Skip to main content

elliptic_curve/
point.rs

1//! Traits for elliptic curve points.
2
3mod non_identity;
4
5#[cfg(feature = "arithmetic")]
6pub use self::non_identity::NonIdentity;
7use crate::{Curve, FieldBytes};
8use subtle::{Choice, CtOption};
9
10#[cfg(feature = "arithmetic")]
11use crate::CurveArithmetic;
12
13/// Affine point type for a given curve with a [`CurveArithmetic`]
14/// implementation.
15#[cfg(feature = "arithmetic")]
16pub type AffinePoint<C> = <C as CurveArithmetic>::AffinePoint;
17
18/// Projective point type for a given curve with a [`CurveArithmetic`]
19/// implementation.
20#[cfg(feature = "arithmetic")]
21pub type ProjectivePoint<C> = <C as CurveArithmetic>::ProjectivePoint;
22
23/// Access to the affine coordinates of an elliptic curve point.
24// TODO: use zkcrypto/group#30 coordinate API when available
25pub trait AffineCoordinates: Sized {
26    /// Field element representation with curve-specific serialization/endianness.
27    type FieldRepr: AsRef<[u8]>;
28
29    /// Creates an affine point from its coordinates.
30    fn from_coordinates(x: &Self::FieldRepr, y: &Self::FieldRepr) -> CtOption<Self>;
31
32    /// Get the affine x-coordinate as a serialized field element.
33    fn x(&self) -> Self::FieldRepr;
34
35    /// Get the affine y-coordinate as a serialized field element.
36    fn y(&self) -> Self::FieldRepr;
37
38    /// Is the affine x-coordinate odd?
39    fn x_is_odd(&self) -> Choice;
40
41    /// Is the affine y-coordinate odd?
42    fn y_is_odd(&self) -> Choice;
43}
44
45/// Normalize point(s) in projective representation by converting them to their affine ones.
46#[cfg(feature = "arithmetic")]
47pub trait BatchNormalize<Points: ?Sized> {
48    /// The output of the batch normalization; a container of affine points.
49    type Output;
50
51    /// Perform a batched conversion to affine representation on a sequence of projective points
52    /// at an amortized cost that should be practically as efficient as a single conversion.
53    /// Internally, implementors should rely upon `InvertBatch`.
54    fn batch_normalize(points: &Points) -> Self::Output;
55
56    /// Perform a batched conversion to affine representation on a sequence of projective points
57    /// in variable-time.
58    ///
59    /// <div class="warning">
60    /// <b>Security Warning</b>
61    ///
62    /// This should NOT be used on points which represent secrets!
63    /// </b>
64    fn batch_normalize_vartime(points: &Points) -> Self::Output {
65        // Call the constant-time implementation by default
66        Self::batch_normalize(points)
67    }
68}
69
70/// Decompress an elliptic curve point.
71///
72/// Point decompression recovers an original curve point from its x-coordinate
73/// and a boolean flag indicating whether or not the y-coordinate is odd.
74pub trait DecompressPoint<C: Curve>: Sized {
75    /// Attempt to decompress an elliptic curve point.
76    fn decompress(x: &FieldBytes<C>, y_is_odd: Choice) -> CtOption<Self>;
77}
78
79/// Decompact an elliptic curve point from an x-coordinate.
80///
81/// Decompaction relies on properties of specially-generated keys but provides
82/// a more compact representation than standard point compression.
83pub trait DecompactPoint<C: Curve>: Sized {
84    /// Attempt to decompact an elliptic curve point
85    fn decompact(x: &FieldBytes<C>) -> CtOption<Self>;
86}
87
88/// Point compression settings.
89pub trait PointCompression {
90    /// Should point compression be applied by default?
91    const COMPRESS_POINTS: bool;
92}
93
94/// Point compaction settings.
95pub trait PointCompaction {
96    /// Should point compaction be applied by default?
97    const COMPACT_POINTS: bool;
98}