Struct curve25519_dalek::backend::serial::u64::field::FieldElement51

source ·

pub struct FieldElement51(_);

Available on curve25519_dalek_bits="64" only.

Expand description

A FieldElement51 represents an element of the field \( \mathbb Z / (2^{255} - 19)\).

In the 64-bit implementation, a FieldElement is represented in radix \(2^{51}\) as five u64s; the coefficients are allowed to grow up to \(2^{54}\) between reductions modulo \(p\).

Note

The curve25519_dalek::field module provides a type alias curve25519_dalek::field::FieldElement to either FieldElement51 or FieldElement2625.

The backend-specific type FieldElement51 should not be used outside of the curve25519_dalek::field module.

Implementations§

source §

impl FieldElement51

source

pub fn is_negative(&self) -> Choice

Determine if this FieldElement is negative, in the sense used in the ed25519 paper: x is negative if the low bit is set.

Return

If negative, return Choice(1). Otherwise, return Choice(0).

source

pub fn is_zero(&self) -> Choice

Determine if this FieldElement is zero.

Return

If zero, return Choice(1). Otherwise, return Choice(0).

source

pub fn batch_invert(inputs: &mut [FieldElement51])

Available on crate feature alloc only.

Given a slice of public FieldElements, replace each with its inverse.

When an input FieldElement is zero, its value is unchanged.

source

pub fn invert(&self) -> FieldElement51

Given a nonzero field element, compute its inverse.

The inverse is computed as self^(p-2), since x^(p-2)x = x^(p-1) = 1 (mod p).

This function returns zero on input zero.

source

pub fn sqrt_ratio_i( u: &FieldElement51, v: &FieldElement51 ) -> (Choice, FieldElement51)

Given FieldElements u and v, compute either sqrt(u/v) or sqrt(i*u/v) in constant time.

This function always returns the nonnegative square root.

Return

(Choice(1), +sqrt(u/v)) if v is nonzero and u/v is square;
(Choice(1), zero) if u is zero;
(Choice(0), zero) if v is zero and u is nonzero;
(Choice(0), +sqrt(i*u/v)) if u/v is nonsquare (so i*u/v is square).

source

pub fn invsqrt(&self) -> (Choice, FieldElement51)

Attempt to compute sqrt(1/self) in constant time.

Convenience wrapper around sqrt_ratio_i.

This function always returns the nonnegative square root.

Return

(Choice(1), +sqrt(1/self)) if self is a nonzero square;
(Choice(0), zero) if self is zero;
(Choice(0), +sqrt(i/self)) if self is a nonzero nonsquare;

source §

impl FieldElement51

source

pub const ZERO: FieldElement51 = _

The scalar \( 0 \).

source

pub const ONE: FieldElement51 = _

The scalar \( 1 \).

source

pub const MINUS_ONE: FieldElement51 = _

The scalar \( -1 \).

source

pub fn negate(&mut self)

Invert the sign of this field element

source

pub fn from_bytes(bytes: &[u8; 32]) -> FieldElement51

Load a FieldElement51 from the low 255 bits of a 256-bit input.

This function does not check that the input used the canonical representative. It masks the high bit, but it will happily decode 2^255 - 18 to 1. Applications that require a canonical encoding of every field element should decode, re-encode to the canonical encoding, and check that the input was canonical.

source

pub fn as_bytes(&self) -> [u8; 32]

Serialize this FieldElement51 to a 32-byte array. The encoding is canonical.

source

pub fn pow2k(&self, k: u32) -> FieldElement51

Given k > 0, return self^(2^k).

source

pub fn square(&self) -> FieldElement51

Returns the square of this field element.

source

pub fn square2(&self) -> FieldElement51

Returns 2 times the square of this field element.

Trait Implementations§

source §

impl<'a, 'b> Add<&'b FieldElement51> for &'a FieldElement51

§

type Output = FieldElement51

The resulting type after applying the + operator.

source §

fn add(self, _rhs: &'b FieldElement51) -> FieldElement51

Performs the + operation. Read more

source §

impl<'b> AddAssign<&'b FieldElement51> for FieldElement51

source §

fn add_assign(&mut self, _rhs: &'b FieldElement51)

Performs the += operation. Read more

source §

impl Clone for FieldElement51

source §

fn clone(&self) -> FieldElement51

Returns a copy of the value. Read more

1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

source §

impl ConditionallySelectable for FieldElement51

source §

fn conditional_select( a: &FieldElement51, b: &FieldElement51, choice: Choice ) -> FieldElement51

Select a or b according to choice. Read more

source §

fn conditional_swap( a: &mut FieldElement51, b: &mut FieldElement51, choice: Choice )

Conditionally swap self and other if choice == 1; otherwise, reassign both unto themselves. Read more

source §

fn conditional_assign(&mut self, other: &FieldElement51, choice: Choice)

Conditionally assign other to self, according to choice. Read more

source §

impl ConstantTimeEq for FieldElement51

source §

fn ct_eq(&self, other: &FieldElement51) -> Choice

Test equality between two FieldElements. Since the internal representation is not canonical, the field elements are normalized to wire format before comparison.

source §