Make ProjectiveNielsPoint::identity() and associated constant

Author: daxpedda

ed448-goldilocks/src/curve/scalar_mul/window/wnaf.rs

@@ -23,7 +23,7 @@ impl From<&ExtendedPoint> for LookupTable {
 impl LookupTable {
     /// Selects a projective niels point from a lookup table in constant time
     pub fn select(&self, index: u32) -> ProjectiveNielsPoint {
-        let mut result = ProjectiveNielsPoint::identity();
+        let mut result = ProjectiveNielsPoint::IDENTITY;
 
         for i in 1..9 {
             let swap = index.ct_eq(&(i as u32));

ed448-goldilocks/src/curve/twedwards/projective.rs

@@ -1,19 +1,18 @@
 #![allow(non_snake_case)]
 
-use crate::curve::twedwards::extended::ExtendedPoint;
 use crate::curve::twedwards::extensible::ExtensiblePoint;
 use crate::field::FieldElement;
 use subtle::{Choice, ConditionallyNegatable, ConditionallySelectable};
 
 impl Default for ProjectiveNielsPoint {
     fn default() -> ProjectiveNielsPoint {
-        ProjectiveNielsPoint::identity()
+        ProjectiveNielsPoint::IDENTITY
     }
 }
 
 // Its a variant of Niels, where a Z coordinate is added for unmixed readdition
 // ((y+x)/2, (y-x)/2, dxy, Z)
-#[derive(Copy, Clone)]
+#[derive(Copy, Clone, Debug)]
 pub struct ProjectiveNielsPoint {
     pub(crate) Y_plus_X: FieldElement,
     pub(crate) Y_minus_X: FieldElement,
@@ -46,9 +45,12 @@ impl ConditionallyNegatable for ProjectiveNielsPoint {
 }
 
 impl ProjectiveNielsPoint {
-    pub fn identity() -> ProjectiveNielsPoint {
-        ExtendedPoint::IDENTITY.to_projective_niels()
-    }
+    pub const IDENTITY: ProjectiveNielsPoint = ProjectiveNielsPoint {
+        Y_plus_X: FieldElement::ONE,
+        Y_minus_X: FieldElement::ONE,
+        Td: FieldElement::ZERO,
+        Z: FieldElement::TWO,
+    };
 
     pub fn to_extensible(self) -> ExtensiblePoint {
         let A = self.Y_plus_X - self.Y_minus_X;
@@ -65,6 +67,23 @@ impl ProjectiveNielsPoint {
 #[cfg(test)]
 mod tests {
     use super::*;
+    use crate::curve::twedwards::extended::ExtendedPoint;
+
+    #[test]
+    fn identity() {
+        // Internally are compared by converting to `ExtendedPoint`.
+        // Here the right-side identity point is converted to Niel's
+        // and then both sides are converted to twisted-curve form.
+        assert_eq!(
+            ProjectiveNielsPoint::IDENTITY,
+            ExtendedPoint::IDENTITY.to_projective_niels(),
+        );
+        // Here only the left-side identity point is converted.
+        assert_eq!(
+            ProjectiveNielsPoint::IDENTITY.to_extensible(),
+            ExtendedPoint::IDENTITY,
+        );
+    }
 
     #[test]
     fn test_conditional_negate() {

ed448-goldilocks/src/field/element.rs

@@ -246,6 +246,7 @@ impl FieldElement {
         "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000262a8",
     )));
     pub const ONE: Self = Self(ConstMontyType::new(&U448::ONE));
+    pub const TWO: Self = Self(ConstMontyType::new(&U448::from_u64(2)));
     pub const TWISTED_D: Self = Self(ConstMontyType::new(&U448::from_be_hex(
         "fffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffffffff6755",
     )));