Type Definition curve25519_dalek::field::FieldElement

type FieldElement = FieldElement32;

A FieldElement represents an element of the field GF(2²⁵⁵ - 19).

Methods

impl FieldElement

fn is_negative(&self) -> u8

Determine if this FieldElement is negative, in the sense used in the ed25519 paper: x is negative if the low bit is set.

Return

If negative, return 1u8. Otherwise, return 0u8.

fn is_zero(&self) -> u8

Determine if this FieldElement is zero.

Return

If zero, return 1u8. Otherwise, return 0u8.

fn is_nonzero(&self) -> u8

Determine if this FieldElement is non-zero.

Return

If non-zero, return 1u8. Otherwise, return 0u8.

fn invert(&self) -> FieldElement

Given a nonzero field element, compute its inverse.

The inverse is computed as self^p-2, since x^p-2x = x^p-1 = 1 (mod p).

fn pow_p58(&self) -> FieldElement

Raise this field element to the power (p-5)/8 = 2²⁵² -3. Used in decoding.

fn sqrt_ratio(u: &FieldElement, v: &FieldElement) -> (u8, FieldElement)

Given FieldElements u and v, attempt to compute sqrt(u/v) in constant time.

This function always returns the nonnegative square root, if it exists.

It would be much better to use an Option type here, but doing so forces the caller to branch, which we don't want to do. This seems like the least bad solution.

Return

• (1u8, sqrt(u/v)) if v is nonzero and u/v is square;
• (0u8, zero) if v is zero;
• (0u8, garbage) if u/v is nonsquare.

fn invsqrt(&self) -> (u8, FieldElement)

For self a nonzero square, compute 1/sqrt(self) in constant time.

It would be much better to use an Option type here, but doing so forces the caller to branch, which we don't want to do. This seems like the least bad solution.

Return

• (1u8, 1/sqrt(self)) if self is a nonzero square;
• (0u8, zero) if self is zero;
• (0u8, garbage) if self is nonsquare.

fn chi(&self) -> FieldElement

chi calculates self^((p-1)/2).

Return

• If this element is a non-zero square, returns 1.
• If it is zero, returns 0.
• If it is non-square, returns -1.

Trait Implementations

impl Eq for FieldElement

impl PartialEq for FieldElement

fn eq(&self, other: &FieldElement) -> bool

Test equality between two FieldElements. Since the internal representation is not canonical, the field elements are normalized to wire format before comparison.

Warning

This comparison is not constant time. It could easily be made to be, but the main use of an Eq implementation is for branching, so it seems pointless to do so.

fn ne(&self, other: &Rhs) -> bool

This method tests for !=.

impl Equal for FieldElement

fn ct_eq(&self, other: &FieldElement) -> u8

Test equality between two FieldElements. Since the internal representation is not canonical, the field elements are normalized to wire format before comparison.

Returns

1u8 if the two FieldElements are equal, and 0u8 otherwise.