Move embedwards25519 over to short-weierstrass

crypto/short-weierstrass/src/lib.rs

@@ -5,6 +5,7 @@
 
 use core::fmt::Debug;
 
+use subtle::Choice;
 use zeroize::Zeroize;
 use group::ff::PrimeField;
 
@@ -14,6 +15,10 @@ mod projective;
 pub use projective::Projective;
 
 /// An elliptic curve represented in short Weierstrass form, with equation `y^2 = x^3 + A x + B`.
+///
+/// This elliptic curve is expected to be of prime order. If a generator of the elliptic curve has
+/// a composite order, the elliptic curve is defined solely as its largest odd-prime-order
+/// subgroup, further considered the entire group/elliptic curve.
 pub trait ShortWeierstrass: 'static + Sized + Debug {
   /// The field the elliptic curve is defined over.
   type FieldElement: Zeroize + PrimeField;
@@ -27,4 +32,17 @@ pub trait ShortWeierstrass: 'static + Sized + Debug {
   ///
   /// This may be omitted by specifying `()`.
   type Scalar;
+
+  /// The type used for encoding points.
+  type Repr: 'static + Send + Sync + Copy + Default + AsRef<[u8]> + AsMut<[u8]>;
+  /// The representation of the identity point.
+  const IDENTITY: Self::Repr;
+  /// Compress an affine point its byte encoding.
+  ///
+  /// The space of potential outputs MUST exclude `Self::IDENTITY`.
+  fn compress(x: Self::FieldElement, odd_y: Choice) -> Self::Repr;
+  /// Decode a compressed point.
+  ///
+  /// This is expected to return the `x` coordinate and if the `y` coordinate is odd.
+  fn decode_compressed(bytes: &Self::Repr) -> (<Self::FieldElement as PrimeField>::Repr, Choice);
 }