Struct p256::Scalar

pub struct Scalar(_);

This is supported on crate feature arithmetic only.

Scalars are elements in the finite field modulo n.

Trait impls

Much of the important functionality of scalars is provided by traits from the ff crate, which is re-exported as p256::elliptic_curve::ff:

• Field - represents elements of finite fields and provides:
  • Field::random - generate a random scalar
  • double, square, and invert operations
  • Bounds for Add, Sub, Mul, and Neg (as well as *Assign equivalents)
  • Bounds for ConditionallySelectable from the subtle crate
• PrimeField - represents elements of prime fields and provides:
  • from_repr/to_repr for converting field elements from/to big integers.
  • char_le_bits, multiplicative_generator, root_of_unity constants.
• PrimeFieldBits - operations over field elements represented as bits (requires bits feature)

Please see the documentation for the relevant traits for more information.

Implementations

impl Scalar

pub const fn zero() -> Scalar

Returns the zero scalar.

pub const fn one() -> Scalar

Returns the multiplicative identity.

pub fn from_bytes_reduced(bytes: &FieldBytes) -> Self

Parses the given byte array as a scalar.

Subtracts the modulus when the byte array is larger than the modulus.

pub fn to_bytes(&self) -> FieldBytes

Returns the SEC1 encoding of this scalar.

pub fn is_zero(&self) -> Choice

Determine if this Scalar is zero.

Returns

If zero, return Choice(1). Otherwise, return Choice(0).

pub const fn add(&self, rhs: &Self) -> Self

Returns self + rhs mod n

pub const fn double(&self) -> Self

Returns 2*self.

pub const fn subtract(&self, rhs: &Self) -> Self

Returns self - rhs mod n

pub const fn mul(&self, rhs: &Self) -> Self

Returns self * rhs mod n

pub const fn square(&self) -> Self

Returns self * self mod p

pub fn pow_vartime(&self, by: &[u64; 4]) -> Self

Returns self^by, where by is a little-endian integer exponent.

This operation is variable time with respect to the exponent. If the exponent is fixed, this operation is effectively constant time.

pub fn invert(&self) -> CtOption<Self>

Returns the multiplicative inverse of self, if self is non-zero

pub fn is_odd(&self) -> Choice

Is integer representing equivalence class odd

pub fn is_even(&self) -> Choice

Is integer representing equivalence class even

pub fn invert_vartime(&self) -> CtOption<Self>

Faster inversion using Stein’s algorithm

Trait Implementations

impl Add<&'_ Scalar> for &Scalar

type Output = Scalar

The resulting type after applying the + operator.

fn add(self, other: &Scalar) -> Scalar

Performs the + operation.

impl Add<&'_ Scalar> for Scalar

type Output = Scalar

The resulting type after applying the + operator.

fn add(self, other: &Scalar) -> Scalar

Performs the + operation.

impl Add<Scalar> for Scalar

type Output = Scalar

The resulting type after applying the + operator.

fn add(self, other: Scalar) -> Scalar

Performs the + operation.

impl AddAssign<&'_ Scalar> for Scalar

fn add_assign(&mut self, rhs: &Scalar)

Performs the += operation.

impl AddAssign<Scalar> for Scalar

fn add_assign(&mut self, rhs: Scalar)

Performs the += operation.

impl Borrow<Scalar> for BlindedScalar

fn borrow(&self) -> &Scalar

Immutably borrows from an owned value.

impl Clone for Scalar

fn clone(&self) -> Scalar

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl ConditionallySelectable for Scalar

fn conditional_select(a: &Self, b: &Self, choice: Choice) -> Self

Select a or b according to choice.

fn conditional_assign(&mut self, other: &Self, choice: Choice)

Conditionally assign other to self, according to choice.

fn conditional_swap(a: &mut Self, b: &mut Self, choice: Choice)

Conditionally swap self and other if choice == 1; otherwise, reassign both unto themselves.

impl ConstantTimeEq for Scalar

fn ct_eq(&self, other: &Self) -> Choice

Determine if two items are equal.

impl Debug for Scalar

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for Scalar

fn default() -> Scalar

Returns the “default value” for a type.

impl Field for Scalar

fn random(rng: impl RngCore) -> Self

Returns an element chosen uniformly at random using a user-provided RNG.

fn zero() -> Self

Returns the zero element of the field, the additive identity.

fn one() -> Self

Returns the one element of the field, the multiplicative identity.

fn is_zero(&self) -> bool

Returns true iff this element is zero.

#[must_use]

fn square(&self) -> Self

Squares this element.

#[must_use]

fn double(&self) -> Self

Doubles this element.

fn invert(&self) -> CtOption<Self>

Computes the multiplicative inverse of this element, failing if the element is zero.

fn sqrt(&self) -> CtOption<Self>

Returns the square root of the field element, if it is quadratic residue.

#[must_use]

fn cube(&self) -> Self

Cubes this element.

fn pow_vartime<S>(&self, exp: S) -> Self where
    S: AsRef<[u64]>, 

Exponentiates self by exp, where exp is a little-endian order integer exponent.

impl From<&'_ Scalar> for ScalarBits

This is supported on crate feature bits only.

fn from(scalar: &Scalar) -> ScalarBits

Performs the conversion.

impl From<&'_ Scalar> for FieldBytes

fn from(scalar: &Scalar) -> Self

Performs the conversion.

impl From<&'_ SecretKey<NistP256>> for Scalar

fn from(secret_key: &SecretKey) -> Scalar

Performs the conversion.

impl From<Scalar> for FieldBytes

fn from(scalar: Scalar) -> Self

Performs the conversion.

impl From<u64> for Scalar

fn from(k: u64) -> Self

Performs the conversion.

impl FromDigest<NistP256> for Scalar

This is supported on crate feature digest only.

fn from_digest<D>(digest: D) -> Self where
    D: Digest<OutputSize = U32>, 

Convert the output of a digest algorithm into a Scalar reduced modulo n.

impl Mul<&'_ Scalar> for AffinePoint

type Output = ProjectivePoint

The resulting type after applying the * operator.

fn mul(self, scalar: &Scalar) -> ProjectivePoint

Performs the * operation.

impl Mul<&'_ Scalar> for &ProjectivePoint

type Output = ProjectivePoint

The resulting type after applying the * operator.

fn mul(self, other: &Scalar) -> ProjectivePoint

Performs the * operation.

impl Mul<&'_ Scalar> for ProjectivePoint

type Output = ProjectivePoint

The resulting type after applying the * operator.

fn mul(self, other: &Scalar) -> ProjectivePoint

Performs the * operation.

impl Mul<&'_ Scalar> for &Scalar

type Output = Scalar

The resulting type after applying the * operator.

fn mul(self, other: &Scalar) -> Scalar

Performs the * operation.

impl Mul<&'_ Scalar> for Scalar

type Output = Scalar

The resulting type after applying the * operator.

fn mul(self, other: &Scalar) -> Scalar

Performs the * operation.

impl Mul<Scalar> for AffinePoint

type Output = ProjectivePoint

The resulting type after applying the * operator.

fn mul(self, scalar: Scalar) -> ProjectivePoint

Performs the * operation.

impl Mul<Scalar> for ProjectivePoint

type Output = ProjectivePoint

The resulting type after applying the * operator.

fn mul(self, other: Scalar) -> ProjectivePoint

Performs the * operation.

impl Mul<Scalar> for Scalar

type Output = Scalar

The resulting type after applying the * operator.

fn mul(self, other: Scalar) -> Scalar

Performs the * operation.

impl MulAssign<&'_ Scalar> for ProjectivePoint

fn mul_assign(&mut self, rhs: &Scalar)

Performs the *= operation.

impl MulAssign<&'_ Scalar> for Scalar

fn mul_assign(&mut self, rhs: &Scalar)

Performs the *= operation.

impl MulAssign<Scalar> for ProjectivePoint

fn mul_assign(&mut self, rhs: Scalar)

Performs the *= operation.

impl MulAssign<Scalar> for Scalar

fn mul_assign(&mut self, rhs: Scalar)

Performs the *= operation.

impl Neg for Scalar

type Output = Scalar

The resulting type after applying the - operator.

fn neg(self) -> Scalar

Performs the unary - operation.

impl<'a> Neg for &'a Scalar

type Output = Scalar

The resulting type after applying the - operator.

fn neg(self) -> Scalar

Performs the unary - operation.

impl Ord for Scalar

fn cmp(&self, other: &Self) -> Ordering

This method returns an Ordering between self and other.

#[must_use]

fn max(self, other: Self) -> Self

Compares and returns the maximum of two values.

#[must_use]

fn min(self, other: Self) -> Self

Compares and returns the minimum of two values.

#[must_use]

fn clamp(self, min: Self, max: Self) -> Self

Restrict a value to a certain interval.

impl PartialEq<Scalar> for Scalar

fn eq(&self, other: &Self) -> bool

This method tests for self and other values to be equal, and is used by ==.

#[must_use]

fn ne(&self, other: &Rhs) -> bool

This method tests for !=.

impl PartialOrd<Scalar> for Scalar

fn partial_cmp(&self, other: &Self) -> Option<Ordering>

This method returns an ordering between self and other values if one exists.

#[must_use]

fn lt(&self, other: &Rhs) -> bool

This method tests less than (for self and other) and is used by the < operator.

#[must_use]

fn le(&self, other: &Rhs) -> bool

This method tests less than or equal to (for self and other) and is used by the <= operator.

#[must_use]

fn gt(&self, other: &Rhs) -> bool

This method tests greater than (for self and other) and is used by the > operator.

#[must_use]

fn ge(&self, other: &Rhs) -> bool

This method tests greater than or equal to (for self and other) and is used by the >= operator.

impl PrimeField for Scalar

fn from_repr(bytes: FieldBytes) -> Option<Self>

Attempts to parse the given byte array as an SEC1-encoded scalar.

Returns None if the byte array does not contain a big-endian integer in the range [0, p).

type Repr = FieldBytes

The prime field can be converted back and forth into this binary representation.

const NUM_BITS: u32

How many bits are needed to represent an element of this field.

const CAPACITY: u32

How many bits of information can be reliably stored in the field element.

const S: u32

An integer s satisfying the equation 2^s * t = modulus - 1 with t odd.

fn to_repr(&self) -> FieldBytes

Converts an element of the prime field into the standard byte representation for this field.

fn is_odd(&self) -> bool

Returns true iff this element is odd.

fn multiplicative_generator() -> Self

Returns a fixed multiplicative generator of modulus - 1 order. This element must also be a quadratic nonresidue.

fn root_of_unity() -> Self

Returns the 2^s root of unity.

fn from_str(s: &str) -> Option<Self>

Interpret a string of numbers as a (congruent) prime field element. Does not accept unnecessary leading zeroes or a blank string.

fn is_even(&self) -> bool

Returns true iff this element is even.

impl PrimeFieldBits for Scalar

This is supported on crate feature bits only.

type ReprBits = [u64; 4]

The backing store for a bit representation of a prime field element.

fn to_le_bits(&self) -> ScalarBits

Converts an element of the prime field into a little-endian sequence of bits.

fn char_le_bits() -> ScalarBits

Returns the bits of the field characteristic (the modulus) in little-endian order.

impl SignPrimitive<NistP256> for Scalar

This is supported on crate feature ecdsa-core only.

fn try_sign_prehashed<K>(
    &self,
    ephemeral_scalar: &K,
    z: &Scalar
) -> Result<Signature, Error> where
    K: Borrow<Scalar> + Invert<Output = Scalar>, 

Try to sign the prehashed message.

impl Sub<&'_ Scalar> for &Scalar

type Output = Scalar

The resulting type after applying the - operator.

fn sub(self, other: &Scalar) -> Scalar

Performs the - operation.

impl Sub<&'_ Scalar> for Scalar

type Output = Scalar

The resulting type after applying the - operator.

fn sub(self, other: &Scalar) -> Scalar

Performs the - operation.

impl Sub<Scalar> for Scalar

type Output = Scalar

The resulting type after applying the - operator.

fn sub(self, other: Scalar) -> Scalar

Performs the - operation.

impl SubAssign<&'_ Scalar> for Scalar

fn sub_assign(&mut self, rhs: &Scalar)

Performs the -= operation.

impl SubAssign<Scalar> for Scalar

fn sub_assign(&mut self, rhs: Scalar)

Performs the -= operation.

impl Zeroize for Scalar

fn zeroize(&mut self)

Zero out this object from memory using Rust intrinsics which ensure the zeroization operation is not “optimized away” by the compiler.

impl Copy for Scalar

impl Eq for Scalar