RistrettoPoint.fromBytes constructor
Factory method to create a RistrettoPoint from a byte representation.
Parameters:
bytes: The byte representation of the RistrettoPoint.curveEdTw: An optional parameter specifying the curve (default is Ed25519).
Throws:
- ArgumentException: If the input bytes result in an invalid RistrettoPoint.
- CryptoException: If the RistrettoPoint creation fails any validity checks.
Implementation
factory RistrettoPoint.fromBytes(List<int> bytes, {CurveED? curveEdTw}) {
final c = curveEdTw ?? Curves.curveEd25519;
final a = c.a;
final d = c.d;
final P = c.p;
final s = BigintUtils.fromBytes(bytes, byteOrder: Endian.little);
if (isOdd(s, P)) {
throw ArgumentException.invalidOperationArguments(
"RistrettoPoint",
name: "bytes",
reason: "Invalid point bytes.",
);
}
final s2 = positiveMod(s * s, P);
final u1 = positiveMod(BigInt.one + a * s2, P);
final u2 = positiveMod(BigInt.one - a * s2, P);
final u1_2 = positiveMod(u1 * u1, P);
final u2_2 = positiveMod(u2 * u2, P);
final v = positiveMod(a * d * u1_2 - u2_2, P);
final invSqrt = sqrtUV(BigInt.one, positiveMod(v * u2_2, P));
final x2 = positiveMod(invSqrt.$2 * u2, P);
final y2 = positiveMod(invSqrt.$2 * x2 * v, P);
BigInt x = positiveMod((s + s) * x2, P);
if (isOdd(x, P)) {
x = positiveMod(-x, P);
}
final y = positiveMod(u1 * y2, P);
final t = positiveMod(x * y, P);
if (!invSqrt.$1 || isOdd(t, P) || y == BigInt.zero) {
throw ArgumentException.invalidOperationArguments(
"RistrettoPoint",
reason: "Invalid ristretto point encoding bytes.",
);
}
return RistrettoPoint.fromEdwardsPoint(
EDPoint(curve: c, x: x, y: y, z: BigInt.one, t: t),
);
}