ExtendedPoint

clock_curve_math::field

Struct ExtendedPoint 

Source 
pub struct ExtendedPoint {
    pub x: FieldElement,
    pub y: FieldElement,
    pub z: FieldElement,
    pub t: FieldElement,
}
Expand description

Extended Edwards curve point representation.

Uses extended coordinates (X:Y:Z:T) where T = X·Y·Z⁻¹. This representation is optimized for Edwards curve arithmetic and enables faster point addition and doubling operations.

The curve equation in extended coordinates becomes: X² + Y² = Z² + d·X²·Y²

§Coordinate Meaning

  • x: X-coordinate in extended form
  • y: Y-coordinate in extended form
  • z: Z-coordinate (denominator)
  • t: T-coordinate where T = X·Y·Z⁻¹

§Security

All operations are constant-time to prevent timing attacks. Point validation methods ensure mathematical consistency.

Fields§

§x: FieldElement

X-coordinate

§y: FieldElement

Y-coordinate

§z: FieldElement

Z-coordinate (denominator)

§t: FieldElement

T-coordinate where T = X·Y·Z⁻¹

Implementations§

Source§

impl ExtendedPoint

Source

pub fn new( x: FieldElement, y: FieldElement, z: FieldElement, t: FieldElement, ) -> Self

Create a new extended point with the given coordinates.

§Warning

This constructor does not validate that the point satisfies the curve equation. Use is_on_curve() to verify the point is valid.

Source

pub fn identity() -> Self

Create the identity element (point at infinity).

In extended coordinates, the point at infinity is represented as (0,1,1,0).

Source

pub fn from_affine(x: FieldElement, y: FieldElement) -> Self

Create a point from affine coordinates (x, y).

Converts (x, y) to extended coordinates (x, y, 1, x*y). This assumes the affine point is already on the curve.

Source

pub fn conditional_select(a: &Self, b: &Self, choice: Choice) -> Self

Constant-time conditional selection between two extended points.

Returns a if choice is true, otherwise returns b. This operation executes in constant time regardless of the choice value.

§Parameters
  • a - First point (selected when choice is true)
  • b - Second point (selected when choice is false)
  • choice - Selection choice
§Returns

The selected point based on the choice

§Security

This function is constant-time and safe for cryptographic use with secret choices.

Source

pub fn is_valid(&self) -> bool

Check if this point satisfies the extended coordinate invariant T = X·Y·Z⁻¹.

This validates the internal consistency of the extended point representation, but does not check if the point lies on the curve.

§Returns

true if the point coordinates are consistent, false otherwise

§Mathematical Check

Verifies: T * Z ≡ X * Y mod p

Source

pub fn is_on_curve(&self, curve: CurveType) -> bool

Check if this point lies on the specified Edwards curve.

Verifies that the point satisfies the Edwards curve equation: -x² + y² = 1 + d·x²·y²

This converts the point to affine coordinates first, then checks the equation. Points with Z = 0 are considered invalid and return false.

§Parameters
  • curve - The curve parameters defining the equation to check
§Returns

true if the point lies on the curve, false otherwise

Source

pub fn to_affine(&self) -> (FieldElement, FieldElement)

Convert this extended point to affine coordinates (x/z, y/z).

§Returns

A tuple (x, y) representing the affine coordinates

§Panics

Panics if Z = 0 (point at infinity or invalid representation)

Source

pub fn is_identity(&self) -> bool

Check if this point is the identity element (point at infinity).

In extended coordinates, the identity is represented as (0,1,1,0).

Source

pub fn add(&self, other: &Self, curve: CurveType) -> Self

Add two extended points on an Edwards curve.

Uses the complete extended Edwards addition formulas that work for all point combinations without special cases. This is more efficient than converting to affine coordinates first.

§Parameters
  • other - The point to add to this point
  • curve - The curve parameters defining the addition operation
§Returns

The sum of the two points in extended coordinates

Source

pub fn double(&self, curve: CurveType) -> Self

Double this extended point on an Edwards curve.

Uses the extended Edwards doubling formulas which are optimized for the case where both points are the same. This is more efficient than the general addition formula.

§Parameters
  • curve - The curve parameters defining the doubling operation
§Returns

The doubled point in extended coordinates

Source

pub fn scalar_mul(&self, scalar: &BigInt, curve: CurveType) -> Self

Compute scalar multiplication using the Montgomery ladder.

This method performs constant-time scalar multiplication k * P using the Montgomery ladder algorithm. The implementation uses extended coordinates to maintain curve membership and avoid coordinate conversions.

§Parameters
  • scalar - The scalar multiplier (secret value in cryptographic use)
  • curve - The curve parameters defining the group operation
§Returns

The result k * P in extended coordinates

§Security

This operation is constant-time and safe for cryptographic use with secret scalars. The Montgomery ladder prevents timing attacks by ensuring the same sequence of operations regardless of scalar bits.

Trait Implementations§

Source§

impl Clone for ExtendedPoint

Source§

fn clone(&self) -> ExtendedPoint

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for ExtendedPoint

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl PartialEq for ExtendedPoint

Source§

fn eq(&self, other: &ExtendedPoint) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Copy for ExtendedPoint

Source§

impl Eq for ExtendedPoint

Source§

impl StructuralPartialEq for ExtendedPoint

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.