ec/point_ops.rs
1//! Generic point abstraction.
2//!
3//! Points are parameterized by their curve model through the associated type
4//! `Curve`. This lets us reuse the same interface across Weierstrass,
5//! Montgomery, Edwards, etc., while keeping model-specific formulas inside
6//! each implementation.
7use fp::field_ops::FieldOps;
8use subtle::ConditionallySelectable;
9
10/// Generic group interface for curve points.
11///
12/// We intentionally do **not** require the standard operator traits here
13/// (`Add`, `Sub`, `Mul`, `Neg`) because point addition and negation usually
14/// need access to the curve parameters. The clean abstraction boundary is a
15/// method-based API taking `&Self::Curve` explicitly.
16pub trait PointOps: Clone + ConditionallySelectable {
17 /// The base field $\mathbb{F}_{p^M}$
18 type BaseField: FieldOps;
19
20 /// The elliptic curve we're working on
21 type Curve;
22
23 /// Returns the identity
24 fn identity(curve: &Self::Curve) -> Self;
25
26 /// Returns true if and only if `self` is the identity
27 fn is_identity(&self) -> bool;
28
29 /// Negate a point
30 fn negate(&self, curve: &Self::Curve) -> Self;
31
32 /// Scalar multiplication `[k]P` (variable-time double-and-add).
33 ///
34 /// Provided as a default so every `PointOps` implementor gets it
35 /// automatically.
36 fn scalar_mul(&self, k: &[u64], curve: &Self::Curve) -> Self;
37}
38
39/// Extension trait for points that support full group addition.
40///
41/// Not every point representation can add two arbitrary points (e.g.
42/// Montgomery x-only points). Protocols that need addition (like ElGamal)
43/// should bound on `PointAdd` instead of plain `PointOps`.
44pub trait PointAdd: PointOps {
45 /// Add a pair of points
46 fn add(&self, other: &Self, curve: &Self::Curve) -> Self;
47}