RistrettoPoint.fromBytes constructor

RistrettoPoint.fromBytes(
  1. List<int> bytes, {
  2. CurveED? curveEdTw,
})

Factory method to create a RistrettoPoint from a byte representation.

This factory method creates a RistrettoPoint instance from a byte representation of a RistrettoPoint. It follows a series of calculations and checks to ensure the validity of the input bytes and derive the RistrettoPoint coordinates.

Parameters:

  • bytes: The byte representation of the RistrettoPoint.
  • curveEdTw: An optional parameter specifying the curve (default is Ed25519).

Returns:

  • RistrettoPoint: A RistrettoPoint instance created from the input bytes.

Throws:

  • ArgumentException: If the input bytes result in an invalid RistrettoPoint.
  • Exception: If the RistrettoPoint creation fails any validity checks.

Implementation

factory RistrettoPoint.fromBytes(List<int> bytes, {CurveED? curveEdTw}) {
  final List<int> hex = bytes;
  final c = curveEdTw ?? Curves.curveEd25519;
  final a = c.a;
  final d = c.d;
  final P = c.p;
  final s = BigintUtils.fromBytes(hex, byteOrder: Endian.little);
  if (ristretto_tools.isOdd(s, P)) {
    throw const ArgumentException("Invalid RistrettoPoint");
  }
  final s2 = ristretto_tools.positiveMod(s * s, P);
  final u1 = ristretto_tools.positiveMod(BigInt.one + a * s2, P);
  final u2 = ristretto_tools.positiveMod(BigInt.one - a * s2, P);
  final u1_2 = ristretto_tools.positiveMod(u1 * u1, P);
  final u2_2 = ristretto_tools.positiveMod(u2 * u2, P);
  final v = ristretto_tools.positiveMod(a * d * u1_2 - u2_2, P);
  final invSqrt = ristretto_tools.sqrtUV(
      BigInt.one, ristretto_tools.positiveMod(v * u2_2, P));
  final x2 = ristretto_tools.positiveMod(invSqrt.item2 * u2, P);
  final y2 = ristretto_tools.positiveMod(invSqrt.item2 * x2 * v, P);

  BigInt x = ristretto_tools.positiveMod((s + s) * x2, P);
  if (ristretto_tools.isOdd(x, P)) {
    x = ristretto_tools.positiveMod(-x, P);
  }

  final y = ristretto_tools.positiveMod(u1 * y2, P);
  final t = ristretto_tools.positiveMod(x * y, P);
  if (!invSqrt.item1 || ristretto_tools.isOdd(t, P) || y == BigInt.zero) {
    throw const ArgumentException("Invalid RistrettoPoint");
  }
  return RistrettoPoint.fromEdwardsPoint(
      EDPoint(curve: c, x: x, y: y, z: BigInt.one, t: t));
}