From f22ac9ea5349d5fc7582f3e6beb306fbbd33d2be Mon Sep 17 00:00:00 2001
From: StackOverflowExcept1on
 <109800286+StackOverflowExcept1on@users.noreply.github.com>
Date: Mon, 11 Nov 2024 02:22:52 +0300
Subject: [PATCH] feat: add `CompressedEdwardsY::decompress_unchecked()` (#2)

* remove .DS_Store

* feat: add `CompressedEdwardsY::decompress_unchecked()`
---
 .DS_Store                     | Bin 6148 -> 0 bytes
 .gitignore                    |   1 +
 Cargo.toml                    |   2 +-
 src/curve/edwards/extended.rs |  17 +++++++++++++----
 4 files changed, 15 insertions(+), 5 deletions(-)
 delete mode 100644 .DS_Store

diff --git a/.DS_Store b/.DS_Store
deleted file mode 100644
index 3ae428d4c8e84b8b56a6f0c0d3f4670bac9584f3..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 6148
zcmeHKyH3ME5S&Y*C?QQ61f@$VBx)Kfgo2t6fIKXOurW%U-VOi2FYtYQ0L<Q=BKu+_
zDumE(v^VFwo%QWF@#O%x*=~ISOaYAOg1s@D4wHHD1M7tm;W?k9#5r=5SmEg)+6Mlj
z0`lyRaD@dnc;J)UKfjy2TrKl*$$9y5T++`zy|EW_Dl!Y?5$8SP4DraQ1@Dt#+m3Z7
zQS1oM%vnh!*HmB~#lJ@JW3E4A?lohxPR2*X=ri*Mt9D*r=Ub!BA=jYVWT>K8sjnG(
zj2&0K;kt8vGOp#0zXM?}m}Se^C3{`fNcGK36UM%fQH83CPL^oUWbx9>6fgx$fgdTr
zJzH!vQMA?+Fa=D3y#n%nNa%uTz*^D2I@tIl0CB)!Z|uw8Md2g?(}1-iXJ}5TM5VfL
z#BfUIcoO2$fVHC1;lkm=g*&@&LUI1?%%AvhxKz<vQ@|8xE6~@=sqFvP-=F{6B)c*N
zOo4x;fE&zj=QEZR_SS>qWUo!=_jECds}=VYcKlY%SlNnC>E1Y=NQamPtQ9#zvp)h}
L25U@#Usd1>%zub8

diff --git a/.gitignore b/.gitignore
index 779aacc..e44bcb8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,3 +5,4 @@ unrolled_karatsuba.md
 upstream.md
 src/docs/formulas.md
 .idea/
+.DS_Store
diff --git a/Cargo.toml b/Cargo.toml
index 149ead8..5d4486a 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -11,7 +11,7 @@ license = "BSD-3-Clause"
 name = "ed448-goldilocks-plus"
 readme = "README.md"
 repository = "https://github.com/mikelodder7/Ed448-Goldilocks"
-version = "0.13.0"
+version = "0.13.1"
 
 [dependencies]
 crypto-bigint = { version = "0.5", features = ["generic-array"] }
diff --git a/src/curve/edwards/extended.rs b/src/curve/edwards/extended.rs
index aac5d5b..7f7e204 100644
--- a/src/curve/edwards/extended.rs
+++ b/src/curve/edwards/extended.rs
@@ -227,8 +227,8 @@ impl CompressedEdwardsY {
     /// Attempt to decompress to an `EdwardsPoint`.
     ///
     /// Returns `None` if the input is not the \\(y\\)-coordinate of a
-    /// curve point.`
-    pub fn decompress(&self) -> CtOption<EdwardsPoint> {
+    /// curve point.
+    pub fn decompress_unchecked(&self) -> CtOption<EdwardsPoint> {
         // Safe to unwrap here as the underlying data structure is a slice
         let (sign, b) = self.0.split_last().unwrap();
 
@@ -249,9 +249,18 @@ impl CompressedEdwardsY {
         let is_negative = x.is_negative();
         x.conditional_negate(compressed_sign_bit ^ is_negative);
 
-        let pt = AffinePoint { x, y }.to_edwards();
+        CtOption::new(AffinePoint { x, y }.to_edwards(), is_res)
+    }
 
-        CtOption::new(pt, is_res & pt.is_on_curve() & pt.is_torsion_free())
+    /// Attempt to decompress to an `EdwardsPoint`.
+    ///
+    /// Returns `None`:
+    /// - if the input is not the \\(y\\)-coordinate of a curve point.
+    /// - if the input point is not on the curve.
+    /// - if the input point has nonzero torsion component.
+    pub fn decompress(&self) -> CtOption<EdwardsPoint> {
+        self.decompress_unchecked()
+            .and_then(|pt| CtOption::new(pt, pt.is_on_curve() & pt.is_torsion_free()))
     }
 
     /// View this `CompressedEdwardsY` as an array of bytes.