Skip to main content

elliptic_curve/
arithmetic.rs

1//! Elliptic curve arithmetic traits.
2
3use crate::{
4    Curve, CurveAffine, CurveGroup, Error, FieldBytes, Group, NonZeroScalar, PrimeCurve,
5    ScalarValue,
6    ctutils::{CtEq, CtSelect},
7    ops::{Invert, LinearCombination, Mul, MulByGeneratorVartime, MulVartime, Reduce},
8    point::{AffineCoordinates, NonIdentity},
9    scalar::{FromUintUnchecked, IsHigh},
10};
11use bigint::modular::Retrieve;
12use common::Generate;
13use core::fmt::Debug;
14use subtle::{ConditionallySelectable, ConstantTimeEq, CtOption};
15use zeroize::DefaultIsZeroes;
16
17/// Elliptic curve with an arithmetic implementation.
18pub trait CurveArithmetic: Curve {
19    /// Elliptic curve point in affine coordinates.
20    type AffinePoint: 'static
21        + AffineCoordinates<FieldRepr = FieldBytes<Self>>
22        + Copy
23        + ConditionallySelectable
24        + ConstantTimeEq
25        + CtEq
26        + CtSelect
27        + CurveAffine<Curve = Self::ProjectivePoint, Scalar = Self::Scalar>
28        + Debug
29        + Default
30        + DefaultIsZeroes
31        + Eq
32        + From<NonIdentity<Self::AffinePoint>>
33        + Generate
34        + MulVartime<Self::Scalar>
35        + for<'a> MulVartime<&'a Self::Scalar>
36        + PartialEq
37        + Sized
38        + Send
39        + Sync
40        + TryInto<NonIdentity<Self::AffinePoint>, Error = Error>;
41
42    /// Elliptic curve point in projective coordinates.
43    ///
44    /// Note: the following bounds are provided by [`group::Group`]:
45    /// - `'static`
46    /// - [`Copy`]
47    /// - [`Clone`]
48    /// - [`Debug`]
49    /// - [`Eq`]
50    /// - [`Sized`]
51    /// - [`Send`]
52    /// - [`Sync`]
53    type ProjectivePoint: ConditionallySelectable
54        + ConstantTimeEq
55        + CtEq
56        + CtSelect
57        + Default
58        + DefaultIsZeroes
59        + From<Self::AffinePoint>
60        + From<NonIdentity<Self::ProjectivePoint>>
61        + Generate
62        + Into<Self::AffinePoint>
63        + LinearCombination<[(Self::ProjectivePoint, Self::Scalar)]>
64        + LinearCombination<[(Self::ProjectivePoint, Self::Scalar); 2]>
65        + MulByGeneratorVartime
66        + MulVartime<Self::Scalar>
67        + for<'a> MulVartime<&'a Self::Scalar>
68        + TryInto<NonIdentity<Self::ProjectivePoint>, Error = Error>
69        + CurveGroup<Affine = Self::AffinePoint>
70        + Group<Scalar = Self::Scalar>;
71
72    /// Scalar field modulo this curve's order.
73    ///
74    /// Note: the following bounds are provided by [`ff::Field`]:
75    /// - `'static`
76    /// - [`Copy`]
77    /// - [`Clone`]
78    /// - [`ConditionallySelectable`]
79    /// - [`ConstantTimeEq`]
80    /// - [`Debug`]
81    /// - [`Default`]
82    /// - [`Send`]
83    /// - [`Sync`]
84    type Scalar: AsRef<Self::Scalar>
85        + CtEq
86        + CtSelect
87        + DefaultIsZeroes
88        + From<NonZeroScalar<Self>>
89        + From<ScalarValue<Self>>
90        + FromUintUnchecked<Uint = Self::Uint>
91        + Generate
92        + Into<FieldBytes<Self>>
93        + Into<ScalarValue<Self>>
94        + Into<Self::Uint>
95        + Invert<Output = CtOption<Self::Scalar>>
96        + IsHigh
97        + Mul<Self::AffinePoint, Output = Self::ProjectivePoint>
98        + MulVartime<Self::AffinePoint>
99        + for<'a> Mul<&'a Self::AffinePoint, Output = Self::ProjectivePoint>
100        + for<'a> MulVartime<&'a Self::AffinePoint>
101        + Mul<Self::ProjectivePoint, Output = Self::ProjectivePoint>
102        + MulVartime<Self::ProjectivePoint>
103        + for<'a> Mul<&'a Self::ProjectivePoint, Output = Self::ProjectivePoint>
104        + for<'a> MulVartime<&'a Self::ProjectivePoint>
105        + PartialOrd
106        + Reduce<Self::Uint>
107        + Reduce<FieldBytes<Self>>
108        + Retrieve<Output = Self::Uint>
109        + TryInto<NonZeroScalar<Self>, Error = Error>
110        + ff::PrimeField<Repr = FieldBytes<Self>>;
111}
112
113/// Prime order elliptic curve with projective arithmetic implementation.
114pub trait PrimeCurveArithmetic:
115    PrimeCurve + CurveArithmetic<ProjectivePoint = Self::CurveGroup>
116{
117    /// Prime order elliptic curve group.
118    type CurveGroup: group::prime::PrimeCurve<Affine = <Self as CurveArithmetic>::AffinePoint>;
119}