WordPress at Your Fingertips
function is not described

ParagonIE_Sodium_Core_Ristretto255::ristretto255_elligator() public WP 1.0

{} It's a method of the class: ParagonIE_Sodium_Core_Ristretto255{}

No Hooks.

Return

ParagonIE_Sodium_Core_Curve25519_Ge_P3.

Usage

$result = ParagonIE_Sodium_Core_Ristretto255::ristretto255_elligator( $t );
$t(ParagonIE_Sodium_Core_Curve25519_Fe) (required)
-

Code of ParagonIE_Sodium_Core_Ristretto255::ristretto255_elligator() WP 5.8.2

public static function ristretto255_elligator(ParagonIE_Sodium_Core_Curve25519_Fe $t)
{
    $sqrtm1   = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$sqrtm1);
    $onemsqd  = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$onemsqd);
    $d        = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$d);
    $sqdmone  = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$sqdmone);
    $sqrtadm1 = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$sqrtadm1);

    $one = self::fe_1();
    $r   = self::fe_mul($sqrtm1, self::fe_sq($t));         /* r = sqrt(-1)*t^2 */
    $u   = self::fe_mul(self::fe_add($r, $one), $onemsqd); /* u = (r+1)*(1-d^2) */
    $c   = self::fe_neg(self::fe_1());                     /* c = -1 */
    $rpd = self::fe_add($r, $d);                           /* rpd = r+d */

    $v = self::fe_mul(
        self::fe_sub(
            $c,
            self::fe_mul($r, $d)
        ),
        $rpd
    ); /* v = (c-r*d)*(r+d) */

    $result = self::ristretto255_sqrt_ratio_m1($u, $v);
    $s = $result['x'];
    $wasnt_square = 1 - $result['nonsquare'];

    $s_prime = self::fe_neg(
        self::fe_abs(
            self::fe_mul($s, $t)
        )
    ); /* s_prime = -|s*t| */
    $s = self::fe_cmov($s, $s_prime, $wasnt_square);
    $c = self::fe_cmov($c, $r, $wasnt_square);

    // fe25519_sub(n, r, one);            /* n = r-1 */
    // fe25519_mul(n, n, c);              /* n = c*(r-1) */
    // fe25519_mul(n, n, ed25519_sqdmone); /* n = c*(r-1)*(d-1)^2 */
    // fe25519_sub(n, n, v);              /* n =  c*(r-1)*(d-1)^2-v */
    $n = self::fe_sub(
        self::fe_mul(
            self::fe_mul(
                self::fe_sub($r, $one),
                $c
            ),
            $sqdmone
        ),
        $v
    ); /* n =  c*(r-1)*(d-1)^2-v */

    $w0 = self::fe_mul(
        self::fe_add($s, $s),
        $v
    ); /* w0 = 2s*v */

    $w1 = self::fe_mul($n, $sqrtadm1); /* w1 = n*sqrt(ad-1) */
    $ss = self::fe_sq($s); /* ss = s^2 */
    $w2 = self::fe_sub($one, $ss); /* w2 = 1-s^2 */
    $w3 = self::fe_add($one, $ss); /* w3 = 1+s^2 */

    return new ParagonIE_Sodium_Core_Curve25519_Ge_P3(
        self::fe_mul($w0, $w3),
        self::fe_mul($w2, $w1),
        self::fe_mul($w1, $w3),
        self::fe_mul($w0, $w2)
    );
}