primeorder: support curves with any a (#729)

Implements all formulas in Renes-Costello-Batina 2015, including ones for curves where a != -3. This includes generic formulas which work for any short Weierstrass curve, and formulas specialized for the case a = 0. Closes #726.
RustCrypto · Feb 6, 2023 · d4dbe19 · d4dbe19
1 parent 15794bc
commit d4dbe19
Show file tree

Hide file tree

Showing 6 changed files with 340 additions and 140 deletions.
diff --git a/p256/src/arithmetic.rs b/p256/src/arithmetic.rs
@@ -13,7 +13,7 @@ pub(crate) mod util;
 use self::{field::FieldElement, scalar::Scalar};
 use crate::NistP256;
 use elliptic_curve::{CurveArithmetic, PrimeCurveArithmetic};
-use primeorder::{equation_a, PrimeCurveParams};
+use primeorder::{point_arithmetic, PrimeCurveParams};
 
 /// Elliptic curve point in affine coordinates.
 pub type AffinePoint = primeorder::AffinePoint<NistP256>;
@@ -36,7 +36,7 @@ impl PrimeCurveArithmetic for NistP256 {
 /// [NIST SP 800-186]: https://csrc.nist.gov/publications/detail/sp/800-186/final
 impl PrimeCurveParams for NistP256 {
     type FieldElement = FieldElement;
-    type EquationAProperties = equation_a::IsMinusThree;
+    type PointArithmetic = point_arithmetic::EquationAIsMinusThree;
 
     /// a = -3
     const EQUATION_A: FieldElement = FieldElement::from_u64(3).neg();

diff --git a/p384/src/arithmetic.rs b/p384/src/arithmetic.rs
@@ -15,7 +15,7 @@ pub(crate) mod scalar;
 use self::{field::FieldElement, scalar::Scalar};
 use crate::NistP384;
 use elliptic_curve::{CurveArithmetic, PrimeCurveArithmetic};
-use primeorder::{equation_a, PrimeCurveParams};
+use primeorder::{point_arithmetic, PrimeCurveParams};
 
 /// Elliptic curve point in affine coordinates.
 pub type AffinePoint = primeorder::AffinePoint<NistP384>;
@@ -38,7 +38,7 @@ impl PrimeCurveArithmetic for NistP384 {
 /// [NIST SP 800-186]: https://csrc.nist.gov/publications/detail/sp/800-186/final
 impl PrimeCurveParams for NistP384 {
     type FieldElement = FieldElement;
-    type EquationAProperties = equation_a::IsMinusThree;
+    type PointArithmetic = point_arithmetic::EquationAIsMinusThree;
 
     /// a = -3 (0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc)
     const EQUATION_A: FieldElement = FieldElement::from_u64(3).neg();

diff --git a/primeorder/src/equation_a.rs b/primeorder/src/equation_a.rs
diff --git a/primeorder/src/lib.rs b/primeorder/src/lib.rs
@@ -8,7 +8,7 @@
 #![warn(missing_docs, rust_2018_idioms, unused_qualifications)]
 #![doc = include_str!("../README.md")]
 
-pub mod equation_a;
+pub mod point_arithmetic;
 
 mod affine;
 mod field;
@@ -30,8 +30,8 @@ pub trait PrimeCurveParams:
     /// Base field element type.
     type FieldElement: PrimeField<Repr = FieldBytes<Self>>;
 
-    /// Special properties of the `a`-coefficient.
-    type EquationAProperties: equation_a::EquationAProperties;
+    /// [Point arithmetic](point_arithmetic) implementation, might be optimized for this specific curve
+    type PointArithmetic: point_arithmetic::PointArithmetic<Self>;
 
     /// Coefficient `a` in the curve equation.
     const EQUATION_A: Self::FieldElement;