &level5::SPLITTING_TRANSFORMS
125    }
126    fn normalization_transforms() -> &'static [[[u8; 4]; 4]; 6] {
127        &level5::NORMALIZATION_TRANSFORMS
128    }
129    fn chi_eval() -> &'static [[i32; 4]; 4] {
130        &level5::CHI_EVAL
131    }
132    fn even_index() -> &'static [[i32; 2]; 10] {
133        &level5::EVEN_INDEX
134    }
135}