Struct EdwardsCurve 

pub struct EdwardsCurve<F: FieldOps> {
    pub d1: F,
    pub d2: F,
}

An Edwards curve over a field F, covering both odd and even characteristic.

In odd characteristic only d2 is used (the parameter d). In characteristic 2 both d1 and d2 are used.

Fields

d1: F

The invariant d1 in the equation

d2: F

The invariant d2 in the equation

Implementations

impl<F: FieldOps + FieldRandom> EdwardsCurve<F>

pub fn new(d: F) -> Self

Construct an odd-characteristic Edwards curve x² + y² = 1 + d·x²·y².

Stores d as d2; d1 is set to zero (unused).

Examples found in repository

examples/ec_demo.rs (line 54)

fn main() {
    let mut rng = rand::rng();
    // 1. Short Weierstrass over F_19: y^2 = x^3 + 2x + 3
    let w = WeierstrassCurve::new_short(fp(2), fp(3));
    show_curve("Weierstrass", &w, &mut rng);

    // 2. Montgomery over F_19: B y^2 = x(x^2 + A x + 1)
    // Smooth if B != 0 and A != ±2 in odd characteristic.
    let m = MontgomeryCurve::new(fp(3), fp(1));
    show_curve("Montgomery", &m, &mut rng);

    // 3. Edwards over F_19: x^2 + y^2 = 1 + d x^2 y^2
    // Pick d = 2 (nonzero, not 1; also a nonsquare in F_19).
    let e = EdwardsCurve::new(fp(2));
    show_curve("Edwards", &e, &mut rng);

    // 4. Jacobi quartic over F_19: y^2 = d x^4 + 2 a x^2 + 1
    // Need d != 0 and a^2 != d.
    let jq = JacobiQuarticCurve::new(fp(3), fp(5));
    show_curve("Jacobi quartic", &jq, &mut rng);

    // 5. Jacobi intersection over F_19:
    // s^2 + c^2 = 1,  a s^2 + d^2 = 1
    // Need a != 0, 1.
    let ji = JacobiIntersectionCurve::new(fp(2));
    show_curve("Jacobi intersection", &ji, &mut rng);
}

pub fn new_binary(d1: F, d2: F) -> Self

Construct a binary Edwards curve d₁(x+y) + d₂(x²+y²) = xy + xy(x+y) + x²y².

pub fn d(&self) -> F

Convenience accessor: the parameter d in odd characteristic.

pub fn contains(&self, x: &F, y: &F) -> bool

Check whether the affine point (x, y) lies on the curve.

pub fn random_point(&self, rng: &mut (impl CryptoRng + Rng)) -> EdwardsPoint<F>

Sample a random affine point on this Edwards curve using the provided RNG.

This currently uses a square-root-based construction and is implemented only for odd characteristic. It returns a point P such that self.is_on_curve(&P) holds.

Trait Implementations

impl<F: Clone + FieldOps> Clone for EdwardsCurve<F>

fn clone(&self) -> EdwardsCurve<F>

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl<F: FieldOps + FieldRandom> Curve for EdwardsCurve<F>

type BaseField = F

Base field of the curve.

type Point = EdwardsPoint<F>

Native point representation for this curve model.

fn is_on_curve(&self, point: &Self::Point) -> bool

Return true if point is a valid point on this curve.

fn random_point(&self, rng: &mut (impl CryptoRng + Rng)) -> Self::Point

Return a random point that is on the curve.

fn j_invariant(&self) -> F

Return the j_invariant of the curve;

fn a_invariants(&self) -> Vec<Self::BaseField>

The interpretation depends on the curve model:

fn identity(&self) -> Self::Point

Return the group identity.

impl<F: Debug + FieldOps> Debug for EdwardsCurve<F>

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<F> Display for EdwardsCurve<F>

where F: FieldOps + Display,

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<F: PartialEq + FieldOps> PartialEq for EdwardsCurve<F>

fn eq(&self, other: &EdwardsCurve<F>) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl<F: Eq + FieldOps> Eq for EdwardsCurve<F>

impl<F: FieldOps> StructuralPartialEq for EdwardsCurve<F>