Function fromBytes [src]

Decode an Edwards25519 point from its compressed (Y+sign) coordinates.

Prototype

pub fn fromBytes(s: [encoded_length]u8) EncodingError!Edwards25519

Parameters

s: [encoded_length]u8

Possible Errors

Source

  pub fn fromBytes(s: [encoded_length]u8) EncodingError!Edwards25519 {
    const z = Fe.one;
    const y = Fe.fromBytes(s);
    var u = y.sq();
    var v = u.mul(Fe.edwards25519d);
    u = u.sub(z);
    v = v.add(z);
    var x = u.mul(v).pow2523().mul(u);
    const vxx = x.sq().mul(v);
    const has_m_root = vxx.sub(u).isZero();
    const has_p_root = vxx.add(u).isZero();
    if ((@intFromBool(has_m_root) | @intFromBool(has_p_root)) == 0) { // best-effort to avoid two conditional branches
        return error.InvalidEncoding;
    }
    x.cMov(x.mul(Fe.sqrtm1), 1 - @intFromBool(has_m_root));
    x.cMov(x.neg(), @intFromBool(x.isNegative()) ^ (s[31] >> 7));
    const t = x.mul(y);
    return Edwards25519{ .x = x, .y = y, .z = z, .t = t };
}  