Struct Scalar 

pub struct Scalar {
    pub(crate) bytes: [u8; 32],
}

The Scalar struct holds an element of \(\mathbb Z / \ell\mathbb Z \).

Fields

bytes: [u8; 32]

bytes is a little-endian byte encoding of an integer representing a scalar modulo the group order.

Invariant #1

The integer representing this scalar is less than \(2^{255}\). That is, the most significant bit of bytes[31] is 0.

This is required for EdwardsPoint variable- and fixed-base multiplication, because most integers above 2^255 are unrepresentable in our radix-16 NAF (see Self::as_radix_16). The invariant is also required because our MontgomeryPoint multiplication assumes the MSB is 0 (see MontgomeryPoint::mul).

Invariant #2 (weak)

The integer representing this scalar is less than \(2^{255} - 19 \), i.e., it represents a canonical representative of an element of \( \mathbb Z / \ell\mathbb Z \). This is stronger than invariant #1. It also sometimes has to be broken.

This invariant is deliberately broken in the implementation of EdwardsPoint::{mul_clamped, mul_base_clamped}, MontgomeryPoint::{mul_clamped, mul_base_clamped}, and BasepointTable::mul_base_clamped. This is not an issue though. As mentioned above, scalar-point multiplication is defined for any choice of bytes that satisfies invariant #1. Since clamping guarantees invariant #1 is satisfied, these operations are well defined.

Note: Scalar-point mult is the only thing you can do safely with an unreduced scalar. Scalar-scalar addition and subtraction are NOT correct when using unreduced scalars. Multiplication is correct, but this is only due to a quirk of our implementation, and not guaranteed to hold in general in the future.

Note: It is not possible to construct an unreduced Scalar from the public API unless the legacy_compatibility is enabled (thus making Scalar::from_bits public). Thus, for all public non-legacy uses, invariant #2 always holds.

Implementations

impl Scalar

pub fn from_bytes_mod_order(bytes: [u8; 32]) -> Scalar

Construct a Scalar by reducing a 256-bit little-endian integer modulo the group order \( \ell \).

pub fn from_bytes_mod_order_wide(input: &[u8; 64]) -> Scalar

Construct a Scalar by reducing a 512-bit little-endian integer modulo the group order \( \ell \).

pub fn from_canonical_bytes(bytes: [u8; 32]) -> CtOption<Scalar>

Attempt to construct a Scalar from a canonical byte representation.

Return

• Some(s), where s is the Scalar corresponding to bytes, if bytes is a canonical byte representation modulo the group order \( \ell \);
• None if bytes is not a canonical byte representation.

impl Scalar

pub const ZERO: Self

The scalar \( 0 \).

pub const ONE: Self

The scalar \( 1 \).

pub const fn to_bytes(&self) -> [u8; 32]

Convert this Scalar to its underlying sequence of bytes.

Example

use curve25519_dalek::scalar::Scalar;

let s: Scalar = Scalar::ZERO;

assert!(s.to_bytes() == [0u8; 32]);

pub const fn as_bytes(&self) -> &[u8; 32]

View the little-endian byte encoding of the integer representing this Scalar.

Example

use curve25519_dalek::scalar::Scalar;

let s: Scalar = Scalar::ZERO;

assert!(s.as_bytes() == &[0u8; 32]);

pub fn invert(&self) -> Scalar

Given a nonzero Scalar, compute its multiplicative inverse.

Warning

self MUST be nonzero. If you cannot prove that this is the case, you SHOULD NOT USE THIS FUNCTION.

Returns

The multiplicative inverse of the this Scalar.

Example

use curve25519_dalek::scalar::Scalar;

// x = 2238329342913194256032495932344128051776374960164957527413114840482143558222
let X: Scalar = Scalar::from_bytes_mod_order([
        0x4e, 0x5a, 0xb4, 0x34, 0x5d, 0x47, 0x08, 0x84,
        0x59, 0x13, 0xb4, 0x64, 0x1b, 0xc2, 0x7d, 0x52,
        0x52, 0xa5, 0x85, 0x10, 0x1b, 0xcc, 0x42, 0x44,
        0xd4, 0x49, 0xf4, 0xa8, 0x79, 0xd9, 0xf2, 0x04,
    ]);
// 1/x = 6859937278830797291664592131120606308688036382723378951768035303146619657244
let XINV: Scalar = Scalar::from_bytes_mod_order([
        0x1c, 0xdc, 0x17, 0xfc, 0xe0, 0xe9, 0xa5, 0xbb,
        0xd9, 0x24, 0x7e, 0x56, 0xbb, 0x01, 0x63, 0x47,
        0xbb, 0xba, 0x31, 0xed, 0xd5, 0xa9, 0xbb, 0x96,
        0xd5, 0x0b, 0xcd, 0x7a, 0x3f, 0x96, 0x2a, 0x0f,
    ]);

let inv_X: Scalar = X.invert();
assert!(XINV == inv_X);
let should_be_one: Scalar = &inv_X * &X;
assert!(should_be_one == Scalar::ONE);

pub fn batch_invert(inputs: &mut [Scalar]) -> Scalar

Given a slice of nonzero (possibly secret) Scalars, compute their inverses in a batch.

Return

Each element of inputs is replaced by its inverse.

The product of all inverses is returned.

Warning

All input Scalars MUST be nonzero. If you cannot prove that this is the case, you SHOULD NOT USE THIS FUNCTION.

Example

let mut scalars = [
    Scalar::from(3u64),
    Scalar::from(5u64),
    Scalar::from(7u64),
    Scalar::from(11u64),
];

let allinv = Scalar::batch_invert(&mut scalars);

assert_eq!(allinv, Scalar::from(3*5*7*11u64).invert());
assert_eq!(scalars[0], Scalar::from(3u64).invert());
assert_eq!(scalars[1], Scalar::from(5u64).invert());
assert_eq!(scalars[2], Scalar::from(7u64).invert());
assert_eq!(scalars[3], Scalar::from(11u64).invert());

pub(crate) fn bits_le(&self) -> impl DoubleEndedIterator<Item = bool> + '_

Get the bits of the scalar, in little-endian order

pub(crate) fn non_adjacent_form(&self, w: usize) -> [i8; 256]

Compute a width-\(w\) “Non-Adjacent Form” of this scalar.

A width-\(w\) NAF of a positive integer \(k\) is an expression $$ k = \sum_{i=0}^m n_i 2^i, $$ where each nonzero coefficient \(n_i\) is odd and bounded by \(|n_i| < 2^{w-1}\), \(n_{m-1}\) is nonzero, and at most one of any \(w\) consecutive coefficients is nonzero. (Hankerson, Menezes, Vanstone; def 3.32).

The length of the NAF is at most one more than the length of the binary representation of \(k\). This is why the Scalar type maintains an invariant (invariant #1) that the top bit is \(0\), so that the NAF of a scalar has at most 256 digits.

Intuitively, this is like a binary expansion, except that we allow some coefficients to grow in magnitude up to \(2^{w-1}\) so that the nonzero coefficients are as sparse as possible.

When doing scalar multiplication, we can then use a lookup table of precomputed multiples of a point to add the nonzero terms \( k_i P \). Using signed digits cuts the table size in half, and using odd digits cuts the table size in half again.

To compute a \(w\)-NAF, we use a modification of Algorithm 3.35 of HMV:

1. \( i \gets 0 \)
2. While \( k \ge 1 \):
   1. If \(k\) is odd, \( n_i \gets k \operatorname{mods} 2^w \), \( k \gets k - n_i \).
   2. If \(k\) is even, \( n_i \gets 0 \).
   3. \( k \gets k / 2 \), \( i \gets i + 1 \).
3. Return \( n_0, n_1, … , \)

Here \( \bar x = x \operatorname{mods} 2^w \) means the \( \bar x \) with \( \bar x \equiv x \pmod{2^w} \) and \( -2^{w-1} \leq \bar x < 2^{w-1} \).

We implement this by scanning across the bits of \(k\) from least-significant bit to most-significant-bit. Write the bits of \(k\) as $$ k = \sum_{i=0}^m k_i 2^i, $$ and split the sum as $$ k = \sum_{i=0}^{w-1} k_i 2^i + 2^w \sum_{i=0} k_{i+w} 2^i $$ where the first part is \( k \mod 2^w \).

If \( k \mod 2^w\) is odd, and \( k \mod 2^w < 2^{w-1} \), then we emit \( n_0 = k \mod 2^w \). Instead of computing \( k - n_0 \), we just advance \(w\) bits and reindex.

If \( k \mod 2^w\) is odd, and \( k \mod 2^w \ge 2^{w-1} \), then \( n_0 = k \operatorname{mods} 2^w = k \mod 2^w - 2^w \). The quantity \( k - n_0 \) is $$ \begin{aligned} k - n_0 &= \sum_{i=0}^{w-1} k_i 2^i + 2^w \sum_{i=0} k_{i+w} 2^i - \sum_{i=0}^{w-1} k_i 2^i + 2^w \\ &= 2^w + 2^w \sum_{i=0} k_{i+w} 2^i \end{aligned} $$ so instead of computing the subtraction, we can set a carry bit, advance \(w\) bits, and reindex.

If \( k \mod 2^w\) is even, we emit \(0\), advance 1 bit and reindex. In fact, by setting all digits to \(0\) initially, we don’t need to emit anything.

pub(crate) fn as_radix_16(&self) -> [i8; 64]

Write this scalar in radix 16, with coefficients in \([-8,8)\), i.e., compute \(a_i\) such that $$ a = a_0 + a_1 16^1 + \cdots + a_{63} 16^{63}, $$ with \(-8 \leq a_i < 8\) for \(0 \leq i < 63\) and \(-8 \leq a_{63} \leq 8\).

The largest value that can be decomposed like this is just over \(2^{255}\). Thus, in order to not error, the top bit MUST NOT be set, i.e., Self MUST be less than \(2^{255}\).

pub(crate) fn to_radix_2w_size_hint(w: usize) -> usize

Returns a size hint indicating how many entries of the return value of to_radix_2w are nonzero.

pub(crate) fn as_radix_2w(&self, w: usize) -> [i8; 64]

Creates a representation of a Scalar in radix \( 2^w \) with \(w = 4, 5, 6, 7, 8\) for use with the Pippenger algorithm. Higher radixes are not supported to save cache space. Radix 256 is near-optimal even for very large inputs.

Radix below 16 or above 256 is prohibited. This method returns digits in a fixed-sized array, excess digits are zeroes.

For radix 16, Self must be less than \(2^{255}\). This is because most integers larger than \(2^{255}\) are unrepresentable in the form described below for \(w = 4\). This would be true for \(w = 8\) as well, but it is compensated for by increasing the size hint by 1.

Scalar representation

Radix \(2^w\), with \(n = ceil(256/w)\) coefficients in \([-(2^w)/2,(2^w)/2)\), i.e., scalar is represented using digits \(a_i\) such that $$ a = a_0 + a_1 2^1w + \cdots + a_{n-1} 2^{w*(n-1)}, $$ with \(-2^w/2 \leq a_i < 2^w/2\) for \(0 \leq i < (n-1)\) and \(-2^w/2 \leq a_{n-1} \leq 2^w/2\).

pub(crate) fn unpack(&self) -> Scalar52

Unpack this Scalar to an UnpackedScalar for faster arithmetic.

fn reduce(&self) -> Scalar

Reduce this Scalar modulo \(\ell\).

fn is_canonical(&self) -> Choice

Check whether this Scalar is the canonical representative mod \(\ell\). This is not public because any Scalar that is publicly observed is reduced, by scalar invariant #2.

Trait Implementations

impl<'a, 'b> Add<&'b Scalar> for &'a Scalar

type Output = Scalar

The resulting type after applying the + operator.

fn add(self, _rhs: &'b Scalar) -> Scalar

Performs the + operation.

impl<'b> Add<&'b Scalar> for Scalar

type Output = Scalar

The resulting type after applying the + operator.

fn add(self, rhs: &'b Scalar) -> Scalar

Performs the + operation.

impl<'a> Add<Scalar> for &'a Scalar

type Output = Scalar

The resulting type after applying the + operator.

fn add(self, rhs: Scalar) -> Scalar

Performs the + operation.

impl Add for Scalar

type Output = Scalar

The resulting type after applying the + operator.

fn add(self, rhs: Scalar) -> Scalar

Performs the + operation.

impl<'b> AddAssign<&'b Scalar> for Scalar

fn add_assign(&mut self, _rhs: &'b Scalar)

Performs the += operation.

impl AddAssign for Scalar

fn add_assign(&mut self, rhs: Scalar)

Performs the += operation.

impl Clone for Scalar

fn clone(&self) -> Scalar

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl ConditionallySelectable for Scalar

fn conditional_select(a: &Self, b: &Self, choice: Choice) -> Self

Select a or b according to choice.

fn conditional_assign(&mut self, other: &Self, choice: Choice)

Conditionally assign other to self, according to choice.

fn conditional_swap(a: &mut Self, b: &mut Self, choice: Choice)

Conditionally swap self and other if choice == 1; otherwise, reassign both unto themselves.

impl ConstantTimeEq for Scalar

fn ct_eq(&self, other: &Self) -> Choice

Determine if two items are equal.

fn ct_ne(&self, other: &Self) -> Choice

Determine if two items are NOT equal.

impl Debug for Scalar

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for Scalar

fn default() -> Scalar

Returns the “default value” for a type.

impl From<u128> for Scalar

fn from(x: u128) -> Scalar

Converts to this type from the input type.

impl From<u16> for Scalar

fn from(x: u16) -> Scalar

Converts to this type from the input type.

impl From<u32> for Scalar

fn from(x: u32) -> Scalar

Converts to this type from the input type.

impl From<u64> for Scalar

fn from(x: u64) -> Scalar

Construct a scalar from the given u64.

Inputs

An u64 to convert to a Scalar.

Returns

A Scalar corresponding to the input u64.

Example

use curve25519_dalek::scalar::Scalar;

let fourtytwo = Scalar::from(42u64);
let six = Scalar::from(6u64);
let seven = Scalar::from(7u64);

assert!(fourtytwo == six * seven);

impl From<u8> for Scalar

fn from(x: u8) -> Scalar

Converts to this type from the input type.

impl Hash for Scalar

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher.

fn hash_slice<H>(data: &[Self], state: &mut H)

where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher.

impl Index<usize> for Scalar

fn index(&self, _index: usize) -> &u8

Index the bytes of the representative for this Scalar. Mutation is not permitted.

type Output = u8

The returned type after indexing.

impl<'a, 'b> Mul<&'a EdwardsBasepointTable> for &'b Scalar

fn mul(self, basepoint_table: &'a EdwardsBasepointTable) -> EdwardsPoint

Construct an EdwardsPoint from a Scalar \(a\) by computing the multiple \(aB\) of this basepoint \(B\).

type Output = EdwardsPoint

The resulting type after applying the * operator.

impl<'a, 'b> Mul<&'a EdwardsBasepointTableRadix128> for &'b Scalar

fn mul(self, basepoint_table: &'a EdwardsBasepointTableRadix128) -> EdwardsPoint

Construct an EdwardsPoint from a Scalar \(a\) by computing the multiple \(aB\) of this basepoint \(B\).

type Output = EdwardsPoint

The resulting type after applying the * operator.

impl<'a, 'b> Mul<&'a EdwardsBasepointTableRadix256> for &'b Scalar

fn mul(self, basepoint_table: &'a EdwardsBasepointTableRadix256) -> EdwardsPoint

Construct an EdwardsPoint from a Scalar \(a\) by computing the multiple \(aB\) of this basepoint \(B\).

type Output = EdwardsPoint

The resulting type after applying the * operator.

impl<'a, 'b> Mul<&'a EdwardsBasepointTableRadix32> for &'b Scalar

fn mul(self, basepoint_table: &'a EdwardsBasepointTableRadix32) -> EdwardsPoint

Construct an EdwardsPoint from a Scalar \(a\) by computing the multiple \(aB\) of this basepoint \(B\).

type Output = EdwardsPoint

The resulting type after applying the * operator.

impl<'a, 'b> Mul<&'a EdwardsBasepointTableRadix64> for &'b Scalar

fn mul(self, basepoint_table: &'a EdwardsBasepointTableRadix64) -> EdwardsPoint

Construct an EdwardsPoint from a Scalar \(a\) by computing the multiple \(aB\) of this basepoint \(B\).

type Output = EdwardsPoint

The resulting type after applying the * operator.

impl<'a, 'b> Mul<&'b EdwardsPoint> for &'a Scalar

fn mul(self, point: &'b EdwardsPoint) -> EdwardsPoint

Scalar multiplication: compute scalar * self.

For scalar multiplication of a basepoint, EdwardsBasepointTable is approximately 4x faster.

type Output = EdwardsPoint

The resulting type after applying the * operator.

impl<'b> Mul<&'b EdwardsPoint> for Scalar

type Output = EdwardsPoint

The resulting type after applying the * operator.

fn mul(self, rhs: &'b EdwardsPoint) -> EdwardsPoint

Performs the * operation.

impl Mul<&MontgomeryPoint> for &Scalar

type Output = MontgomeryPoint

The resulting type after applying the * operator.

fn mul(self, point: &MontgomeryPoint) -> MontgomeryPoint

Performs the * operation.

impl<'b> Mul<&'b MontgomeryPoint> for Scalar

type Output = MontgomeryPoint

The resulting type after applying the * operator.

fn mul(self, rhs: &'b MontgomeryPoint) -> MontgomeryPoint

Performs the * operation.

impl<'a, 'b> Mul<&'a RistrettoBasepointTable> for &'b Scalar

type Output = RistrettoPoint

The resulting type after applying the * operator.

fn mul(self, basepoint_table: &'a RistrettoBasepointTable) -> RistrettoPoint

Performs the * operation.

impl<'a, 'b> Mul<&'b RistrettoPoint> for &'a Scalar

fn mul(self, point: &'b RistrettoPoint) -> RistrettoPoint

Scalar multiplication: compute self * scalar.

type Output = RistrettoPoint

The resulting type after applying the * operator.

impl<'b> Mul<&'b RistrettoPoint> for Scalar

type Output = RistrettoPoint

The resulting type after applying the * operator.

fn mul(self, rhs: &'b RistrettoPoint) -> RistrettoPoint

Performs the * operation.

impl<'a, 'b> Mul<&'b Scalar> for &'a EdwardsBasepointTable

fn mul(self, scalar: &'b Scalar) -> EdwardsPoint

Construct an EdwardsPoint from a Scalar \(a\) by computing the multiple \(aB\) of this basepoint \(B\).

type Output = EdwardsPoint

The resulting type after applying the * operator.

impl<'a, 'b> Mul<&'b Scalar> for &'a EdwardsBasepointTableRadix128

fn mul(self, scalar: &'b Scalar) -> EdwardsPoint

Construct an EdwardsPoint from a Scalar \(a\) by computing the multiple \(aB\) of this basepoint \(B\).

type Output = EdwardsPoint

The resulting type after applying the * operator.

impl<'a, 'b> Mul<&'b Scalar> for &'a EdwardsBasepointTableRadix256

fn mul(self, scalar: &'b Scalar) -> EdwardsPoint

Construct an EdwardsPoint from a Scalar \(a\) by computing the multiple \(aB\) of this basepoint \(B\).

type Output = EdwardsPoint

The resulting type after applying the * operator.

impl<'a, 'b> Mul<&'b Scalar> for &'a EdwardsBasepointTableRadix32

fn mul(self, scalar: &'b Scalar) -> EdwardsPoint

Construct an EdwardsPoint from a Scalar \(a\) by computing the multiple \(aB\) of this basepoint \(B\).

type Output = EdwardsPoint

The resulting type after applying the * operator.

impl<'a, 'b> Mul<&'b Scalar> for &'a EdwardsBasepointTableRadix64

fn mul(self, scalar: &'b Scalar) -> EdwardsPoint

Construct an EdwardsPoint from a Scalar \(a\) by computing the multiple \(aB\) of this basepoint \(B\).

type Output = EdwardsPoint

The resulting type after applying the * operator.

impl<'a, 'b> Mul<&'b Scalar> for &'a EdwardsPoint

fn mul(self, scalar: &'b Scalar) -> EdwardsPoint

Scalar multiplication: compute scalar * self.

For scalar multiplication of a basepoint, EdwardsBasepointTable is approximately 4x faster.

type Output = EdwardsPoint

The resulting type after applying the * operator.

impl Mul<&Scalar> for &MontgomeryPoint

Multiply this MontgomeryPoint by a Scalar.

fn mul(self, scalar: &Scalar) -> MontgomeryPoint

Given self \( = u_0(P) \), and a Scalar \(n\), return \( u_0([n]P) \)

type Output = MontgomeryPoint

The resulting type after applying the * operator.

impl<'a, 'b> Mul<&'b Scalar> for &'a RistrettoBasepointTable

type Output = RistrettoPoint

The resulting type after applying the * operator.

fn mul(self, scalar: &'b Scalar) -> RistrettoPoint

Performs the * operation.

impl<'a, 'b> Mul<&'b Scalar> for &'a RistrettoPoint

fn mul(self, scalar: &'b Scalar) -> RistrettoPoint

Scalar multiplication: compute scalar * self.

type Output = RistrettoPoint

The resulting type after applying the * operator.

impl<'a, 'b> Mul<&'b Scalar> for &'a Scalar

type Output = Scalar

The resulting type after applying the * operator.

fn mul(self, _rhs: &'b Scalar) -> Scalar

Performs the * operation.

impl<'b> Mul<&'b Scalar> for EdwardsPoint

type Output = EdwardsPoint

The resulting type after applying the * operator.

fn mul(self, rhs: &'b Scalar) -> EdwardsPoint

Performs the * operation.

impl<'b> Mul<&'b Scalar> for MontgomeryPoint

type Output = MontgomeryPoint

The resulting type after applying the * operator.

fn mul(self, rhs: &'b Scalar) -> MontgomeryPoint

Performs the * operation.

impl<'b> Mul<&'b Scalar> for RistrettoPoint

type Output = RistrettoPoint

The resulting type after applying the * operator.

fn mul(self, rhs: &'b Scalar) -> RistrettoPoint

Performs the * operation.

impl<'b> Mul<&'b Scalar> for Scalar

type Output = Scalar

The resulting type after applying the * operator.

fn mul(self, rhs: &'b Scalar) -> Scalar

Performs the * operation.

impl<'a> Mul<EdwardsPoint> for &'a Scalar

type Output = EdwardsPoint

The resulting type after applying the * operator.

fn mul(self, rhs: EdwardsPoint) -> EdwardsPoint

Performs the * operation.

impl Mul<EdwardsPoint> for Scalar

type Output = EdwardsPoint

The resulting type after applying the * operator.

fn mul(self, rhs: EdwardsPoint) -> EdwardsPoint

Performs the * operation.

impl<'a> Mul<MontgomeryPoint> for &'a Scalar

type Output = MontgomeryPoint

The resulting type after applying the * operator.

fn mul(self, rhs: MontgomeryPoint) -> MontgomeryPoint

Performs the * operation.

impl Mul<MontgomeryPoint> for Scalar

type Output = MontgomeryPoint

The resulting type after applying the * operator.

fn mul(self, rhs: MontgomeryPoint) -> MontgomeryPoint

Performs the * operation.

impl<'a> Mul<RistrettoPoint> for &'a Scalar

type Output = RistrettoPoint

The resulting type after applying the * operator.

fn mul(self, rhs: RistrettoPoint) -> RistrettoPoint

Performs the * operation.

impl Mul<RistrettoPoint> for Scalar

type Output = RistrettoPoint

The resulting type after applying the * operator.

fn mul(self, rhs: RistrettoPoint) -> RistrettoPoint

Performs the * operation.

impl<'a> Mul<Scalar> for &'a EdwardsPoint

type Output = EdwardsPoint

The resulting type after applying the * operator.

fn mul(self, rhs: Scalar) -> EdwardsPoint

Performs the * operation.

impl<'a> Mul<Scalar> for &'a MontgomeryPoint

type Output = MontgomeryPoint

The resulting type after applying the * operator.

fn mul(self, rhs: Scalar) -> MontgomeryPoint

Performs the * operation.

impl<'a> Mul<Scalar> for &'a RistrettoPoint

type Output = RistrettoPoint

The resulting type after applying the * operator.

fn mul(self, rhs: Scalar) -> RistrettoPoint

Performs the * operation.

impl<'a> Mul<Scalar> for &'a Scalar

type Output = Scalar

The resulting type after applying the * operator.

fn mul(self, rhs: Scalar) -> Scalar

Performs the * operation.

impl Mul<Scalar> for EdwardsPoint

type Output = EdwardsPoint

The resulting type after applying the * operator.

fn mul(self, rhs: Scalar) -> EdwardsPoint

Performs the * operation.

impl Mul<Scalar> for MontgomeryPoint

type Output = MontgomeryPoint

The resulting type after applying the * operator.

fn mul(self, rhs: Scalar) -> MontgomeryPoint

Performs the * operation.

impl Mul<Scalar> for RistrettoPoint

type Output = RistrettoPoint

The resulting type after applying the * operator.

fn mul(self, rhs: Scalar) -> RistrettoPoint

Performs the * operation.

impl Mul for Scalar

type Output = Scalar

The resulting type after applying the * operator.

fn mul(self, rhs: Scalar) -> Scalar

Performs the * operation.

impl<'b> MulAssign<&'b Scalar> for EdwardsPoint

fn mul_assign(&mut self, scalar: &'b Scalar)

Performs the *= operation.

impl MulAssign<&Scalar> for MontgomeryPoint

fn mul_assign(&mut self, scalar: &Scalar)

Performs the *= operation.

impl<'b> MulAssign<&'b Scalar> for RistrettoPoint

fn mul_assign(&mut self, scalar: &'b Scalar)

Performs the *= operation.

impl<'b> MulAssign<&'b Scalar> for Scalar

fn mul_assign(&mut self, _rhs: &'b Scalar)

Performs the *= operation.

impl MulAssign<Scalar> for EdwardsPoint

fn mul_assign(&mut self, rhs: Scalar)

Performs the *= operation.

impl MulAssign<Scalar> for MontgomeryPoint

fn mul_assign(&mut self, rhs: Scalar)

Performs the *= operation.

impl MulAssign<Scalar> for RistrettoPoint

fn mul_assign(&mut self, rhs: Scalar)

Performs the *= operation.

impl MulAssign for Scalar

fn mul_assign(&mut self, rhs: Scalar)

Performs the *= operation.

impl<'a> Neg for &'a Scalar

type Output = Scalar

The resulting type after applying the - operator.

fn neg(self) -> Scalar

Performs the unary - operation.

impl Neg for Scalar

type Output = Scalar

The resulting type after applying the - operator.

fn neg(self) -> Scalar

Performs the unary - operation.

impl PartialEq for Scalar

fn eq(&self, other: &Self) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl<T> Product<T> for Scalar

where T: Borrow<Scalar>,

fn product<I>(iter: I) -> Self

where I: Iterator<Item = T>,

Takes an iterator and generates Self from the elements by multiplying the items.

impl<'a, 'b> Sub<&'b Scalar> for &'a Scalar

type Output = Scalar

The resulting type after applying the - operator.

fn sub(self, rhs: &'b Scalar) -> Scalar

Performs the - operation.

impl<'b> Sub<&'b Scalar> for Scalar

type Output = Scalar

The resulting type after applying the - operator.

fn sub(self, rhs: &'b Scalar) -> Scalar

Performs the - operation.

impl<'a> Sub<Scalar> for &'a Scalar

type Output = Scalar

The resulting type after applying the - operator.

fn sub(self, rhs: Scalar) -> Scalar

Performs the - operation.

impl Sub for Scalar

type Output = Scalar

The resulting type after applying the - operator.

fn sub(self, rhs: Scalar) -> Scalar

Performs the - operation.

impl<'b> SubAssign<&'b Scalar> for Scalar

fn sub_assign(&mut self, _rhs: &'b Scalar)

Performs the -= operation.

impl SubAssign for Scalar

fn sub_assign(&mut self, rhs: Scalar)

Performs the -= operation.

impl<T> Sum<T> for Scalar

where T: Borrow<Scalar>,

fn sum<I>(iter: I) -> Self

where I: Iterator<Item = T>,

Takes an iterator and generates Self from the elements by “summing up” the items.

impl Zeroize for Scalar

fn zeroize(&mut self)

Zero out this object from memory using Rust intrinsics which ensure the zeroization operation is not “optimized away” by the compiler.

impl Copy for Scalar

impl Eq for Scalar