Function clampedMul [src]

Multiply a Curve25519 point by a scalar after "clamping" it. Clamping forces the scalar to be a multiple of the cofactor in order to prevent small subgroups attacks. This is the standard way to use Curve25519 for a DH operation. Return error.IdentityElement if the resulting point is the identity element.

Prototype

pub fn clampedMul(p: Curve25519, s: [32]u8) IdentityElementError!Curve25519

Parameters

p: Curve25519s: [32]u8

Possible Errors

IdentityElement IdentityElementError

Source

  pub fn clampedMul(p: Curve25519, s: [32]u8) IdentityElementError!Curve25519 {
    var t: [32]u8 = s;
    scalar.clamp(&t);
    return try ladder(p, t, 255);
}  