Struct curve25519_dalek::edwards::EdwardsPoint

pub struct EdwardsPoint { /* private fields */ }

An EdwardsPoint represents a point on the Edwards form of Curve25519.

Implementations

impl EdwardsPoint

pub fn to_montgomery(&self) -> MontgomeryPoint

Convert this EdwardsPoint on the Edwards model to the corresponding MontgomeryPoint on the Montgomery model.

This function has one exceptional case; the identity point of the Edwards curve is sent to the 2-torsion point \((0,0)\) on the Montgomery curve.

Note that this is a one-way conversion, since the Montgomery model does not retain sign information.

pub fn compress(&self) -> CompressedEdwardsY

Compress this point to CompressedEdwardsY format.

pub fn hash_from_bytes<D>(bytes: &[u8]) -> EdwardsPoint where
    D: Digest<OutputSize = U64> + Default, 

Perform hashing to the group using the Elligator2 map

See https://tools.ietf.org/html/draft-irtf-cfrg-hash-to-curve-10#section-6.7.1

impl EdwardsPoint

pub fn vartime_double_scalar_mul_basepoint(
    a: &Scalar,
    A: &EdwardsPoint,
    b: &Scalar
) -> EdwardsPoint

Compute \(aA + bB\) in variable time, where \(B\) is the Ed25519 basepoint.

impl EdwardsPoint

pub fn mul_by_cofactor(&self) -> EdwardsPoint

Multiply by the cofactor: return \([8]P\).

pub fn is_small_order(&self) -> bool

Determine if this point is of small order.

Return

• true if self is in the torsion subgroup \( \mathcal E[8] \);
• false if self is not in the torsion subgroup \( \mathcal E[8] \).

Example

use curve25519_dalek::constants;

// Generator of the prime-order subgroup
let P = constants::ED25519_BASEPOINT_POINT;
// Generator of the torsion subgroup
let Q = constants::EIGHT_TORSION[1];

// P has large order
assert_eq!(P.is_small_order(), false);

// Q has small order
assert_eq!(Q.is_small_order(), true);

pub fn is_torsion_free(&self) -> bool

Determine if this point is “torsion-free”, i.e., is contained in the prime-order subgroup.

Return

• true if self has zero torsion component and is in the prime-order subgroup;
• false if self has a nonzero torsion component and is not in the prime-order subgroup.

Example

use curve25519_dalek::constants;

// Generator of the prime-order subgroup
let P = constants::ED25519_BASEPOINT_POINT;
// Generator of the torsion subgroup
let Q = constants::EIGHT_TORSION[1];

// P is torsion-free
assert_eq!(P.is_torsion_free(), true);

// P + Q is not torsion-free
assert_eq!((P+Q).is_torsion_free(), false);

Trait Implementations

impl<'a, 'b> Add<&'b EdwardsPoint> for &'a EdwardsPoint

type Output = EdwardsPoint

The resulting type after applying the + operator.

fn add(self, other: &'b EdwardsPoint) -> EdwardsPoint

Performs the + operation.

impl<'b> Add<&'b EdwardsPoint> for EdwardsPoint

type Output = EdwardsPoint

The resulting type after applying the + operator.

fn add(self, rhs: &'b EdwardsPoint) -> EdwardsPoint

Performs the + operation.

impl<'a> Add<EdwardsPoint> for &'a EdwardsPoint

type Output = EdwardsPoint

The resulting type after applying the + operator.

fn add(self, rhs: EdwardsPoint) -> EdwardsPoint

Performs the + operation.

impl Add<EdwardsPoint> for EdwardsPoint

type Output = EdwardsPoint

The resulting type after applying the + operator.

fn add(self, rhs: EdwardsPoint) -> EdwardsPoint

Performs the + operation.

impl<'b> AddAssign<&'b EdwardsPoint> for EdwardsPoint

fn add_assign(&mut self, _rhs: &'b EdwardsPoint)

Performs the += operation.

impl AddAssign<EdwardsPoint> for EdwardsPoint

fn add_assign(&mut self, rhs: EdwardsPoint)

Performs the += operation.

impl Clone for EdwardsPoint

fn clone(&self) -> EdwardsPoint

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl ConditionallySelectable for EdwardsPoint

fn conditional_select(
    a: &EdwardsPoint,
    b: &EdwardsPoint,
    choice: Choice
) -> EdwardsPoint

Select a or b according to choice.

fn conditional_assign(&mut self, other: &Self, choice: Choice)

Conditionally assign other to self, according to choice.

fn conditional_swap(a: &mut Self, b: &mut Self, choice: Choice)

Conditionally swap self and other if choice == 1; otherwise, reassign both unto themselves.

impl ConstantTimeEq for EdwardsPoint

fn ct_eq(&self, other: &EdwardsPoint) -> Choice

Determine if two items are equal.

impl Debug for EdwardsPoint

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for EdwardsPoint

fn default() -> EdwardsPoint

Returns the “default value” for a type.

impl Identity for EdwardsPoint

fn identity() -> EdwardsPoint

Returns the identity element of the curve. Can be used as a constructor.

impl<'b> Mul<&'b EdwardsPoint> for Scalar

type Output = EdwardsPoint

The resulting type after applying the * operator.

fn mul(self, rhs: &'b EdwardsPoint) -> EdwardsPoint

Performs the * operation.

impl<'a, 'b> Mul<&'b EdwardsPoint> for &'a Scalar

fn mul(self, point: &'b EdwardsPoint) -> EdwardsPoint

Scalar multiplication: compute scalar * self.

For scalar multiplication of a basepoint, EdwardsBasepointTable is approximately 4x faster.

type Output = EdwardsPoint

The resulting type after applying the * operator.

impl<'b> Mul<&'b Scalar> for EdwardsPoint

type Output = EdwardsPoint

The resulting type after applying the * operator.

fn mul(self, rhs: &'b Scalar) -> EdwardsPoint

Performs the * operation.

impl<'a, 'b> Mul<&'b Scalar> for &'a EdwardsPoint

fn mul(self, scalar: &'b Scalar) -> EdwardsPoint

Scalar multiplication: compute scalar * self.

For scalar multiplication of a basepoint, EdwardsBasepointTable is approximately 4x faster.

type Output = EdwardsPoint

The resulting type after applying the * operator.

impl<'a> Mul<EdwardsPoint> for &'a Scalar

type Output = EdwardsPoint

The resulting type after applying the * operator.

fn mul(self, rhs: EdwardsPoint) -> EdwardsPoint

Performs the * operation.

impl Mul<EdwardsPoint> for Scalar

type Output = EdwardsPoint

The resulting type after applying the * operator.

fn mul(self, rhs: EdwardsPoint) -> EdwardsPoint

Performs the * operation.

impl<'a> Mul<Scalar> for &'a EdwardsPoint

type Output = EdwardsPoint

The resulting type after applying the * operator.

fn mul(self, rhs: Scalar) -> EdwardsPoint

Performs the * operation.

impl Mul<Scalar> for EdwardsPoint

type Output = EdwardsPoint

The resulting type after applying the * operator.

fn mul(self, rhs: Scalar) -> EdwardsPoint

Performs the * operation.

impl<'b> MulAssign<&'b Scalar> for EdwardsPoint

fn mul_assign(&mut self, scalar: &'b Scalar)

Performs the *= operation.

impl MulAssign<Scalar> for EdwardsPoint

fn mul_assign(&mut self, rhs: Scalar)

Performs the *= operation.

impl MultiscalarMul for EdwardsPoint

type Point = EdwardsPoint

The type of point being multiplied, e.g., RistrettoPoint.

fn multiscalar_mul<I, J>(scalars: I, points: J) -> EdwardsPoint where
    I: IntoIterator,
    I::Item: Borrow<Scalar>,
    J: IntoIterator,
    J::Item: Borrow<EdwardsPoint>, 

Given an iterator of (possibly secret) scalars and an iterator of public points, compute $$ Q = c_1 P_1 + \cdots + c_n P_n. $$

impl<'a> Neg for &'a EdwardsPoint

type Output = EdwardsPoint

The resulting type after applying the - operator.

fn neg(self) -> EdwardsPoint

Performs the unary - operation.

impl Neg for EdwardsPoint

type Output = EdwardsPoint

The resulting type after applying the - operator.

fn neg(self) -> EdwardsPoint

Performs the unary - operation.

impl PartialEq<EdwardsPoint> for EdwardsPoint

fn eq(&self, other: &EdwardsPoint) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

This method tests for !=.

impl<'a, 'b> Sub<&'b EdwardsPoint> for &'a EdwardsPoint

type Output = EdwardsPoint

The resulting type after applying the - operator.

fn sub(self, other: &'b EdwardsPoint) -> EdwardsPoint

Performs the - operation.

impl<'b> Sub<&'b EdwardsPoint> for EdwardsPoint

type Output = EdwardsPoint

The resulting type after applying the - operator.

fn sub(self, rhs: &'b EdwardsPoint) -> EdwardsPoint

Performs the - operation.

impl<'a> Sub<EdwardsPoint> for &'a EdwardsPoint

type Output = EdwardsPoint

The resulting type after applying the - operator.

fn sub(self, rhs: EdwardsPoint) -> EdwardsPoint

Performs the - operation.

impl Sub<EdwardsPoint> for EdwardsPoint

type Output = EdwardsPoint

The resulting type after applying the - operator.

fn sub(self, rhs: EdwardsPoint) -> EdwardsPoint

Performs the - operation.

impl<'b> SubAssign<&'b EdwardsPoint> for EdwardsPoint

fn sub_assign(&mut self, _rhs: &'b EdwardsPoint)

Performs the -= operation.

impl SubAssign<EdwardsPoint> for EdwardsPoint

fn sub_assign(&mut self, rhs: EdwardsPoint)

Performs the -= operation.

impl<T> Sum<T> for EdwardsPoint where
    T: Borrow<EdwardsPoint>, 

fn sum<I>(iter: I) -> Self where
    I: Iterator<Item = T>, 

Method which takes an iterator and generates Self from the elements by “summing up” the items.

impl VartimeMultiscalarMul for EdwardsPoint

type Point = EdwardsPoint

The type of point being multiplied, e.g., RistrettoPoint.

fn optional_multiscalar_mul<I, J>(scalars: I, points: J) -> Option<EdwardsPoint> where
    I: IntoIterator,
    I::Item: Borrow<Scalar>,
    J: IntoIterator<Item = Option<EdwardsPoint>>, 

Given an iterator of public scalars and an iterator of Options of points, compute either Some(Q), where $$ Q = c_1 P_1 + \cdots + c_n P_n, $$ if all points were Some(P_i), or else return None.

fn vartime_multiscalar_mul<I, J>(scalars: I, points: J) -> Self::Point where
    I: IntoIterator,
    I::Item: Borrow<Scalar>,
    J: IntoIterator,
    J::Item: Borrow<Self::Point>,
    Self::Point: Clone, 

Given an iterator of public scalars and an iterator of public points, compute $$ Q = c_1 P_1 + \cdots + c_n P_n, $$ using variable-time operations.

impl Zeroize for EdwardsPoint

fn zeroize(&mut self)

Reset this CompressedEdwardsPoint to the identity element.

impl Copy for EdwardsPoint

impl Eq for EdwardsPoint