secp256k1GejDoubleVar static method

void secp256k1GejDoubleVar(
  1. Secp256k1Gej r,
  2. Secp256k1Gej a,
  3. Secp256k1Fe? rzr
)

Implementation

static void secp256k1GejDoubleVar(
    Secp256k1Gej r, Secp256k1Gej a, Secp256k1Fe? rzr) {
  /// For secp256k1, 2Q is infinity if and only if Q is infinity. This is because if 2Q = infinity,
  ///  Q must equal -Q, or that Q.y == -(Q.y), or Q.y is 0. For a point on y^2 = x^3 + 7 to have
  ///  y=0, x^3 must be -7 mod p. However, -7 has no cube root mod p.
  ///
  ///  Having said this, if this function receives a point on a sextic twist, e.g. by
  ///  a fault attack, it is possible for y to be 0. This happens for y^2 = x^3 + 6,
  ///  since -6 does have a cube root mod p. For this point, this function will not set
  ///  the infinity flag even though the point doubles to infinity, and the result
  ///  point will be gibberish (z = 0 but infinity = 0).
  ///
  if (a.infinity.toBool) {
    secp256k1GejSetInfinity(r);
    if (rzr != null) {
      secp256k1FeSetInt(rzr, 1);
    }
    return;
  }

  if (rzr != null) {
    rzr.set(a.y);
    secp256k1FeNormalizeWeak(rzr);
  }

  secp256k1GejDouble(r, a);
}