Struct curve25519_dalek::edwards::EdwardsPoint[][src]

pub struct EdwardsPoint {
    pub(crate) X: FieldElement51,
    pub(crate) Y: FieldElement51,
    pub(crate) Z: FieldElement51,
    pub(crate) T: FieldElement51,
}
Expand description

An EdwardsPoint represents a point on the Edwards form of Curve25519.

Fields

X: FieldElement51Y: FieldElement51Z: FieldElement51T: FieldElement51

Implementations

Convert to a ProjectiveNielsPoint

Convert the representation of this point from extended coordinates to projective coordinates.

Free.

Dehomogenize to a AffineNielsPoint. Mainly for testing.

Convert this EdwardsPoint on the Edwards model to the corresponding MontgomeryPoint on the Montgomery model.

This function has one exceptional case; the identity point of the Edwards curve is sent to the 2-torsion point \((0,0)\) on the Montgomery curve.

Note that this is a one-way conversion, since the Montgomery model does not retain sign information.

Compress this point to CompressedEdwardsY format.

Perform hashing to the group using the Elligator2 map

See https://tools.ietf.org/html/draft-irtf-cfrg-hash-to-curve-10#section-6.7.1

Add this point to itself.

Compute \(aA + bB\) in variable time, where \(B\) is the Ed25519 basepoint.

Multiply by the cofactor: return \([8]P\).

Compute \([2^k] P \) by successive doublings. Requires \( k > 0 \).

Determine if this point is of small order.

Return

  • true if self is in the torsion subgroup \( \mathcal E[8] \);
  • false if self is not in the torsion subgroup \( \mathcal E[8] \).

Example

use curve25519_dalek::constants;

// Generator of the prime-order subgroup
let P = constants::ED25519_BASEPOINT_POINT;
// Generator of the torsion subgroup
let Q = constants::EIGHT_TORSION[1];

// P has large order
assert_eq!(P.is_small_order(), false);

// Q has small order
assert_eq!(Q.is_small_order(), true);

Determine if this point is “torsion-free”, i.e., is contained in the prime-order subgroup.

Return

  • true if self has zero torsion component and is in the prime-order subgroup;
  • false if self has a nonzero torsion component and is not in the prime-order subgroup.

Example

use curve25519_dalek::constants;

// Generator of the prime-order subgroup
let P = constants::ED25519_BASEPOINT_POINT;
// Generator of the torsion subgroup
let Q = constants::EIGHT_TORSION[1];

// P is torsion-free
assert_eq!(P.is_torsion_free(), true);

// P + Q is not torsion-free
assert_eq!((P+Q).is_torsion_free(), false);

Trait Implementations

The resulting type after applying the + operator.

Performs the + operation. Read more

The resulting type after applying the + operator.

Performs the + operation. Read more

The resulting type after applying the + operator.

Performs the + operation. Read more

The resulting type after applying the + operator.

Performs the + operation. Read more

The resulting type after applying the + operator.

Performs the + operation. Read more

The resulting type after applying the + operator.

Performs the + operation. Read more

Performs the += operation. Read more

Performs the += operation. Read more

Returns a copy of the value. Read more

Performs copy-assignment from source. Read more

Select a or b according to choice. Read more

Conditionally assign other to self, according to choice. Read more

Conditionally swap self and other if choice == 1; otherwise, reassign both unto themselves. Read more

Determine if two items are equal. Read more

Formats the value using the given formatter. Read more

Returns the “default value” for a type. Read more

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Returns the identity element of the curve. Can be used as a constructor. Read more

The resulting type after applying the * operator.

Performs the * operation. Read more

Scalar multiplication: compute scalar * self.

For scalar multiplication of a basepoint, EdwardsBasepointTable is approximately 4x faster.

The resulting type after applying the * operator.

The resulting type after applying the * operator.

Performs the * operation. Read more

Scalar multiplication: compute scalar * self.

For scalar multiplication of a basepoint, EdwardsBasepointTable is approximately 4x faster.

The resulting type after applying the * operator.

The resulting type after applying the * operator.

Performs the * operation. Read more

The resulting type after applying the * operator.

Performs the * operation. Read more

The resulting type after applying the * operator.

Performs the * operation. Read more

The resulting type after applying the * operator.

Performs the * operation. Read more

Performs the *= operation. Read more

Performs the *= operation. Read more

The type of point being multiplied, e.g., RistrettoPoint.

Given an iterator of (possibly secret) scalars and an iterator of public points, compute $$ Q = c_1 P_1 + \cdots + c_n P_n. $$ Read more

The resulting type after applying the - operator.

Performs the unary - operation. Read more

The resulting type after applying the - operator.

Performs the unary - operation. Read more

This method tests for self and other values to be equal, and is used by ==. Read more

This method tests for !=.

The resulting type after applying the - operator.

Performs the - operation. Read more

The resulting type after applying the - operator.

Performs the - operation. Read more

The resulting type after applying the - operator.

Performs the - operation. Read more

The resulting type after applying the - operator.

Performs the - operation. Read more

The resulting type after applying the - operator.

Performs the - operation. Read more

The resulting type after applying the - operator.

Performs the - operation. Read more

Performs the -= operation. Read more

Performs the -= operation. Read more

Method which takes an iterator and generates Self from the elements by “summing up” the items. Read more

Checks whether the point is on the curve. Not CT.

The type of point being multiplied, e.g., RistrettoPoint.

Given an iterator of public scalars and an iterator of Options of points, compute either Some(Q), where $$ Q = c_1 P_1 + \cdots + c_n P_n, $$ if all points were Some(P_i), or else return None. Read more

Given an iterator of public scalars and an iterator of public points, compute $$ Q = c_1 P_1 + \cdots + c_n P_n, $$ using variable-time operations. Read more

Reset this CompressedEdwardsPoint to the identity element.

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more

Immutably borrows from an owned value. Read more

Mutably borrows from an owned value. Read more

Numeric cast from self to T.

Negate self if choice == Choice(1); otherwise, leave it unchanged. Read more

Performs the conversion.

Safe lossless bitwise transmute from T to Self.

Numeric cast from T to Self.

Performs the conversion.

Safe lossless bitwise transmute from self to T.

Return true if this element is the identity element of the curve.

Should always be Self

The resulting type after obtaining ownership.

Creates owned data from borrowed data, usually by cloning. Read more

🔬 This is a nightly-only experimental API. (toowned_clone_into)

recently added

Uses borrowed data to replace owned data, usually by cloning. Read more

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.