Skip to content

Commit f4f5687

Browse files
daxpeddadaxpedda
committed
Implement FromOkm for MontgomeryScalar 
1 parent 473696d commit f4f5687

File tree

4 files changed

+42
-30
lines changed

4 files changed

+42
-30
lines changed

ed448-goldilocks/src/edwards/scalar.rs

Lines changed: 3 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -2,8 +2,8 @@ use crate::field::{CurveWithScalar, NZ_ORDER, Scalar, ScalarBytes, WideScalarByt
22
use crate::{Ed448, ORDER};
33

44
use elliptic_curve::array::Array;
5-
use elliptic_curve::bigint::{Limb, NonZero, U448, U704};
6-
use elliptic_curve::consts::{U57, U84, U88};
5+
use elliptic_curve::bigint::{Limb, U448};
6+
use elliptic_curve::consts::{U57, U84};
77
use elliptic_curve::scalar::FromUintUnchecked;
88
use hash2curve::FromOkm;
99
use subtle::{Choice, CtOption};
@@ -86,17 +86,7 @@ impl FromOkm for EdwardsScalar {
8686
type Length = U84;
8787

8888
fn from_okm(data: &Array<u8, Self::Length>) -> Self {
89-
const SEMI_WIDE_MODULUS: NonZero<U704> = NonZero::<U704>::new_unwrap(U704::from_be_hex(
90-
"00000000000000000000000000000000000000000000000000000000000000003fffffffffffffffffffffffffffffffffffffffffffffffffffffff7cca23e9c44edb49aed63690216cc2728dc58f552378c292ab5844f3",
91-
));
92-
let mut tmp = Array::<u8, U88>::default();
93-
tmp[4..].copy_from_slice(&data[..]);
94-
95-
let mut num = U704::from_be_slice(&tmp[..]);
96-
num %= SEMI_WIDE_MODULUS;
97-
let mut words = [0; U448::LIMBS];
98-
words.copy_from_slice(&num.to_words()[..U448::LIMBS]);
99-
Scalar::new(U448::from_words(words))
89+
Self::from_okm_u84(data)
10090
}
10191
}
10292

ed448-goldilocks/src/field/element.rs

Lines changed: 12 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -65,7 +65,7 @@ impl PartialEq for FieldElement {
6565
}
6666
impl Eq for FieldElement {}
6767

68-
impl FromOkm for Ed448FieldElement {
68+
impl FromOkm for FieldElementU84 {
6969
type Length = U84;
7070

7171
fn from_okm(data: &Array<u8, Self::Length>) -> Self {
@@ -86,7 +86,7 @@ impl FromOkm for Ed448FieldElement {
8686
}
8787
}
8888

89-
impl FromOkm for Decaf448FieldElement {
89+
impl FromOkm for FieldElementU56 {
9090
type Length = U56;
9191

9292
fn from_okm(data: &Array<u8, Self::Length>) -> Self {
@@ -191,13 +191,13 @@ impl Neg for FieldElement {
191191
}
192192

193193
#[derive(Clone, Copy, Default, Debug)]
194-
pub struct Ed448FieldElement(FieldElement);
194+
pub struct FieldElementU84(pub(crate) FieldElement);
195195

196196
impl MapToCurve for Ed448 {
197197
type CurvePoint = EdwardsPoint;
198-
type FieldElement = Ed448FieldElement;
198+
type FieldElement = FieldElementU84;
199199

200-
fn map_to_curve(element: Ed448FieldElement) -> Self::CurvePoint {
200+
fn map_to_curve(element: FieldElementU84) -> Self::CurvePoint {
201201
element
202202
.0
203203
.map_to_curve_elligator2_curve448()
@@ -215,13 +215,13 @@ impl MapToCurve for Ed448 {
215215
}
216216

217217
#[derive(Clone, Copy, Default, Debug)]
218-
pub struct Decaf448FieldElement(FieldElement);
218+
pub struct FieldElementU56(pub(crate) FieldElement);
219219

220220
impl MapToCurve for Decaf448 {
221221
type CurvePoint = DecafPoint;
222-
type FieldElement = Decaf448FieldElement;
222+
type FieldElement = FieldElementU56;
223223

224-
fn map_to_curve(element: Decaf448FieldElement) -> DecafPoint {
224+
fn map_to_curve(element: FieldElementU56) -> DecafPoint {
225225
DecafPoint(element.0.map_to_curve_decaf448())
226226
}
227227

@@ -485,16 +485,14 @@ mod tests {
485485
.unwrap();
486486
let mut data = Array::<u8, U84>::default();
487487
expander.fill_bytes(&mut data);
488-
// TODO: This should be `Curve448FieldElement`.
489-
let u0 = Ed448FieldElement::from_okm(&data).0;
488+
let u0 = FieldElementU84::from_okm(&data).0;
490489
let mut e_u0 = *expected_u0;
491490
e_u0.reverse();
492491
let mut e_u1 = *expected_u1;
493492
e_u1.reverse();
494493
assert_eq!(u0.to_bytes(), e_u0);
495494
expander.fill_bytes(&mut data);
496-
// TODO: This should be `Curve448FieldElement`.
497-
let u1 = Ed448FieldElement::from_okm(&data).0;
495+
let u1 = FieldElementU84::from_okm(&data).0;
498496
assert_eq!(u1.to_bytes(), e_u1);
499497
}
500498
}
@@ -519,14 +517,14 @@ mod tests {
519517
.unwrap();
520518
let mut data = Array::<u8, U84>::default();
521519
expander.fill_bytes(&mut data);
522-
let u0 = Ed448FieldElement::from_okm(&data).0;
520+
let u0 = FieldElementU84::from_okm(&data).0;
523521
let mut e_u0 = *expected_u0;
524522
e_u0.reverse();
525523
let mut e_u1 = *expected_u1;
526524
e_u1.reverse();
527525
assert_eq!(u0.to_bytes(), e_u0);
528526
expander.fill_bytes(&mut data);
529-
let u1 = Ed448FieldElement::from_okm(&data).0;
527+
let u1 = FieldElementU84::from_okm(&data).0;
530528
assert_eq!(u1.to_bytes(), e_u1);
531529
}
532530
}

ed448-goldilocks/src/field/scalar.rs

Lines changed: 16 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -13,8 +13,8 @@ use elliptic_curve::{
1313
Array, ArraySize,
1414
typenum::{Prod, Unsigned},
1515
},
16-
bigint::{Limb, NonZero, U448, U896, Word, Zero},
17-
consts::U2,
16+
bigint::{Limb, NonZero, U448, U704, U896, Word, Zero},
17+
consts::{U2, U84, U88},
1818
ff::{Field, helpers},
1919
ops::{Invert, Reduce, ReduceNonZero},
2020
scalar::{FromUintUnchecked, IsHigh},
@@ -828,4 +828,18 @@ impl<C: CurveWithScalar> Scalar<C> {
828828
pub fn to_scalar<O: CurveWithScalar>(&self) -> Scalar<O> {
829829
Scalar::new(self.scalar)
830830
}
831+
832+
pub(crate) fn from_okm_u84(data: &Array<u8, U84>) -> Self {
833+
const SEMI_WIDE_MODULUS: NonZero<U704> = NonZero::<U704>::new_unwrap(U704::from_be_hex(
834+
"00000000000000000000000000000000000000000000000000000000000000003fffffffffffffffffffffffffffffffffffffffffffffffffffffff7cca23e9c44edb49aed63690216cc2728dc58f552378c292ab5844f3",
835+
));
836+
let mut tmp = Array::<u8, U88>::default();
837+
tmp[4..].copy_from_slice(&data[..]);
838+
839+
let mut num = U704::from_be_slice(&tmp[..]);
840+
num %= SEMI_WIDE_MODULUS;
841+
let mut words = [0; U448::LIMBS];
842+
words.copy_from_slice(&num.to_words()[..U448::LIMBS]);
843+
Scalar::new(U448::from_words(words))
844+
}
831845
}

ed448-goldilocks/src/montgomery/scalar.rs

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,8 @@
1+
use elliptic_curve::array::Array;
12
use elliptic_curve::bigint::{Limb, U448};
2-
use elliptic_curve::consts::U56;
3+
use elliptic_curve::consts::{U56, U84};
34
use elliptic_curve::scalar::FromUintUnchecked;
5+
use hash2curve::FromOkm;
46
use subtle::{Choice, CtOption};
57

68
use crate::field::{CurveWithScalar, NZ_ORDER, ScalarBytes, WideScalarBytes};
@@ -64,6 +66,14 @@ impl From<&MontgomeryScalar> for elliptic_curve::scalar::ScalarBits<Curve448> {
6466
}
6567
}
6668

69+
impl FromOkm for MontgomeryScalar {
70+
type Length = U84;
71+
72+
fn from_okm(data: &Array<u8, Self::Length>) -> Self {
73+
Self::from_okm_u84(data)
74+
}
75+
}
76+
6777
#[cfg(test)]
6878
mod test {
6979
use super::*;

0 commit comments

Comments
 (0)