k256: factor mul_by_generator into ProjectivePoint (#706)

Makes `ProjectivePoint::mul_by_generator` an inherent static method instead of a free function. This avoids the need to import it separately from `ProjectivePoint`.
RustCrypto · Jan 9, 2023 · 84871c3 · 84871c3
1 parent 568e2b1
commit 84871c3
Show file tree

Hide file tree

Showing 5 changed files with 29 additions and 31 deletions.
diff --git a/k256/benches/scalar.rs b/k256/benches/scalar.rs
@@ -6,7 +6,7 @@ use criterion::{
 use hex_literal::hex;
 use k256::{
     elliptic_curve::{generic_array::arr, group::ff::PrimeField, ops::LinearCombination},
-    mul_by_generator, ProjectivePoint, Scalar,
+    ProjectivePoint, Scalar,
 };
 
 fn test_scalar_x() -> Scalar {
@@ -51,7 +51,7 @@ fn bench_point_mul_by_generator<'a, M: Measurement>(group: &mut BenchmarkGroup<'
     group.bench_function("mul_by_generator naive", |b| b.iter(|| &p * &x));
 
     group.bench_function("mul_by_generator precomputed", |b| {
-        b.iter(|| mul_by_generator(&x))
+        b.iter(|| ProjectivePoint::mul_by_generator(&x))
     });
 }
 

diff --git a/k256/src/arithmetic.rs b/k256/src/arithmetic.rs
@@ -12,7 +12,6 @@ pub(crate) mod scalar;
 mod dev;
 
 pub use field::FieldElement;
-pub use mul::mul_by_generator;
 
 use affine::AffinePoint;
 use projective::ProjectivePoint;

diff --git a/k256/src/arithmetic/mul.rs b/k256/src/arithmetic/mul.rs
@@ -394,29 +394,31 @@ fn precompute_gen_lookup_table() -> [LookupTable; 33] {
     res
 }
 
-/// Calculates `k * G`, where `G` is the generator.
-#[cfg(not(feature = "basepoint-tables"))]
-pub fn mul_by_generator(k: &Scalar) -> ProjectivePoint {
-    ProjectivePoint::GENERATOR * k
-}
-
-/// Calculates `k * G`, where `G` is the generator.
-#[cfg(feature = "basepoint-tables")]
-pub fn mul_by_generator(k: &Scalar) -> ProjectivePoint {
-    let digits = Radix16Decomposition::<65>::new(k);
-    let table = *GEN_LOOKUP_TABLE;
-    let mut acc = table[32].select(digits.0[64]);
-    let mut acc2 = ProjectivePoint::IDENTITY;
-    for i in (0..32).rev() {
-        acc2 += &table[i].select(digits.0[i * 2 + 1]);
-        acc += &table[i].select(digits.0[i * 2]);
+impl ProjectivePoint {
+    /// Calculates `k * G`, where `G` is the generator.
+    #[cfg(not(feature = "basepoint-tables"))]
+    pub fn mul_by_generator(k: &Scalar) -> ProjectivePoint {
+        ProjectivePoint::GENERATOR * k
     }
-    // This is the price of halving the precomputed table size (from 60kb to 30kb)
-    // The performance hit is minor, about 3%.
-    for _ in 0..4 {
-        acc2 = acc2.double();
+
+    /// Calculates `k * G`, where `G` is the generator.
+    #[cfg(feature = "basepoint-tables")]
+    pub fn mul_by_generator(k: &Scalar) -> ProjectivePoint {
+        let digits = Radix16Decomposition::<65>::new(k);
+        let table = *GEN_LOOKUP_TABLE;
+        let mut acc = table[32].select(digits.0[64]);
+        let mut acc2 = ProjectivePoint::IDENTITY;
+        for i in (0..32).rev() {
+            acc2 += &table[i].select(digits.0[i * 2 + 1]);
+            acc += &table[i].select(digits.0[i * 2]);
+        }
+        // This is the price of halving the precomputed table size (from 60kb to 30kb)
+        // The performance hit is minor, about 3%.
+        for _ in 0..4 {
+            acc2 = acc2.double();
+        }
+        acc + acc2
     }
-    acc + acc2
 }
 
 #[inline(always)]
@@ -473,7 +475,6 @@ impl MulAssign<&Scalar> for ProjectivePoint {
 
 #[cfg(test)]
 mod tests {
-    use super::mul_by_generator;
     use crate::arithmetic::{ProjectivePoint, Scalar};
     use elliptic_curve::{ops::LinearCombination, rand_core::OsRng, Field, Group};
 
@@ -493,7 +494,7 @@ mod tests {
     fn test_mul_by_generator() {
         let k = Scalar::random(&mut OsRng);
         let reference = &ProjectivePoint::GENERATOR * &k;
-        let test = mul_by_generator(&k);
+        let test = ProjectivePoint::mul_by_generator(&k);
         assert_eq!(reference, test);
     }
 }
diff --git a/k256/src/ecdsa.rs b/k256/src/ecdsa.rs
@@ -157,7 +157,7 @@ use crate::Secp256k1;
 
 #[cfg(feature = "ecdsa")]
 use {
-    crate::{arithmetic::mul_by_generator, AffinePoint, FieldBytes, Scalar, U256},
+    crate::{AffinePoint, FieldBytes, ProjectivePoint, Scalar, U256},
     core::borrow::Borrow,
     ecdsa_core::hazmat::{SignPrimitive, VerifyPrimitive},
     elliptic_curve::{
@@ -212,7 +212,7 @@ impl SignPrimitive<Secp256k1> for Scalar {
         let k_inverse = k_inverse.unwrap();
 
         // Compute 𝐑 = 𝑘×𝑮
-        let R = mul_by_generator(k).to_affine();
+        let R = ProjectivePoint::mul_by_generator(k).to_affine();
 
         // Lift x-coordinate of 𝐑 (element of base field) into a serialized big
         // integer, then reduce it into an element of the scalar field

diff --git a/k256/src/lib.rs b/k256/src/lib.rs
@@ -48,9 +48,7 @@ pub mod test_vectors;
 pub use elliptic_curve::{self, bigint::U256};
 
 #[cfg(feature = "arithmetic")]
-pub use arithmetic::{
-    affine::AffinePoint, mul_by_generator, projective::ProjectivePoint, scalar::Scalar,
-};
+pub use arithmetic::{affine::AffinePoint, projective::ProjectivePoint, scalar::Scalar};
 
 #[cfg(feature = "expose-field")]
 pub use arithmetic::FieldElement;