Add PrimeFieldBits support to Scalar #579
Conversation
The char_le_bits function is a hack I don't legitimately recommend. I just felt it'd be better to make a PR, which works, than to solely file an issue requesting it as a feature.
curve25519-dalek/src/scalar.rs
Outdated
| let mut bytes = (Scalar::ZERO - Scalar::ONE).to_repr(); | ||
| bytes[0] += 1; | ||
| debug_assert_eq!(DScalar::from_bytes_mod_order(bytes), DScalar::ZERO); | ||
| bytes.into() |
There was a problem hiding this comment.
I think this should work but haven't tested it
| let mut bytes = (Scalar::ZERO - Scalar::ONE).to_repr(); | |
| bytes[0] += 1; | |
| debug_assert_eq!(DScalar::from_bytes_mod_order(bytes), DScalar::ZERO); | |
| bytes.into() | |
| crate::constants::BASEPOINT_ORDER.into() |
There was a problem hiding this comment.
I'll test it now, thanks.
There was a problem hiding this comment.
That's a Scalar, not a byte array. Doesn't that break safety to have an unreduced Scalar in system? Especially now that Scalar addition assumes only unreduced Scalars exist? I'd guess it doesn't in practice, as it won't have any shouldn't never be set bits set, yet still sounds like something which should be a [u8; 32].
There was a problem hiding this comment.
to_bytes().into() works, will push that.
There was a problem hiding this comment.
Doesn't that break safety to have an unreduced Scalar in system?
Yeah, seems a bit odd to have it in the public API if it's unreduced /cc @rozbb
There was a problem hiding this comment.
BASEPOINT_ORDER will be marked deprecated from 4.1.1 - this will be BASEPOINT_ORDER_PRIVATE as pub(crate)
I forgot it was under ff and not exposed by group.
|
Sorry for this PR being a mess. I'm unsure why the no-std CIs are failing. |
|
It's possible that Regardless it would probably be good to split this out into a |
|
I use ff, with bits, on libraries with no-std targets so that shouldn't be it... (though I may technically solely test them on alloc, not no-std). I'll make bits a feature. |
|
It's because we don't do additional cargo hack of the features via std build and we only do it via no_std that detects any errors via features - e.g. red herring that just appears via no_std run which has the feature tested but not in std run we don't do additional duplicate run :) |
|
This looks good to me, thanks! Could you add an item in the changelog for this feature? |
Co-authored-by: pinkforest(she/her) <[email protected]>
|
Thanks for moving this forward before I had the chance, rozbb :) And thanks pinkforest for the actual edit needed. |
The char_le_bits function is a hack I don't legitimately recommend. I just felt it'd be better to make a PR, which works, than to solely file an issue requesting it as a feature.