RubyGems - h2c - Versions diffs - 0.1.0 → 0.2.0 - Mend

h2c 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

checksums.yaml +4 -4
data/README.md +7 -2
data/lib/ext/curve/bls12381_g1.rb +19 -0
data/lib/ext/curve/bls12381_g1_11iso.rb +21 -0
data/lib/ext/curve.rb +2 -0
data/lib/h2c/expander/xmd.rb +1 -10
data/lib/h2c/hash_to_point.rb +11 -9
data/lib/h2c/m2c/isogeny/bls12381_g1.rb +104 -0
data/lib/h2c/m2c/isogeny.rb +1 -0
data/lib/h2c/m2c/sswu.rb +1 -1
data/lib/h2c/m2c/sswuab0.rb +2 -2
data/lib/h2c/suite.rb +36 -2
data/lib/h2c/version.rb +1 -1
data/lib/h2c.rb +2 -1
metadata +5 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9bb9442ab449a3426c342b352746b7057a4d6bb15b3d88efdaf214a0e7e11423
-  data.tar.gz: 19c35110d60cf84cfc221c33a9ae4f8ff612ae8ac532a25512e9cd66bc8fcb0a
+  metadata.gz: 9c6ef57a4910bc2bf43459e35bb04d2ddfb9f5b956802b3b514636e4e21f50d5
+  data.tar.gz: f3af43483cd595fd3975857b94a7b4387a9a5482cb77efa649c9e3003c68e0c7
 SHA512:
-  metadata.gz: 61fd4f3cff6441eaf34e3b7507ee6fd67fe158f3622f1e42a69c44c8bbb950385fb61439b3bbc88523a23c81b4369405728eade93319b28fbb889532ee99f125
-  data.tar.gz: '049c98d23b13a876a37ec2a8f13aa8a6449a43a2a0f869b7a31e7d702503850a406aa7ddb86fe65922d742dd1287b7b4b1a71cf395afc3041d95aadc51924084'
+  metadata.gz: e3950efa14cb1e65fd9f327e4f613aaea376730a033eb51d51c77a34998d2a8f6be5c7e8488133a055b67076a6b62c82b52946172e4480b3acc474aa16f8938f
+  data.tar.gz: 0f604e4bfc0bfa60ca0f78b040c917b481c02da0091a1756064c08dab8c84e6e241290349aea1cb0151b94d49bb3701d02a93708553e9675cdc5087c79911c27

data/README.md CHANGED Viewed

@@ -8,6 +8,12 @@ The following cipher suites are currently supported:
 * secp256k1_XMD:SHA-256_SSWU_NU_
 * secp256k1_XMD:SHA-256_SSWU_RO_
+* BLS12381G1_XMD:SHA-256_SSWU_NU_
+* BLS12381G1_XMD:SHA-256_SSWU_RO_
+* P384_XMD:SHA-384_SSWU_NU_
+* P384_XMD:SHA-384_SSWU_RO_
+* P521_XMD:SHA-512_SSWU_NU_
+* P521_XMD:SHA-512_SSWU_RO_
 ## Installation
@@ -30,10 +36,9 @@ Or install it yourself as:
 ```ruby
 require 'h2c'
-sutie = "secp256k1_XMD:SHA-256_SSWU_RO_"
 dst = "QUUX-V01-CS02-with-secp256k1_XMD:SHA-256_SSWU_RO_"
-h2c = H2C.get(sutie, dst)
+h2c = H2C.get(H2C::Suite::SECP256K1_XMDSHA256_SSWU_RO_, dst)
 msg = "abc"

data/lib/ext/curve/bls12381_g1.rb ADDED Viewed

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+module ECDSA
+  class Group
+    BLS12381G1 =
+      new(
+        name: "bls12381_g1",
+        p:
+          0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab,
+        a: 0,
+        b: 4,
+        g: [
+          0x17f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb,
+          0x8b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1
+        ],
+        n: 0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001,
+        h: 0xd201000000010001
+      )
+  end
+end

data/lib/ext/curve/bls12381_g1_11iso.rb ADDED Viewed

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+module ECDSA
+  class Group
+    BLS12381G1_11ISO =
+      new(
+        name: "bls12381_g1_11iso",
+        p:
+          0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab,
+        a:
+          0x144698a3b8e9433d693a02c96d4982b0ea985383ee66a8d8e8981aefd881ac98936f8da0e0f97f5cf428082d584c1d,
+        b:
+          0x12e2908d11688030018b12e8753eee3b2016c1f0f24f4070a0b9c14fcef35ef55a23215a316ceaa5d1cc48e98e172be0,
+        g: [
+          0x6a0ead062ba73a09984eb7351a2d851bc817625345ce033a6eb7d78242b6466c877e022dda626a79ddb85bce57997e2,
+          0x3b89d8bb9326270e46b6b74e19f7b3f10082fbf1a46df72da50c6571b969afc570d6529350b1b9b05ab4fe5c29920b4
+        ],
+        n: 0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001,
+        h: 0xd201000000010001
+      )
+  end
+end

data/lib/ext/curve.rb CHANGED Viewed

@@ -1,3 +1,5 @@
 # frozen_string_literal: true
 require_relative "curve/secp256k1_3iso"
+require_relative "curve/bls12381_g1"
+require_relative "curve/bls12381_g1_11iso"

data/lib/h2c/expander/xmd.rb CHANGED Viewed

@@ -9,18 +9,9 @@ module H2C
       # Constructor
       # @param [String] func Hash function name. Currently supported by 'SHA256' and 'SHA512'
       # @param [String] dst Domain separation tag with binary format.
-      # @raise [H2C::Error] If invalid func specified.
       def initialize(func, dst)
         @dst = dst
-        @digest =
-          case func
-          when HashFunc::SHA256
-            Digest(HashFunc::SHA256).new
-          when HashFunc::SHA512
-            Digest(HashFunc::SHA512).new
-          else
-            raise H2C::Error, "func #{func} is unsupported."
-          end
+        @digest = Digest(func).new
       end
       # Expand message.

data/lib/h2c/hash_to_point.rb CHANGED Viewed

@@ -14,15 +14,17 @@ module H2C
     # @param [String] msg Message with binary to be hashed.
     # @return [ECDSA::Point] point
     def digest(msg)
-      if suite.ro
-        u = hash_to_field(msg, 2)
-        p0 = suite.map.map(u[0])
-        p1 = suite.map.map(u[1])
-        p0 + p1
-      else
-        u = hash_to_field(msg, 1)
-        suite.map.map(u[0])
-      end
+      p =
+        if suite.ro
+          u = hash_to_field(msg, 2)
+          p0 = suite.map.map(u[0])
+          p1 = suite.map.map(u[1])
+          p0 + p1
+        else
+          u = hash_to_field(msg, 1)
+          suite.map.map(u[0])
+        end
+      suite.curve.cofactor ? p.multiply_by_scalar(suite.curve.cofactor) : p
     end
     # Hashes a msg of any length into an element of a finite field.

data/lib/h2c/m2c/isogeny/bls12381_g1.rb ADDED Viewed

@@ -0,0 +1,104 @@
+# frozen_string_literal: true
+module H2C
+  module M2C
+    module ISOGeny
+      # 11-isogeny map for BLS12381
+      # https://www.ietf.org/archive/id/draft-irtf-cfrg-hash-to-curve-16.html#appendix-E.2
+      class BLS12381G1
+        attr_reader :e0, :e1
+        X_NUM = [
+          0x11a05f2b1e833340b809101dd99815856b303e88a2d7005ff2627b56cdb4e2c85610c2d5f2e62d6eaeac1662734649b7,
+          0x17294ed3e943ab2f0588bab22147a81c7c17e75b2f6a8417f565e33c70d1e86b4838f2a6f318c356e834eef1b3cb83bb,
+          0xd54005db97678ec1d1048c5d10a9a1bce032473295983e56878e501ec68e25c958c3e3d2a09729fe0179f9dac9edcb0,
+          0x1778e7166fcc6db74e0609d307e55412d7f5e4656a8dbf25f1b33289f1b330835336e25ce3107193c5b388641d9b6861,
+          0xe99726a3199f4436642b4b3e4118e5499db995a1257fb3f086eeb65982fac18985a286f301e77c451154ce9ac8895d9,
+          0x1630c3250d7313ff01d1201bf7a74ab5db3cb17dd952799b9ed3ab9097e68f90a0870d2dcae73d19cd13c1c66f652983,
+          0xd6ed6553fe44d296a3726c38ae652bfb11586264f0f8ce19008e218f9c86b2a8da25128c1052ecaddd7f225a139ed84,
+          0x17b81e7701abdbe2e8743884d1117e53356de5ab275b4db1a682c62ef0f2753339b7c8f8c8f475af9ccb5618e3f0c88e,
+          0x80d3cf1f9a78fc47b90b33563be990dc43b756ce79f5574a2c596c928c5d1de4fa295f296b74e956d71986a8497e317,
+          0x169b1f8e1bcfa7c42e0c37515d138f22dd2ecb803a0c5c99676314baf4bb1b7fa3190b2edc0327797f241067be390c9e,
+          0x10321da079ce07e272d8ec09d2565b0dfa7dccdde6787f96d50af36003b14866f69b771f8c285decca67df3f1605fb7b,
+          0x6e08c248e260e70bd1e962381edee3d31d79d7e22c837bc23c0bf1bc24c6b68c24b1b80b64d391fa9c8ba2e8ba2d229
+        ].freeze
+        X_DEN = [
+          0x8ca8d548cff19ae18b2e62f4bd3fa6f01d5ef4ba35b48ba9c9588617fc8ac62b558d681be343df8993cf9fa40d21b1c,
+          0x12561a5deb559c4348b4711298e536367041e8ca0cf0800c0126c2588c48bf5713daa8846cb026e9e5c8276ec82b3bff,
+          0xb2962fe57a3225e8137e629bff2991f6f89416f5a718cd1fca64e00b11aceacd6a3d0967c94fedcfcc239ba5cb83e19,
+          0x3425581a58ae2fec83aafef7c40eb545b08243f16b1655154cca8abc28d6fd04976d5243eecf5c4130de8938dc62cd8,
+          0x13a8e162022914a80a6f1d5f43e7a07dffdfc759a12062bb8d6b44e833b306da9bd29ba81f35781d539d395b3532a21e,
+          0xe7355f8e4e667b955390f7f0506c6e9395735e9ce9cad4d0a43bcef24b8982f7400d24bc4228f11c02df9a29f6304a5,
+          0x772caacf16936190f3e0c63e0596721570f5799af53a1894e2e073062aede9cea73b3538f0de06cec2574496ee84a3a,
+          0x14a7ac2a9d64a8b230b3f5b074cf01996e7f63c21bca68a81996e1cdf9822c580fa5b9489d11e2d311f7d99bbdcc5a5e,
+          0xa10ecf6ada54f825e920b3dafc7a3cce07f8d1d7161366b74100da67f39883503826692abba43704776ec3a79a1d641,
+          0x95fc13ab9e92ad4476d6e3eb3a56680f682b4ee96f7d03776df533978f31c1593174e4b4b7865002d6384d168ecdd0a,
+          1,
+          0
+        ].freeze
+        Y_NUM = [
+          0x90d97c81ba24ee0259d1f094980dcfa11ad138e48a869522b52af6c956543d3cd0c7aee9b3ba3c2be9845719707bb33,
+          0x134996a104ee5811d51036d776fb46831223e96c254f383d0f906343eb67ad34d6c56711962fa8bfe097e75a2e41c696,
+          0xcc786baa966e66f4a384c86a3b49942552e2d658a31ce2c344be4b91400da7d26d521628b00523b8dfe240c72de1f6,
+          0x1f86376e8981c217898751ad8746757d42aa7b90eeb791c09e4a3ec03251cf9de405aba9ec61deca6355c77b0e5f4cb,
+          0x8cc03fdefe0ff135caf4fe2a21529c4195536fbe3ce50b879833fd221351adc2ee7f8dc099040a841b6daecf2e8fedb,
+          0x16603fca40634b6a2211e11db8f0a6a074a7d0d4afadb7bd76505c3d3ad5544e203f6326c95a807299b23ab13633a5f0,
+          0x4ab0b9bcfac1bbcb2c977d027796b3ce75bb8ca2be184cb5231413c4d634f3747a87ac2460f415ec961f8855fe9d6f2,
+          0x987c8d5333ab86fde9926bd2ca6c674170a05bfe3bdd81ffd038da6c26c842642f64550fedfe935a15e4ca31870fb29,
+          0x9fc4018bd96684be88c9e221e4da1bb8f3abd16679dc26c1e8b6e6a1f20cabe69d65201c78607a360370e577bdba587,
+          0xe1bba7a1186bdb5223abde7ada14a23c42a0ca7915af6fe06985e7ed1e4d43b9b3f7055dd4eba6f2bafaaebca731c30,
+          0x19713e47937cd1be0dfd0b8f1d43fb93cd2fcbcb6caf493fd1183e416389e61031bf3a5cce3fbafce813711ad011c132,
+          0x18b46a908f36f6deb918c143fed2edcc523559b8aaf0c2462e6bfe7f911f643249d9cdf41b44d606ce07c8a4d0074d8e,
+          0xb182cac101b9399d155096004f53f447aa7b12a3426b08ec02710e807b4633f06c851c1919211f20d4c04f00b971ef8,
+          0x245a394ad1eca9b72fc00ae7be315dc757b3b080d4c158013e6632d3c40659cc6cf90ad1c232a6442d9d3f5db980133,
+          0x5c129645e44cf1102a159f748c4a3fc5e673d81d7e86568d9ab0f5d396a7ce46ba1049b6579afb7866b1e715475224b,
+          0x15e6be4e990f03ce4ea50b3b42df2eb5cb181d8f84965a3957add4fa95af01b2b665027efec01c7704b456be69c8b604
+        ].freeze
+        Y_DEN = [
+          0x16112c4c3a9c98b252181140fad0eae9601a6de578980be6eec3232b5be72e7a07f3688ef60c206d01479253b03663c1,
+          0x1962d75c2381201e1a0cbd6c43c348b885c84ff731c4d59ca4a10356f453e01f78a4260763529e3532f6102c2e49a03d,
+          0x58df3306640da276faaae7d6e8eb15778c4855551ae7f310c35a5dd279cd2eca6757cd636f96f891e2538b53dbf67f2,
+          0x16b7d288798e5395f20d23bf89edb4d1d115c5dbddbcd30e123da489e726af41727364f2c28297ada8d26d98445f5416,
+          0xbe0e079545f43e4b00cc912f8228ddcc6d19c9f0f69bbb0542eda0fc9dec916a20b15dc0fd2ededda39142311a5001d,
+          0x8d9e5297186db2d9fb266eaac783182b70152c65550d881c5ecd87b6f0f5a6449f38db9dfa9cce202c6477faaf9b7ac,
+          0x166007c08a99db2fc3ba8734ace9824b5eecfdfa8d0cf8ef5dd365bc400a0051d5fa9c01a58b1fb93d1a1399126a775c,
+          0x16a3ef08be3ea7ea03bcddfabba6ff6ee5a4375efa1f4fd7feb34fd206357132b920f5b00801dee460ee415a15812ed9,
+          0x1866c8ed336c61231a1be54fd1d74cc4f9fb0ce4c6af5920abc5750c4bf39b4852cfe2f7bb9248836b233d9d55535d4a,
+          0x167a55cda70a6e1cea820597d94a84903216f763e13d87bb5308592e7ea7d4fbc7385ea3d529b35e346ef48bb8913f55,
+          0x4d2f259eea405bd48f010a01ad2911d9c6dd039bb61a6290e591b36e636a5c871a5c29f4f83060400f8b49cba8f6aa8,
+          0xaccbb67481d033ff5852c1e48c50c477f94ff8aefce42d28c0f9a88cea7913516f968986f7ebbea9684b529e2561092,
+          0xad6b9514c767fe3c3613144b45f1496543346d98adf02267d5ceef9a00d9b8693000763e3b90ac11e99b138573345cc,
+          0x2660400eb2e4f3b628bdd0d53cd76f2bf565b94e72927c1cb748df27942480e420517bd8714cc80d1fadc1326ed06f7,
+          0xe0fa1d816ddc03e6b24255e0d7819c171c40f65e273b853324efcd6356caa205ca2f570f13497804415473a1d634b8f,
+          1
+        ].freeze
+        def initialize
+          @e0 = ECDSA::Group::BLS12381G1_11ISO
+          @e1 = ECDSA::Group::BLS12381G1
+        end
+        def map(x, y)
+          f = e0.field
+          x_num = 0
+          x_den = 0
+          y_num = 0
+          y_den = 0
+          (X_NUM.length - 1).step(0, -1) do |i|
+            x_num = f.mod(x_num * x + X_NUM[i])
+            x_den = f.mod(x_den * x + X_DEN[i])
+          end
+          (Y_NUM.length - 1).step(0, -1) do |i|
+            y_num = f.mod(y_num * x + Y_NUM[i])
+            y_den = f.mod(y_den * x + Y_DEN[i])
+          end
+          xx = f.mod(x_num * f.inverse(x_den))
+          yy = f.mod(y * (y_num * f.inverse(y_den)))
+          [xx, yy]
+        end
+      end
+    end
+  end
+end

data/lib/h2c/m2c/isogeny.rb CHANGED Viewed

@@ -4,6 +4,7 @@ module H2C
     # https://www.ietf.org/archive/id/draft-irtf-cfrg-hash-to-curve-16.html#name-isogeny-maps-for-suites
     module ISOGeny
       autoload :Secp256k1, "h2c/m2c/isogeny/secp256k1"
+      autoload :BLS12381G1, "h2c/m2c/isogeny/bls12381_g1"
     end
   end
 end

data/lib/h2c/m2c/sswu.rb CHANGED Viewed

@@ -43,7 +43,7 @@ module H2C
         y = f.square_roots(y2)[0]
         e3 = sgn0(u) == sgn0(y)
         y = f.mod(e3 ? y : -y)
-        [x, y]
+        curve.new_point([x, y])
       end
       def square?(x)

data/lib/h2c/m2c/sswuab0.rb CHANGED Viewed

@@ -17,8 +17,8 @@ module H2C
       # @param [Integer] u
       # @return [ECDSA::Point]
       def map(u)
-        x, y = sswu.map(u)
-        coordinate = iso.map(x, y)
+        p = sswu.map(u)
+        coordinate = iso.map(p.x, p.y)
         iso.e1.new_point(coordinate)
       end
     end

data/lib/h2c/suite.rb CHANGED Viewed

@@ -6,21 +6,55 @@ module H2C
     SECP256K1_XMDSHA256_SSWU_NU_ = "secp256k1_XMD:SHA-256_SSWU_NU_"
     SECP256K1_XMDSHA256_SSWU_RO_ = "secp256k1_XMD:SHA-256_SSWU_RO_"
+    BLS12381G1_XMDSHA256_SWU_NU_ = "BLS12381G1_XMD:SHA-256_SSWU_NU_"
+    BLS12381G1_XMDSHA256_SWU_RO_ = "BLS12381G1_XMD:SHA-256_SSWU_RO_"
+    P256_XMDSHA256_SSWU_NU_ = "P256_XMD:SHA-256_SSWU_NU_"
+    P256_XMDSHA256_SSWU_RO_ = "P256_XMD:SHA-256_SSWU_RO_"
+    P384_XMDSHA384_SSWU_NU_ = "P384_XMD:SHA-384_SSWU_NU_"
+    P384_XMDSHA384_SSWU_RO_ = "P384_XMD:SHA-384_SSWU_RO_"
+    P521_XMDSHA512_SSWU_NU_ = "P521_XMD:SHA-512_SSWU_NU_"
+    P521_XMDSHA512_SSWU_RO_ = "P521_XMD:SHA-512_SSWU_RO_"
     # Initialize suite
     # @param [String] id Suite id.
     # @param [String] dst Domain separation tag.
     def initialize(id, dst)
       @id = id
+      @k = 128
+      @m = 1
       case id
       when SECP256K1_XMDSHA256_SSWU_NU_, SECP256K1_XMDSHA256_SSWU_RO_
         @curve = ECDSA::Group::Secp256k1
-        @k = 128
         @exp = Expander.get(HashFunc::SHA256, dst, @k)
-        @m = 1
         @l = 48
         @map = M2C::SSWUAB0.new(H2C::M2C::ISOGeny::Secp256k1.new, -11)
         @ro = (id == SECP256K1_XMDSHA256_SSWU_RO_)
+      when BLS12381G1_XMDSHA256_SWU_NU_, BLS12381G1_XMDSHA256_SWU_RO_
+        @curve = ECDSA::Group::BLS12381G1
+        @exp = Expander.get(HashFunc::SHA256, dst, @k)
+        @l = 64
+        @map = M2C::SSWUAB0.new(H2C::M2C::ISOGeny::BLS12381G1.new, 11)
+        @ro = (id == BLS12381G1_XMDSHA256_SWU_RO_)
+      when P256_XMDSHA256_SSWU_NU_, P256_XMDSHA256_SSWU_RO_
+        @curve = ECDSA::Group::Nistp256
+        @exp = Expander.get(HashFunc::SHA256, dst, @k)
+        @l = 48
+        @map = M2C::SSWU.new(ECDSA::Group::Nistp256, -10)
+        @ro = (id == P256_XMDSHA256_SSWU_RO_)
+      when P384_XMDSHA384_SSWU_NU_, P384_XMDSHA384_SSWU_RO_
+        @k = 192
+        @curve = ECDSA::Group::Nistp384
+        @exp = Expander.get(HashFunc::SHA384, dst, @k)
+        @l = 72
+        @map = M2C::SSWU.new(ECDSA::Group::Nistp384, -12)
+        @ro = (id == P384_XMDSHA384_SSWU_RO_)
+      when P521_XMDSHA512_SSWU_NU_, P521_XMDSHA512_SSWU_RO_
+        @k = 256
+        @curve = ECDSA::Group::Nistp521
+        @exp = Expander.get(HashFunc::SHA512, dst, @k)
+        @l = 98
+        @map = M2C::SSWU.new(ECDSA::Group::Nistp521, -4)
+        @ro = (id == P521_XMDSHA512_SSWU_RO_)
       else
         raise H2C::Error, "suite #{curve} unsupported."
       end

data/lib/h2c/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module H2C
-  VERSION = "0.1.0"
+  VERSION = "0.2.0"
 end

data/lib/h2c.rb CHANGED Viewed

@@ -18,11 +18,12 @@ module H2C
   # Hash function name
   module HashFunc
     SHA256 = "SHA256"
+    SHA384 = "SHA384"
     SHA512 = "SHA512"
     SHAKE128 = "SHAKE128"
     SHAKE256 = "SHAKE256"
-    XMD_FUNCS = [SHA256, SHA512].freeze
+    XMD_FUNCS = [SHA256, SHA384, SHA512].freeze
     XOF_FUNCS = [SHAKE128, SHAKE256].freeze
   end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: h2c
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - azuchi
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-01-12 00:00:00.000000000 Z
+date: 2023-01-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ecdsa
@@ -46,6 +46,8 @@ files:
 - bin/setup
 - h2c.gemspec
 - lib/ext/curve.rb
+- lib/ext/curve/bls12381_g1.rb
+- lib/ext/curve/bls12381_g1_11iso.rb
 - lib/ext/curve/secp256k1_3iso.rb
 - lib/h2c.rb
 - lib/h2c/expander.rb
@@ -53,6 +55,7 @@ files:
 - lib/h2c/hash_to_point.rb
 - lib/h2c/m2c.rb
 - lib/h2c/m2c/isogeny.rb
+- lib/h2c/m2c/isogeny/bls12381_g1.rb
 - lib/h2c/m2c/isogeny/secp256k1.rb
 - lib/h2c/m2c/sswu.rb
 - lib/h2c/m2c/sswuab0.rb