elliptic-curve: add ReduceNonZero trait (#827)

tarcieri · web-flow · commit f6ac4b06f45e · 2021-12-03T12:53:51.000-07:00
Adds a trait similar to `Reduce`, but where the output of the reduction is ensured to be non-zero. Also impls `Reduce` and `ReduceNonZero` for `NonZeroScalar`. This means that end users need only concern themselves with `Reduce` as they can use `NonZeroScalar::<C>::from_uint_reduced` instead of the more cumbersome `Scalar::<C>::from_uint_reduced_non_zero`. Related: RustCrypto/elliptic-curves#432
diff --git a/elliptic-curve/src/ops.rs b/elliptic-curve/src/ops.rs
@@ -40,3 +40,13 @@ pub trait Reduce<UInt: Integer + ArrayEncoding>: Sized {
         Self::from_uint_reduced(UInt::from_le_byte_array(bytes))
     }
 }
+
+/// Modular reduction to a non-zero output.
+///
+/// This trait is primarily intended for use by curve implementations.
+///
+/// End users can use the `Reduce` impl on `NonZeroScalar` instead.
+pub trait ReduceNonZero<UInt: Integer + ArrayEncoding>: Sized {
+    /// Perform a modular reduction, returning a field element.
+    fn from_uint_reduced_non_zero(n: UInt) -> Self;
+}
diff --git a/elliptic-curve/src/scalar/non_zero.rs b/elliptic-curve/src/scalar/non_zero.rs
@@ -3,7 +3,7 @@
 use crate::{
     bigint::Encoding as _,
     hex,
-    ops::Invert,
+    ops::{Invert, Reduce, ReduceNonZero},
     rand_core::{CryptoRng, RngCore},
     Curve, Error, FieldBytes, IsHigh, Result, Scalar, ScalarArithmetic, ScalarCore, SecretKey,
 };
@@ -12,6 +12,7 @@ use core::{
     ops::{Deref, Neg},
     str,
 };
+use crypto_bigint::{ArrayEncoding, Integer};
 use ff::{Field, PrimeField};
 use generic_array::GenericArray;
 use subtle::{Choice, ConditionallySelectable, ConstantTimeEq, CtOption};
@@ -198,6 +199,31 @@ where
     }
 }
 
+/// Note: implementation is the same as `ReduceNonZero`
+impl<C, I> Reduce<I> for NonZeroScalar<C>
+where
+    C: Curve + ScalarArithmetic,
+    I: Integer + ArrayEncoding,
+    Scalar<C>: ReduceNonZero<I>,
+{
+    fn from_uint_reduced(n: I) -> Self {
+        Self::from_uint_reduced_non_zero(n)
+    }
+}
+
+impl<C, I> ReduceNonZero<I> for NonZeroScalar<C>
+where
+    C: Curve + ScalarArithmetic,
+    I: Integer + ArrayEncoding,
+    Scalar<C>: ReduceNonZero<I>,
+{
+    fn from_uint_reduced_non_zero(n: I) -> Self {
+        let scalar = Scalar::<C>::from_uint_reduced_non_zero(n);
+        debug_assert!(!bool::from(scalar.is_zero()));
+        Self::new(scalar).unwrap()
+    }
+}
+
 impl<C> TryFrom<&[u8]> for NonZeroScalar<C>
 where
     C: Curve + ScalarArithmetic,

Original file line number	Diff line number	Diff line change
`@@ -40,3 +40,13 @@ pub trait Reduce<UInt: Integer + ArrayEncoding>: Sized {`
`40`	`40`	`Self::from_uint_reduced(UInt::from_le_byte_array(bytes))`
`41`	`41`	`}`
`42`	`42`	`}`
	`43`	`+`
	`44`	`+/// Modular reduction to a non-zero output.`
	`45`	`+///`
	`46`	`+/// This trait is primarily intended for use by curve implementations.`
	`47`	`+///`
	`48`	+/// End users can use the `Reduce` impl on `NonZeroScalar` instead.
	`49`	`+pub trait ReduceNonZero<UInt: Integer + ArrayEncoding>: Sized {`
	`50`	`+ /// Perform a modular reduction, returning a field element.`
	`51`	`+ fn from_uint_reduced_non_zero(n: UInt) -> Self;`
	`52`	`+}`