diff --git a/ed448-goldilocks/src/decaf/scalar.rs b/ed448-goldilocks/src/decaf/scalar.rs index 95eed5bfb..ac92a55b3 100644 --- a/ed448-goldilocks/src/decaf/scalar.rs +++ b/ed448-goldilocks/src/decaf/scalar.rs @@ -11,6 +11,8 @@ use subtle::{Choice, ConstantTimeEq, CtOption}; impl CurveWithScalar for Decaf448 { type ReprSize = U56; + const NUM_BITS: u32 = 448; + fn from_bytes_mod_order_wide(input: &WideScalarBytes) -> Scalar { let value = ( U448::from_le_slice(&input[..56]), diff --git a/ed448-goldilocks/src/edwards/scalar.rs b/ed448-goldilocks/src/edwards/scalar.rs index 2a1fd5a8c..ee296427b 100644 --- a/ed448-goldilocks/src/edwards/scalar.rs +++ b/ed448-goldilocks/src/edwards/scalar.rs @@ -11,6 +11,8 @@ use subtle::{Choice, ConstantTimeEq, CtOption}; impl CurveWithScalar for Ed448 { type ReprSize = U57; + const NUM_BITS: u32 = 456; + fn from_bytes_mod_order_wide(input: &WideScalarBytes) -> Scalar { // top multiplier = 2^896 mod ℓ const TOP_MULTIPLIER: U448 = U448::from_be_hex( @@ -297,7 +299,7 @@ mod test { let res = serde_bare::to_vec(&EdwardsScalar::TWO_INV); assert!(res.is_ok()); let sb = res.unwrap(); - assert_eq!(sb.len(), 57); + assert_eq!(sb.len(), 58); let res = serde_bare::from_slice::(&sb); assert!(res.is_ok()); diff --git a/ed448-goldilocks/src/field/scalar.rs b/ed448-goldilocks/src/field/scalar.rs index 607c0cb68..18bf78e51 100644 --- a/ed448-goldilocks/src/field/scalar.rs +++ b/ed448-goldilocks/src/field/scalar.rs @@ -44,6 +44,8 @@ pub type WideScalarBytes = Array::ReprSize, U pub trait CurveWithScalar: 'static + CurveArithmetic + Send + Sync { type ReprSize: ArraySize: Copy> + Mul: Copy>>; + const NUM_BITS: u32; + fn from_bytes_mod_order_wide(input: &WideScalarBytes) -> Scalar; fn from_canonical_bytes(bytes: &ScalarBytes) -> CtOption>; @@ -339,7 +341,7 @@ impl PrimeField for Scalar { Choice::from((self.scalar.to_words()[0] & 1) as u8) } const MODULUS: &'static str = "3fffffffffffffffffffffffffffffffffffffffffffffffffffffff7cca23e9c44edb49aed63690216cc2728dc58f552378c292ab5844f3"; - const NUM_BITS: u32 = 448; + const NUM_BITS: u32 = C::NUM_BITS; const CAPACITY: u32 = Self::NUM_BITS - 1; const TWO_INV: Self = Self::new(U448::from_be_hex( "1fffffffffffffffffffffffffffffffffffffffffffffffffffffffbe6511f4e2276da4d76b1b4810b6613946e2c7aa91bc614955ac227a", @@ -430,7 +432,7 @@ impl serdect::serde::Serialize for Scalar { where S: serdect::serde::Serializer, { - serdect::slice::serialize_hex_lower_or_bin(&self.to_bytes(), s) + serdect::slice::serialize_hex_lower_or_bin(&self.to_repr(), s) } } @@ -441,7 +443,7 @@ impl<'de, C: CurveWithScalar> serdect::serde::Deserialize<'de> for Scalar { D: serdect::serde::Deserializer<'de>, { let mut buffer = ScalarBytes::::default(); - serdect::array::deserialize_hex_or_bin(&mut buffer[..56], d)?; + serdect::array::deserialize_hex_or_bin(&mut buffer, d)?; Option::from(Self::from_canonical_bytes(&buffer)).ok_or(serdect::serde::de::Error::custom( "scalar was not canonically encoded", )) diff --git a/ed448-goldilocks/src/lib.rs b/ed448-goldilocks/src/lib.rs index 6013b30b4..1dec5edad 100644 --- a/ed448-goldilocks/src/lib.rs +++ b/ed448-goldilocks/src/lib.rs @@ -100,12 +100,12 @@ impl PointCompression for Ed448 { impl FieldBytesEncoding for U448 { fn decode_field_bytes(field_bytes: &Ed448FieldBytes) -> Self { - U448::from_le_slice(field_bytes) + U448::from_le_slice(&field_bytes[..56]) } fn encode_field_bytes(&self) -> Ed448FieldBytes { let mut data = Ed448FieldBytes::default(); - data.copy_from_slice(&self.to_le_byte_array()[..]); + data[..56].copy_from_slice(&self.to_le_byte_array()); data } }