From 70dccf5d74b771cc03fecd30d11dc39283d898d9 Mon Sep 17 00:00:00 2001 From: Tony Arcieri Date: Tue, 31 Mar 2026 08:12:42 -0600 Subject: [PATCH] Add `PrimeField::to_le_repr` The current `group::Wnaf` implementation assumes `PrimeField::to_repr` returns a little endian encoding, so it doesn't work with our implementations of the NIST P-curves, which return a big endian SEC1 encoding. Following the general idea from RustCrypto/group#10, this adds an API which is guaranteed to return a little endian encoding which will always work with the current implementation of `group::Wnaf`. This is largely a stopgap solution which allows us to begin using `group::Wnaf` at all, though ideally we can find a more elegant upstream solution. --- src/lib.rs | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/lib.rs b/src/lib.rs index 0ba6fd2..1dff371 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -304,6 +304,15 @@ pub trait PrimeField: Field + From { /// encodings of field elements should be treated as opaque. fn to_repr(&self) -> Self::Repr; + /// Convert an element of the prime field into a little endian byte representation. + /// + /// The provided implementation assumes [`PrimeField::to_repr`] returns a little endian + /// representation and needs to be overridden if it uses big endian. + // TODO(tarcieri): this is largely a hack to make `group::Wnaf` work. Ideally it could go away. + fn to_le_repr(&self) -> Self::Repr { + self.to_repr() + } + /// Returns true iff this element is odd. fn is_odd(&self) -> Choice;