From 454d055f386822c64b6de2116d892442b8c6a3b2 Mon Sep 17 00:00:00 2001
From: "Diego F. Aranha" <dfaranha@gmail.com>
Date: Wed, 14 Aug 2024 23:00:15 +0200
Subject: [PATCH] Change API for GLV-SAC recoding.

---
 include/relic_bn.h      | 3 ++-
 src/bn/relic_bn_rec.c   | 4 ++--
 src/epx/relic_ep2_mul.c | 2 +-
 src/epx/relic_ep3_mul.c | 4 ++--
 src/epx/relic_ep4_mul.c | 4 ++--
 src/epx/relic_ep8_mul.c | 2 +-
 src/pc/relic_pc_exp.c   | 4 ++--
 test/test_bn.c          | 2 +-
 8 files changed, 13 insertions(+), 12 deletions(-)

diff --git a/include/relic_bn.h b/include/relic_bn.h
index a4fb0e278..7b1a39587 100644
--- a/include/relic_bn.h
+++ b/include/relic_bn.h
@@ -1547,11 +1547,12 @@ void bn_rec_frb(bn_t *ki, int sub, const bn_t k, const bn_t x, const bn_t n,
  * @param[out] b			- the recoded subscalars.
  * @param[in] len			- the length in bytes of the recoding.
  * @param[in] k				- the subscalars to recode.
+ * @param[in] c				- the splitting factor.
  * @param[in] m				- the number of subscalars to recode.
  * @param[in] n				- the bit length of the group order.
  * @throw ERR_NO_BUFFER		- if the buffer capacity is insufficient.
  */
-void bn_rec_sac(int8_t *b, size_t *len, bn_t *k, size_t m, size_t n);
+void bn_rec_sac(int8_t *b, size_t *len, bn_t *k, size_t c, size_t m, size_t n);
 
 /**
  * Computes the coefficients of the polynomial representing the Lagrange
diff --git a/src/bn/relic_bn_rec.c b/src/bn/relic_bn_rec.c
index 2988a4092..323b363bc 100644
--- a/src/bn/relic_bn_rec.c
+++ b/src/bn/relic_bn_rec.c
@@ -876,10 +876,10 @@ void bn_rec_glv(bn_t k0, bn_t k1, const bn_t k, const bn_t n, const bn_t *v1,
 	}
 }
 
-void bn_rec_sac(int8_t *b, size_t *len, bn_t *k, size_t m, size_t n) {
+void bn_rec_sac(int8_t *b, size_t *len, bn_t *k, size_t c, size_t m, size_t n) {
 	/* Assume k0 is the sign-aligner. */
 	bn_t *t = RLC_ALLOCA(bn_t, m);
-	size_t l = RLC_CEIL(n, m) + 1;
+	size_t l = RLC_CEIL(n, c * m) + 1;
 	int8_t bji;
 
 	if (t == NULL) {
diff --git a/src/epx/relic_ep2_mul.c b/src/epx/relic_ep2_mul.c
index 7da80588f..6ccb28655 100644
--- a/src/epx/relic_ep2_mul.c
+++ b/src/epx/relic_ep2_mul.c
@@ -172,7 +172,7 @@ static void ep2_mul_reg_gls(ep2_t r, const ep2_t p, const bn_t k) {
 		}
 
 		l = RLC_FP_BITS;
-		bn_rec_sac(sac, &l, _k, 4, bn_bits(n));
+		bn_rec_sac(sac, &l, _k, 1, 4, bn_bits(n));
 
 #if defined(EP_MIXED)
 		ep2_norm_sim(t + 1, t + 1, (1 << 3) - 1);
diff --git a/src/epx/relic_ep3_mul.c b/src/epx/relic_ep3_mul.c
index 98b266d7d..7ac6ea69e 100644
--- a/src/epx/relic_ep3_mul.c
+++ b/src/epx/relic_ep3_mul.c
@@ -138,7 +138,7 @@ static void ep3_mul_gls_imp(ep3_t r, const ep3_t p, const bn_t k) {
 		}
 
 		l = RLC_FP_BITS + 1;
-		bn_rec_sac(sac, &l, _k, 6, bn_bits(n));
+		bn_rec_sac(sac, &l, _k, 1, 6, bn_bits(n));
 
 #if defined(EP_MIXED)
 		ep3_norm_sim(t + 1, t + 1, (1 << 5) - 1);
@@ -245,7 +245,7 @@ static void ep3_mul_reg_gls(ep3_t r, const ep3_t p, const bn_t k) {
 		}
 
 		l = RLC_FP_BITS + 1;
-		bn_rec_sac(sac, &l, _k, 6, bn_bits(n));
+		bn_rec_sac(sac, &l, _k, 1, 6, bn_bits(n));
 
 #if defined(EP_MIXED)
 		ep3_norm_sim(t + 1, t + 1, (1 << 5) - 1);
diff --git a/src/epx/relic_ep4_mul.c b/src/epx/relic_ep4_mul.c
index de4d207d6..856807537 100644
--- a/src/epx/relic_ep4_mul.c
+++ b/src/epx/relic_ep4_mul.c
@@ -229,7 +229,7 @@ static void ep4_mul_reg_gls(ep4_t r, const ep4_t p, const bn_t k) {
 				ep4_add(t[i][j], t[i][j ^ (1 << (l - 1))], q[l + i * m / c]);
 			}
 			l = RLC_FP_BITS + 1;
-			bn_rec_sac(sac[i], &l, _k + i * m / c, m / c, bn_bits(n));
+			bn_rec_sac(sac[i], &l, _k + i * m / c, c, m / c, bn_bits(n));
 		}
 
 #if defined(EP_MIXED)
@@ -293,7 +293,7 @@ static void ep4_mul_reg_gls(ep4_t r, const ep4_t p, const bn_t k) {
 		}
 
 		/* Convert r to affine coordinates. */
-		ep4_norm(r, r);
+		//ep4_norm(r, r);
 	}
 	RLC_CATCH_ANY {
 		RLC_THROW(ERR_CAUGHT);
diff --git a/src/epx/relic_ep8_mul.c b/src/epx/relic_ep8_mul.c
index 6ca09592e..296865eab 100644
--- a/src/epx/relic_ep8_mul.c
+++ b/src/epx/relic_ep8_mul.c
@@ -177,7 +177,7 @@ static void ep8_mul_reg_gls(ep8_t r, const ep8_t p, const bn_t k) {
 				ep8_add(t[i][j], t[i][j ^ (1 << (l - 1))], q[l + i * m / c]);
 			}
 			l = RLC_FP_BITS + 1;
-			bn_rec_sac(sac[i], &l, _k + i * m / c, m / c, bn_bits(n));
+			bn_rec_sac(sac[i], &l, _k + i * m / c, c, m / c, bn_bits(n));
 		}
 
 #if defined(EP_MIXED)
diff --git a/src/pc/relic_pc_exp.c b/src/pc/relic_pc_exp.c
index c7a344035..154e91f32 100644
--- a/src/pc/relic_pc_exp.c
+++ b/src/pc/relic_pc_exp.c
@@ -329,7 +329,7 @@ static void gt_exp_gls_sac(gt_t c, const gt_t a, const bn_t b, size_t d,
 				gt_mul(t[i * s + j], t[i * s + (j ^ (1 << (l - 1)))], q[l + i * f / d]);
 			}
 			l = RLC_FP_BITS;
-			bn_rec_sac(sac + i * f * RLC_FP_BITS, &l, _b + i * f / d, f / d, bn_bits(n));
+			bn_rec_sac(sac + i * f * RLC_FP_BITS, &l, _b + i * f / d, d, f / d, bn_bits(n));
 		}
 
 		gt_set_unity(c);
@@ -453,7 +453,7 @@ static void gt_exp_reg_sac(gt_t c, const gt_t a, const bn_t b, size_t d,
 				gt_mul(t[i * s + j], t[i * s + (j ^ (1 << (l - 1)))], q[l + i * f / d]);
 			}
 			l = RLC_FP_BITS;
-			bn_rec_sac(sac + i * f * RLC_FP_BITS, &l, _b + i * f / d, f / d, bn_bits(n));
+			bn_rec_sac(sac + i * f * RLC_FP_BITS, &l, _b + i * f / d, d, f / d, bn_bits(n));
 		}
 
 		gt_set_unity(c);
diff --git a/test/test_bn.c b/test/test_bn.c
index 70d37a994..f15f6883d 100644
--- a/test/test_bn.c
+++ b/test/test_bn.c
@@ -2292,7 +2292,7 @@ static int recoding(void) {
 				bn_rand_mod(a, b);
 				bn_rec_glv(b, c, a, b, (const bn_t *)v1, (const bn_t *)v2);
 				ep_curve_get_ord(v2[0]);
-				bn_rec_sac(ptr, &l, v1, 2, bn_bits(v2[0]));
+				bn_rec_sac(ptr, &l, v1, 1, 2, bn_bits(v2[0]));
 				if (bn_is_even(b)) {
 					bn_add_dig(b, b, 1);
 				}