mirror of
https://github.com/Qortal/pirate-librustzcash.git
synced 2025-11-14 18:17:08 +00:00
1761ebfb35
The sqrt() function is now part of the Field trait. ff_derive returns an error on fields for which it does not support generating a square root function. Note that Fq6 and Fq12 in pairing::bls12_381 leave the function unimplemented. They will be dropped once the migration to the bls12_381 crate is complete. The equivalent structs in that crate are not exposed.
212 lines
7.1 KiB
Rust
212 lines
7.1 KiB
Rust
// Catch documentation errors caused by code changes.
|
|
#![deny(intra_doc_link_resolution_failure)]
|
|
|
|
use ff::{Field, PrimeField, ScalarEngine};
|
|
use rand::RngCore;
|
|
use std::error::Error;
|
|
use std::fmt;
|
|
use std::ops::{Add, AddAssign, Neg, Sub, SubAssign};
|
|
|
|
pub mod tests;
|
|
|
|
mod wnaf;
|
|
pub use self::wnaf::Wnaf;
|
|
|
|
/// A helper trait for types implementing group addition.
|
|
pub trait CurveOps<Rhs = Self, Output = Self>:
|
|
Add<Rhs, Output = Output> + Sub<Rhs, Output = Output> + AddAssign<Rhs> + SubAssign<Rhs>
|
|
{
|
|
}
|
|
|
|
impl<T, Rhs, Output> CurveOps<Rhs, Output> for T where
|
|
T: Add<Rhs, Output = Output> + Sub<Rhs, Output = Output> + AddAssign<Rhs> + SubAssign<Rhs>
|
|
{
|
|
}
|
|
|
|
/// A helper trait for references implementing group addition.
|
|
pub trait CurveOpsOwned<Rhs = Self, Output = Self>: for<'r> CurveOps<&'r Rhs, Output> {}
|
|
impl<T, Rhs, Output> CurveOpsOwned<Rhs, Output> for T where T: for<'r> CurveOps<&'r Rhs, Output> {}
|
|
|
|
/// Projective representation of an elliptic curve point guaranteed to be
|
|
/// in the correct prime order subgroup.
|
|
pub trait CurveProjective:
|
|
PartialEq
|
|
+ Eq
|
|
+ Sized
|
|
+ Copy
|
|
+ Clone
|
|
+ Send
|
|
+ Sync
|
|
+ fmt::Debug
|
|
+ fmt::Display
|
|
+ 'static
|
|
+ Neg<Output = Self>
|
|
+ CurveOps
|
|
+ CurveOpsOwned
|
|
+ CurveOps<<Self as CurveProjective>::Affine>
|
|
+ CurveOpsOwned<<Self as CurveProjective>::Affine>
|
|
{
|
|
type Engine: ScalarEngine<Fr = Self::Scalar>;
|
|
type Scalar: PrimeField;
|
|
type Base: Field;
|
|
type Affine: CurveAffine<Projective = Self, Scalar = Self::Scalar>;
|
|
|
|
/// Returns an element chosen uniformly at random using a user-provided RNG.
|
|
fn random<R: RngCore + ?std::marker::Sized>(rng: &mut R) -> Self;
|
|
|
|
/// Returns the additive identity.
|
|
fn zero() -> Self;
|
|
|
|
/// Returns a fixed generator of unknown exponent.
|
|
fn one() -> Self;
|
|
|
|
/// Determines if this point is the point at infinity.
|
|
fn is_zero(&self) -> bool;
|
|
|
|
/// Normalizes a slice of projective elements so that
|
|
/// conversion to affine is cheap.
|
|
fn batch_normalization(v: &mut [Self]);
|
|
|
|
/// Checks if the point is already "normalized" so that
|
|
/// cheap affine conversion is possible.
|
|
fn is_normalized(&self) -> bool;
|
|
|
|
/// Doubles this element.
|
|
fn double(&mut self);
|
|
|
|
/// Performs scalar multiplication of this element.
|
|
fn mul_assign<S: Into<<Self::Scalar as PrimeField>::Repr>>(&mut self, other: S);
|
|
|
|
/// Converts this element into its affine representation.
|
|
fn into_affine(&self) -> Self::Affine;
|
|
|
|
/// Recommends a wNAF window table size given a scalar. Always returns a number
|
|
/// between 2 and 22, inclusive.
|
|
fn recommended_wnaf_for_scalar(scalar: &Self::Scalar) -> usize;
|
|
|
|
/// Recommends a wNAF window size given the number of scalars you intend to multiply
|
|
/// a base by. Always returns a number between 2 and 22, inclusive.
|
|
fn recommended_wnaf_for_num_scalars(num_scalars: usize) -> usize;
|
|
}
|
|
|
|
/// Affine representation of an elliptic curve point guaranteed to be
|
|
/// in the correct prime order subgroup.
|
|
pub trait CurveAffine:
|
|
Copy
|
|
+ Clone
|
|
+ Sized
|
|
+ Send
|
|
+ Sync
|
|
+ fmt::Debug
|
|
+ fmt::Display
|
|
+ PartialEq
|
|
+ Eq
|
|
+ 'static
|
|
+ Neg<Output = Self>
|
|
{
|
|
type Engine: ScalarEngine<Fr = Self::Scalar>;
|
|
type Scalar: PrimeField;
|
|
type Base: Field;
|
|
type Projective: CurveProjective<Affine = Self, Scalar = Self::Scalar>;
|
|
type Uncompressed: EncodedPoint<Affine = Self>;
|
|
type Compressed: EncodedPoint<Affine = Self>;
|
|
|
|
/// Returns the additive identity.
|
|
fn zero() -> Self;
|
|
|
|
/// Returns a fixed generator of unknown exponent.
|
|
fn one() -> Self;
|
|
|
|
/// Determines if this point represents the point at infinity; the
|
|
/// additive identity.
|
|
fn is_zero(&self) -> bool;
|
|
|
|
/// Performs scalar multiplication of this element with mixed addition.
|
|
fn mul<S: Into<<Self::Scalar as PrimeField>::Repr>>(&self, other: S) -> Self::Projective;
|
|
|
|
/// Converts this element into its affine representation.
|
|
fn into_projective(&self) -> Self::Projective;
|
|
|
|
/// Converts this element into its compressed encoding, so long as it's not
|
|
/// the point at infinity.
|
|
fn into_compressed(&self) -> Self::Compressed {
|
|
<Self::Compressed as EncodedPoint>::from_affine(*self)
|
|
}
|
|
|
|
/// Converts this element into its uncompressed encoding, so long as it's not
|
|
/// the point at infinity.
|
|
fn into_uncompressed(&self) -> Self::Uncompressed {
|
|
<Self::Uncompressed as EncodedPoint>::from_affine(*self)
|
|
}
|
|
}
|
|
|
|
/// An encoded elliptic curve point, which should essentially wrap a `[u8; N]`.
|
|
pub trait EncodedPoint:
|
|
Sized + Send + Sync + AsRef<[u8]> + AsMut<[u8]> + Clone + Copy + 'static
|
|
{
|
|
type Affine: CurveAffine;
|
|
|
|
/// Creates an empty representation.
|
|
fn empty() -> Self;
|
|
|
|
/// Returns the number of bytes consumed by this representation.
|
|
fn size() -> usize;
|
|
|
|
/// Converts an `EncodedPoint` into a `CurveAffine` element,
|
|
/// if the encoding represents a valid element.
|
|
fn into_affine(&self) -> Result<Self::Affine, GroupDecodingError>;
|
|
|
|
/// Converts an `EncodedPoint` into a `CurveAffine` element,
|
|
/// without guaranteeing that the encoding represents a valid
|
|
/// element. This is useful when the caller knows the encoding is
|
|
/// valid already.
|
|
///
|
|
/// If the encoding is invalid, this can break API invariants,
|
|
/// so caution is strongly encouraged.
|
|
fn into_affine_unchecked(&self) -> Result<Self::Affine, GroupDecodingError>;
|
|
|
|
/// Creates an `EncodedPoint` from an affine point, as long as the
|
|
/// point is not the point at infinity.
|
|
fn from_affine(affine: Self::Affine) -> Self;
|
|
}
|
|
|
|
/// An error that may occur when trying to decode an `EncodedPoint`.
|
|
#[derive(Debug)]
|
|
pub enum GroupDecodingError {
|
|
/// The coordinate(s) do not lie on the curve.
|
|
NotOnCurve,
|
|
/// The element is not part of the r-order subgroup.
|
|
NotInSubgroup,
|
|
/// One of the coordinates could not be decoded
|
|
CoordinateDecodingError(&'static str),
|
|
/// The compression mode of the encoded element was not as expected
|
|
UnexpectedCompressionMode,
|
|
/// The encoding contained bits that should not have been set
|
|
UnexpectedInformation,
|
|
}
|
|
|
|
impl Error for GroupDecodingError {
|
|
fn description(&self) -> &str {
|
|
match *self {
|
|
GroupDecodingError::NotOnCurve => "coordinate(s) do not lie on the curve",
|
|
GroupDecodingError::NotInSubgroup => "the element is not part of an r-order subgroup",
|
|
GroupDecodingError::CoordinateDecodingError(..) => "coordinate(s) could not be decoded",
|
|
GroupDecodingError::UnexpectedCompressionMode => {
|
|
"encoding has unexpected compression mode"
|
|
}
|
|
GroupDecodingError::UnexpectedInformation => "encoding has unexpected information",
|
|
}
|
|
}
|
|
}
|
|
|
|
impl fmt::Display for GroupDecodingError {
|
|
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> Result<(), fmt::Error> {
|
|
match *self {
|
|
GroupDecodingError::CoordinateDecodingError(description) => {
|
|
write!(f, "{} decoding error", description)
|
|
}
|
|
_ => write!(f, "{}", self.description()),
|
|
}
|
|
}
|
|
}
|