Type Definition curve25519_dalek::field::FieldElement
[−]
[src]
type FieldElement = FieldElement32;
A FieldElement
represents an element of the field GF(2255 - 19).
Methods
impl FieldElement
[src]
fn is_negative_ed25519(&self) -> u8
[src]
Determine if this FieldElement
is negative, in the sense
used in the ed25519 paper: x
is negative if the low bit is
set.
Return
If negative, return 1u8
. Otherwise, return 0u8
.
fn is_negative_decaf(&self) -> u8
[src]
Determine if this FieldElement
is negative, in the
sense used by Decaf: x
is nonnegative if the least
absolute residue for x
lies in [0, (p-1)/2]
, and
is negative otherwise.
Return
Returns 1u8
if negative, 0u8
if nonnegative.
Implementation
Uses a trick borrowed from Mike Hamburg's code. Let x \in F_p
and let y \in Z
be the least absolute residue for x
.
Suppose y ≤ (p-1)/2
. Then 2y < p
so 2y = 2y mod p
and
2y mod p
is even. On the other hand, if y > (p-1)/2
then
2y ≥ p
; since y < p
, 2y \in [p, 2p)
, so 2y mod p = 2y-p
, which is odd.
Thus we can test whether y ≤ (p-1)/2
by checking whether 2y mod p
is even.
fn is_nonnegative_decaf(&self) -> u8
[src]
Determine if this FieldElement
is nonnegative, in the
sense used by Decaf: x
is nonnegative if the least
absolute residue for x
lies in [0, (p-1)/2]
, and
is negative otherwise.
fn is_zero(&self) -> u8
[src]
fn is_nonzero(&self) -> u8
[src]
fn invert(&self) -> FieldElement
[src]
Given a nonzero field element, compute its inverse.
The inverse is computed as selfp-2, since xp-2x = xp-1 = 1 (mod p).
fn pow_p58(&self) -> FieldElement
[src]
Raise this field element to the power (p-5)/8 = 2252 -3. Used in decoding.
fn sqrt_ratio(u: &FieldElement, v: &FieldElement) -> (u8, FieldElement)
[src]
Given FieldElements
u
and v
, attempt to compute
sqrt(u/v)
in constant time.
It would be much better to use an Option
type here, but
doing so forces the caller to branch, which we don't want to
do. This seems like the least bad solution.
Return
(1u8, sqrt(u/v))
ifv
is nonzero andu/v
is square;(0u8, zero)
ifv
is zero;(0u8, garbage)
ifu/v
is nonsquare.
fn invsqrt(&self) -> (u8, FieldElement)
[src]
For self
a nonzero square, compute 1/sqrt(self) in
constant time.
It would be much better to use an Option
type here, but
doing so forces the caller to branch, which we don't want to
do. This seems like the least bad solution.
Return
(1u8, 1/sqrt(self))
ifself
is a nonzero square;(0u8, zero)
ifself
is zero;(0u8, garbage)
ifself
is nonsquare.
fn chi(&self) -> FieldElement
[src]
chi calculates self^((p-1)/2)
.
Return
- If this element is a non-zero square, returns
1
. - If it is zero, returns
0
. - If it is non-square, returns
-1
.
Trait Implementations
impl Eq for FieldElement
[src]
impl PartialEq for FieldElement
[src]
fn eq(&self, other: &FieldElement) -> bool
[src]
Test equality between two FieldElement
s. Since the
internal representation is not canonical, the field elements
are normalized to wire format before comparison.
Warning
This comparison is not constant time. It could easily be
made to be, but the main use of an Eq
implementation is for
branching, so it seems pointless to do so.
fn ne(&self, other: &Rhs) -> bool
1.0.0[src]
This method tests for !=
.
impl Equal for FieldElement
[src]
fn ct_eq(&self, other: &FieldElement) -> u8
[src]
Test equality between two FieldElement
s. Since the
internal representation is not canonical, the field elements
are normalized to wire format before comparison.
Returns
1u8
if the two FieldElement
s are equal, and 0u8
otherwise.