|
|
@ -67,21 +67,9 @@ impl<E: JubjubEngine, Subgroup> PartialEq for Point<E, Subgroup> { |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
impl<E: JubjubEngine> Point<E, Unknown> { |
|
|
|
impl<E: JubjubEngine> Point<E, Unknown> { |
|
|
|
/// This guarantees the point is in the prime order subgroup
|
|
|
|
pub fn get_for_x(x: E::Fr, sign: bool, params: &E::Params) -> Option<Self> |
|
|
|
pub fn mul_by_cofactor(&self, params: &E::Params) -> Point<E, PrimeOrder> |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
let tmp = self.double(params) |
|
|
|
|
|
|
|
.double(params) |
|
|
|
|
|
|
|
.double(params); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
convert_subgroup(&tmp) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
pub fn rand<R: Rng>(rng: &mut R, params: &E::Params) -> Self |
|
|
|
|
|
|
|
{ |
|
|
|
{ |
|
|
|
loop { |
|
|
|
|
|
|
|
// given an x on the curve, y^2 = x^3 + A*x^2 + x
|
|
|
|
// given an x on the curve, y^2 = x^3 + A*x^2 + x
|
|
|
|
let x: E::Fr = rng.gen(); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
let mut x2 = x; |
|
|
|
let mut x2 = x; |
|
|
|
x2.square(); |
|
|
|
x2.square(); |
|
|
@ -94,16 +82,39 @@ impl<E: JubjubEngine> Point<E, Unknown> { |
|
|
|
|
|
|
|
|
|
|
|
match rhs.sqrt() { |
|
|
|
match rhs.sqrt() { |
|
|
|
Some(mut y) => { |
|
|
|
Some(mut y) => { |
|
|
|
if y.into_repr().is_odd() != rng.gen() { |
|
|
|
if y.into_repr().is_odd() != sign { |
|
|
|
y.negate(); |
|
|
|
y.negate(); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
return Point { |
|
|
|
return Some(Point { |
|
|
|
x: x, |
|
|
|
x: x, |
|
|
|
y: y, |
|
|
|
y: y, |
|
|
|
infinity: false, |
|
|
|
infinity: false, |
|
|
|
_marker: PhantomData |
|
|
|
_marker: PhantomData |
|
|
|
|
|
|
|
}) |
|
|
|
|
|
|
|
}, |
|
|
|
|
|
|
|
None => None |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/// This guarantees the point is in the prime order subgroup
|
|
|
|
|
|
|
|
pub fn mul_by_cofactor(&self, params: &E::Params) -> Point<E, PrimeOrder> |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
let tmp = self.double(params) |
|
|
|
|
|
|
|
.double(params) |
|
|
|
|
|
|
|
.double(params); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
convert_subgroup(&tmp) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
pub fn rand<R: Rng>(rng: &mut R, params: &E::Params) -> Self |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
loop { |
|
|
|
|
|
|
|
let x: E::Fr = rng.gen(); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
match Self::get_for_x(x, rng.gen(), params) { |
|
|
|
|
|
|
|
Some(p) => { |
|
|
|
|
|
|
|
return p |
|
|
|
}, |
|
|
|
}, |
|
|
|
None => {} |
|
|
|
None => {} |
|
|
|
} |
|
|
|
} |
|
|
|