mratsim · August 8, 2018 17:01
diff --git a/ec_bls12_381_generator.nim b/ec_bls12_381_generator.nim

 import stint, math, algorithm

 # config_big_384_29.h
 # #define MODBYTES_384_29 48  	/**< Number of bytes in Modulus */
 # #define BASEBITS_384_29 29 	/**< Numbers represented to base 2*BASEBITS */

 # big_384_29.h
 # #define BIGBITS_384_29 (8*MODBYTES_384_29) /**< Length in bits */
 # #define NLEN_384_29 (1+((8*MODBYTES_384_29-1)/BASEBITS_384_29)) /**< length in bytes */
 # typedef chunk BIG_384_29[NLEN_384_29];     /**< Define type BIG as array of chunks */

 const
  MODBYTES_384_29 = 48
  BASEBITS_384_29 = 29

  BIGBITS_384_29 = 8 * MODBYTES_384_29
  NLEN_384_29    = (1+((8*MODBYTES_384_29-1) div BASEBITS_384_29)) # 14

 type Big = array[NLEN_384_29.nextPowerOfTwo, uint32] # We pad so that it falls on a power on 2

 # From https://github.com/status-im/nim-milagro-crypto/blob/290f927865f9e575920dca5f415c58b554dbe92e/src/milagro_crypto/generated/rom_curve_BLS381.c#L19-L30

 const G1x: Big = [uint32 0x0, 0x0, 0x1B22C6BB,0x19D78056,0x1E86BBFE,0xBD07FF2,0x1AC586C5,0x1D1F8B8D,0x4168538,0x9F2EE97,0xFC3688C,0x27D4D60,0x9A558E3,0x32FAF28,0x1F1D3A73,0xB]
 const G1y: Big = [uint32 0x0, 0x0, 0x6C5E7E1,0x551194A,0x222B903,0x198E8945,0xB3EDD03,0xC659602,0xBD8036C,0x12BABA01,0x4FCF5E0,0xBA0EC57,0x8278C3B,0x75541E3,0xB3F481E,0x4]


 const G2x: tuple[re, im: Big] = (
  [uint32 0x0, 0x0, 0x121BDB8,0x402B646,0x16EFBF5,0x18064D50,0x1D1770BA,0x5B23D71,0xC0AD144,0x1A9F4807,0x11C6E47A,0x196E2882,0x9820149,0x11E1522,0x4AA2B2F,0x1],
  [uint32 0x0, 0x0, 0x1D042B7E,0xD63E82A,0x51755F9,0x19E22427,0x15049334,0x10DDEE3F,0x186AD769,0x1A132416,0x5596BD0,0x4413A7B,0x1F6B34E8,0x4E33EC0,0x1E02B605,0x9]
 )
 const G2y: tuple[re, im: Big] = (
  [uint32 0x0, 0x0, 0x8B82801,0xC9AA430,0xB28A278,0x15939877,0xD12C923,0xD34A8B0,0xE9DB50A,0x155197BA,0x1AADFD9B,0x16D171A8,0x3327371,0x4FADC23,0xE5D5277,0x6],
  [uint32 0x0, 0x0, 0x105F79BE,0x15483AFF,0x1B07686A,0xE1A4EB9,0x99AB3F3,0x955AB97,0xEBC99D2,0xFD0B4EC,0x19CB3E28,0x15E145C,0xCAB34AC,0x1D4E6998,0x6C4A02,0x3]
 )

 const
  size = NLEN_384_29.nextPowerOfTwo * 4 # size in bytes
  stintSize = size * 8 # size in bits rounded to next power of 2

 doAssert stintSize == 512
 let g1x = readUintBE[stintSize](cast[array[size, byte]](G1x)) # reversed

 echo g1x

 # Expected from https://github.com/zkcrypto/pairing/tree/master/src/bls12_381#g1
 # 3685416753713387016781088315183077757961620795782546409894578378688607592378376318836054947676345821548104185464507

	import stint, math, algorithm

	# config_big_384_29.h
	# #define MODBYTES_384_29 48 /*< Number of bytes in Modulus /
	# #define BASEBITS_384_29 29 /*< Numbers represented to base 2BASEBITS */

	# big_384_29.h
	# #define BIGBITS_384_29 (8MODBYTES_384_29) /< Length in bits /
	# #define NLEN_384_29 (1+((8MODBYTES_384_29-1)/BASEBITS_384_29)) /< length in bytes /
	# typedef chunk BIG_384_29[NLEN_384_29]; /*< Define type BIG as array of chunks /

	const
	MODBYTES_384_29 = 48
	BASEBITS_384_29 = 29

	BIGBITS_384_29 = 8 * MODBYTES_384_29
	NLEN_384_29 = (1+((8*MODBYTES_384_29-1) div BASEBITS_384_29)) # 14

	type Big = array[NLEN_384_29.nextPowerOfTwo, uint32] # We pad so that it falls on a power on 2

	# From https://github.com/status-im/nim-milagro-crypto/blob/290f927865f9e575920dca5f415c58b554dbe92e/src/milagro_crypto/generated/rom_curve_BLS381.c#L19-L30

	const G1x: Big = [uint32 0x0, 0x0, 0x1B22C6BB,0x19D78056,0x1E86BBFE,0xBD07FF2,0x1AC586C5,0x1D1F8B8D,0x4168538,0x9F2EE97,0xFC3688C,0x27D4D60,0x9A558E3,0x32FAF28,0x1F1D3A73,0xB]
	const G1y: Big = [uint32 0x0, 0x0, 0x6C5E7E1,0x551194A,0x222B903,0x198E8945,0xB3EDD03,0xC659602,0xBD8036C,0x12BABA01,0x4FCF5E0,0xBA0EC57,0x8278C3B,0x75541E3,0xB3F481E,0x4]


	const G2x: tuple[re, im: Big] = (
	[uint32 0x0, 0x0, 0x121BDB8,0x402B646,0x16EFBF5,0x18064D50,0x1D1770BA,0x5B23D71,0xC0AD144,0x1A9F4807,0x11C6E47A,0x196E2882,0x9820149,0x11E1522,0x4AA2B2F,0x1],
	[uint32 0x0, 0x0, 0x1D042B7E,0xD63E82A,0x51755F9,0x19E22427,0x15049334,0x10DDEE3F,0x186AD769,0x1A132416,0x5596BD0,0x4413A7B,0x1F6B34E8,0x4E33EC0,0x1E02B605,0x9]
	)
	const G2y: tuple[re, im: Big] = (
	[uint32 0x0, 0x0, 0x8B82801,0xC9AA430,0xB28A278,0x15939877,0xD12C923,0xD34A8B0,0xE9DB50A,0x155197BA,0x1AADFD9B,0x16D171A8,0x3327371,0x4FADC23,0xE5D5277,0x6],
	[uint32 0x0, 0x0, 0x105F79BE,0x15483AFF,0x1B07686A,0xE1A4EB9,0x99AB3F3,0x955AB97,0xEBC99D2,0xFD0B4EC,0x19CB3E28,0x15E145C,0xCAB34AC,0x1D4E6998,0x6C4A02,0x3]
	)

	const
	size = NLEN_384_29.nextPowerOfTwo * 4 # size in bytes
	stintSize = size * 8 # size in bits rounded to next power of 2

	doAssert stintSize == 512
	let g1x = readUintBE[stintSize](cast[array[size, byte]](G1x)) # reversed

	echo g1x

	# Expected from https://github.com/zkcrypto/pairing/tree/master/src/bls12_381#g1
	# 3685416753713387016781088315183077757961620795782546409894578378688607592378376318836054947676345821548104185464507