Move to monorepo: Neo.Cryptography.BLS12_381 (#3077)

* Move BLS

* Pack Neo.Cryptography.BLS12_381

* Add file headers

---------

Co-authored-by: Jimmy <jinghui@wayne.edu>

.github/workflows/main.yml

@@ -131,6 +131,12 @@ jobs:
         dotnet pack ./src/Neo.ConsoleService \
         --configuration Release \
         --output ./out
+    - name : Pack (Neo.Cryptography.BLS12_381)
+      if: steps.check_tag.outputs.statusCode == '404'
+      run: |
+        dotnet pack ./src/Neo.Cryptography.BLS12_381 \
+        --configuration Release \
+        --output ./out
     - name: Publish to NuGet
       if: steps.check_tag.outputs.statusCode == '404'
       run: |

neo.sln

@@ -32,6 +32,10 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Neo.CLI", "src\Neo.CLI\Neo.
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Neo.ConsoleService.Tests", "tests\Neo.ConsoleService.Tests\Neo.ConsoleService.Tests.csproj", "{B40F8584-5AFB-452C-AEFA-009C80CC23A9}"
 EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Neo.Cryptography.BLS12_381", "src\Neo.Cryptography.BLS12_381\Neo.Cryptography.BLS12_381.csproj", "{D48C1FAB-3471-4CA0-8688-25E6F43F2C25}"
+EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Neo.Cryptography.BLS12_381.Tests", "tests\Neo.Cryptography.BLS12_381.Tests\Neo.Cryptography.BLS12_381.Tests.csproj", "{387CCF6C-9A26-43F6-A639-0A82E91E10D8}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -86,6 +90,14 @@ Global
 		{B40F8584-5AFB-452C-AEFA-009C80CC23A9}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{B40F8584-5AFB-452C-AEFA-009C80CC23A9}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{B40F8584-5AFB-452C-AEFA-009C80CC23A9}.Release|Any CPU.Build.0 = Release|Any CPU
+		{D48C1FAB-3471-4CA0-8688-25E6F43F2C25}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{D48C1FAB-3471-4CA0-8688-25E6F43F2C25}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{D48C1FAB-3471-4CA0-8688-25E6F43F2C25}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{D48C1FAB-3471-4CA0-8688-25E6F43F2C25}.Release|Any CPU.Build.0 = Release|Any CPU
+		{387CCF6C-9A26-43F6-A639-0A82E91E10D8}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{387CCF6C-9A26-43F6-A639-0A82E91E10D8}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{387CCF6C-9A26-43F6-A639-0A82E91E10D8}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{387CCF6C-9A26-43F6-A639-0A82E91E10D8}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -103,6 +115,8 @@ Global
 		{02ABDE42-9880-43B4-B6F7-8D618602A277} = {B5339DF7-5D1D-43BA-B332-74B825E1770E}
 		{BDFBE455-4C1F-4FC4-B5FC-1387B93A8687} = {B5339DF7-5D1D-43BA-B332-74B825E1770E}
 		{B40F8584-5AFB-452C-AEFA-009C80CC23A9} = {EDE05FA8-8E73-4924-BC63-DD117127EEE1}
+		{D48C1FAB-3471-4CA0-8688-25E6F43F2C25} = {B5339DF7-5D1D-43BA-B332-74B825E1770E}
+		{387CCF6C-9A26-43F6-A639-0A82E91E10D8} = {EDE05FA8-8E73-4924-BC63-DD117127EEE1}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {BCBA19D9-F868-4C6D-8061-A2B91E06E3EC}

src/Neo.Cryptography.BLS12_381/Bls12.Adder.cs

@@ -0,0 +1,71 @@
+// Copyright (C) 2015-2024 The Neo Project.
+//
+// Bls12.Adder.cs file belongs to the neo project and is free
+// software distributed under the MIT software license, see the
+// accompanying file LICENSE in the main directory of the
+// repository or http://www.opensource.org/licenses/mit-license.php
+// for more details.
+//
+// Redistribution and use in source and binary forms with or without
+// modifications are permitted.
+
+using System.Runtime.CompilerServices;
+using static Neo.Cryptography.BLS12_381.MillerLoopUtility;
+
+namespace Neo.Cryptography.BLS12_381;
+
+partial class Bls12
+{
+    class Adder : IMillerLoopDriver<Fp12>
+    {
+        public G2Projective Curve;
+        public readonly G2Affine Base;
+        public readonly G1Affine P;
+
+        public Adder(in G1Affine p, in G2Affine q)
+        {
+            Curve = new(q);
+            Base = q;
+            P = p;
+        }
+
+        Fp12 IMillerLoopDriver<Fp12>.DoublingStep(in Fp12 f)
+        {
+            var coeffs = DoublingStep(ref Curve);
+            return Ell(in f, in coeffs, in P);
+        }
+
+        Fp12 IMillerLoopDriver<Fp12>.AdditionStep(in Fp12 f)
+        {
+            var coeffs = AdditionStep(ref Curve, in Base);
+            return Ell(in f, in coeffs, in P);
+        }
+
+        #region IMillerLoopDriver<T>
+
+        [MethodImpl(MethodImplOptions.AggressiveInlining)]
+        public static Fp12 Square(in Fp12 f) => f.Square();
+
+        [MethodImpl(MethodImplOptions.AggressiveInlining)]
+        public static Fp12 Conjugate(in Fp12 f) => f.Conjugate();
+
+        public static Fp12 One
+        {
+            [MethodImpl(MethodImplOptions.AggressiveInlining)]
+            get => Fp12.One;
+        }
+
+        [MethodImpl(MethodImplOptions.AggressiveInlining)]
+        Fp12 IMillerLoopDriver<Fp12>.Square(in Fp12 f) => Adder.Square(f);
+
+        [MethodImpl(MethodImplOptions.AggressiveInlining)]
+        Fp12 IMillerLoopDriver<Fp12>.Conjugate(in Fp12 f) => Adder.Conjugate(f);
+        Fp12 IMillerLoopDriver<Fp12>.One
+        {
+            [MethodImpl(MethodImplOptions.AggressiveInlining)]
+            get => Adder.One;
+        }
+
+        #endregion
+    }
+}

src/Neo.Cryptography.BLS12_381/Bls12.cs

@@ -0,0 +1,31 @@
+// Copyright (C) 2015-2024 The Neo Project.
+//
+// Bls12.cs file belongs to the neo project and is free
+// software distributed under the MIT software license, see the
+// accompanying file LICENSE in the main directory of the
+// repository or http://www.opensource.org/licenses/mit-license.php
+// for more details.
+//
+// Redistribution and use in source and binary forms with or without
+// modifications are permitted.
+
+using static Neo.Cryptography.BLS12_381.ConstantTimeUtility;
+using static Neo.Cryptography.BLS12_381.MillerLoopUtility;
+
+namespace Neo.Cryptography.BLS12_381;
+
+public static partial class Bls12
+{
+    public static Gt Pairing(in G1Affine p, in G2Affine q)
+    {
+        var either_identity = p.IsIdentity | q.IsIdentity;
+        var p2 = ConditionalSelect(in p, in G1Affine.Generator, either_identity);
+        var q2 = ConditionalSelect(in q, in G2Affine.Generator, either_identity);
+
+        var adder = new Adder(p2, q2);
+
+        var tmp = MillerLoop<Fp12, Adder>(adder);
+        var tmp2 = new MillerLoopResult(ConditionalSelect(in tmp, in Fp12.One, either_identity));
+        return tmp2.FinalExponentiation();
+    }
+}

src/Neo.Cryptography.BLS12_381/ConstantTimeUtility.cs

@@ -0,0 +1,42 @@
+// Copyright (C) 2015-2024 The Neo Project.
+//
+// ConstantTimeUtility.cs file belongs to the neo project and is free
+// software distributed under the MIT software license, see the
+// accompanying file LICENSE in the main directory of the
+// repository or http://www.opensource.org/licenses/mit-license.php
+// for more details.
+//
+// Redistribution and use in source and binary forms with or without
+// modifications are permitted.
+
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+
+namespace Neo.Cryptography.BLS12_381;
+
+public static class ConstantTimeUtility
+{
+    public static bool ConstantTimeEq<T>(in T a, in T b) where T : unmanaged
+    {
+        ReadOnlySpan<byte> a_bytes = MemoryMarshal.AsBytes(MemoryMarshal.CreateReadOnlySpan(ref Unsafe.AsRef(in a), 1));
+        ReadOnlySpan<byte> b_bytes = MemoryMarshal.AsBytes(MemoryMarshal.CreateReadOnlySpan(ref Unsafe.AsRef(in b), 1));
+        ReadOnlySpan<ulong> a_u64 = MemoryMarshal.Cast<byte, ulong>(a_bytes);
+        ReadOnlySpan<ulong> b_u64 = MemoryMarshal.Cast<byte, ulong>(b_bytes);
+        ulong f = 0;
+        for (int i = 0; i < a_u64.Length; i++)
+            f |= a_u64[i] ^ b_u64[i];
+        for (int i = a_u64.Length * sizeof(ulong); i < a_bytes.Length; i++)
+            f |= (ulong)a_bytes[i] ^ a_bytes[i];
+        return f == 0;
+    }
+
+    public static T ConditionalSelect<T>(in T a, in T b, bool choice) where T : unmanaged
+    {
+        return choice ? b : a;
+    }
+
+    public static void ConditionalAssign<T>(this ref T self, in T other, bool choice) where T : unmanaged
+    {
+        self = ConditionalSelect(in self, in other, choice);
+    }
+}

src/Neo.Cryptography.BLS12_381/Constants.cs

@@ -0,0 +1,18 @@
+// Copyright (C) 2015-2024 The Neo Project.
+//
+// Constants.cs file belongs to the neo project and is free
+// software distributed under the MIT software license, see the
+// accompanying file LICENSE in the main directory of the
+// repository or http://www.opensource.org/licenses/mit-license.php
+// for more details.
+//
+// Redistribution and use in source and binary forms with or without
+// modifications are permitted.
+
+namespace Neo.Cryptography.BLS12_381;
+
+static class Constants
+{
+    public const ulong BLS_X = 0xd201_0000_0001_0000;
+    public const bool BLS_X_IS_NEGATIVE = true;
+}