pub trait Field: Sized + Eq + Copy + Clone + Default + Send + Sync + Debug + 'static + ConditionallySelectable + ConstantTimeEq + Neg<Output = Self> + Add<Output = Self> + Sub<Output = Self> + Mul<Output = Self> + Sum + Product + for<'a> Add<&'a Self, Output = Self> + for<'a> Sub<&'a Self, Output = Self> + for<'a> Mul<&'a Self, Output = Self> + for<'a> Sum<&'a Self> + for<'a> Product<&'a Self> + AddAssign + SubAssign + MulAssign + for<'a> AddAssign<&'a Self> + for<'a> SubAssign<&'a Self> + for<'a> MulAssign<&'a Self> {
const ZERO: Self;
const ONE: Self;
fn random(rng: impl RngCore) -> Self;
fn square(&self) -> Self;
fn double(&self) -> Self;
fn invert(&self) -> CtOption<Self>;
fn sqrt_ratio(num: &Self, div: &Self) -> (Choice, Self);
fn is_zero(&self) -> Choice { ... }
fn is_zero_vartime(&self) -> bool { ... }
fn cube(&self) -> Self { ... }
fn sqrt_alt(&self) -> (Choice, Self) { ... }
fn sqrt(&self) -> CtOption<Self> { ... }
fn pow<S: AsRef<[u64]>>(&self, exp: S) -> Self { ... }
fn pow_vartime<S: AsRef<[u64]>>(&self, exp: S) -> Self { ... }
}Expand description
This trait represents an element of a field.
Required Associated Constants§
Required Methods§
sourcefn random(rng: impl RngCore) -> Self
fn random(rng: impl RngCore) -> Self
Returns an element chosen uniformly at random using a user-provided RNG.
sourcefn invert(&self) -> CtOption<Self>
fn invert(&self) -> CtOption<Self>
Computes the multiplicative inverse of this element, failing if the element is zero.
sourcefn sqrt_ratio(num: &Self, div: &Self) -> (Choice, Self)
fn sqrt_ratio(num: &Self, div: &Self) -> (Choice, Self)
Computes:
- $(\textsf{true}, \sqrt{\textsf{num}/\textsf{div}})$, if $\textsf{num}$ and $\textsf{div}$ are nonzero and $\textsf{num}/\textsf{div}$ is a square in the field;
- $(\textsf{true}, 0)$, if $\textsf{num}$ is zero;
- $(\textsf{false}, 0)$, if $\textsf{num}$ is nonzero and $\textsf{div}$ is zero;
- $(\textsf{false}, \sqrt{G_S \cdot \textsf{num}/\textsf{div}})$, if $\textsf{num}$ and $\textsf{div}$ are nonzero and $\textsf{num}/\textsf{div}$ is a nonsquare in the field;
where $G_S$ is a non-square.
Warnings
- The choice of root from
sqrtis unspecified. - The value of $G_S$ is unspecified, and cannot be assumed to have any specific value in a generic context.
Provided Methods§
sourcefn is_zero_vartime(&self) -> bool
fn is_zero_vartime(&self) -> bool
Returns true iff this element is zero.
Security
This method provides no constant-time guarantees. Implementors of the
Field trait may optimise this method using non-constant-time logic.
sourcefn sqrt_alt(&self) -> (Choice, Self)
fn sqrt_alt(&self) -> (Choice, Self)
Equivalent to Self::sqrt_ratio(self, one()).
The provided method is implemented in terms of Self::sqrt_ratio.
sourcefn sqrt(&self) -> CtOption<Self>
fn sqrt(&self) -> CtOption<Self>
Returns the square root of the field element, if it is quadratic residue.
The provided method is implemented in terms of Self::sqrt_ratio.
sourcefn pow<S: AsRef<[u64]>>(&self, exp: S) -> Self
fn pow<S: AsRef<[u64]>>(&self, exp: S) -> Self
Exponentiates self by exp, where exp is a little-endian order integer
exponent.
Guarantees
This operation is constant time with respect to self, for all exponents with the
same number of digits (exp.as_ref().len()). It is variable time with respect to
the number of digits in the exponent.
sourcefn pow_vartime<S: AsRef<[u64]>>(&self, exp: S) -> Self
fn pow_vartime<S: AsRef<[u64]>>(&self, exp: S) -> Self
Exponentiates self by exp, where exp is a little-endian order integer
exponent.
Guarantees
This operation is variable time with respect to self, for all exponent. If
the exponent is fixed, this operation is effectively constant time. However, for
stronger constant-time guarantees, Field::pow should be used.