From 3ca2367ecf8815d5183e6706d24859e271ab879c Mon Sep 17 00:00:00 2001
From: Aaron Feickert <66188213+AaronFeickert@users.noreply.github.com>
Date: Mon, 8 Jul 2024 14:51:04 -0500
Subject: [PATCH] Add `SubgroupPoint` traits

---
 curve25519-dalek/src/edwards.rs | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/curve25519-dalek/src/edwards.rs b/curve25519-dalek/src/edwards.rs
index 856fac12..08b39195 100644
--- a/curve25519-dalek/src/edwards.rs
+++ b/curve25519-dalek/src/edwards.rs
@@ -1335,7 +1335,7 @@ impl GroupEncoding for EdwardsPoint {
 /// A `SubgroupPoint` represents a point on the Edwards form of Curve25519, that is
 /// guaranteed to be in the prime-order subgroup.
 #[cfg(feature = "group")]
-#[derive(Clone, Copy, Debug, PartialEq, Eq)]
+#[derive(Clone, Copy, Debug, Default, PartialEq, Eq)]
 pub struct SubgroupPoint(EdwardsPoint);
 
 #[cfg(feature = "group")]
@@ -1510,6 +1510,20 @@ impl MulAssign<&Scalar> for SubgroupPoint {
 #[cfg(feature = "group")]
 define_mul_assign_variants!(LHS = SubgroupPoint, RHS = Scalar);
 
+#[cfg(feature = "group")]
+impl ConstantTimeEq for SubgroupPoint {
+    fn ct_eq(&self, other: &SubgroupPoint) -> Choice {
+        self.0.ct_eq(&other.0)
+    }
+}
+
+#[cfg(feature = "group")]
+impl ConditionallySelectable for SubgroupPoint {
+    fn conditional_select(a: &SubgroupPoint, b: &SubgroupPoint, choice: Choice) -> SubgroupPoint {
+        SubgroupPoint(EdwardsPoint::conditional_select(&a.0, &b.0, choice))
+    }
+}
+
 #[cfg(feature = "group")]
 impl group::Group for SubgroupPoint {
     type Scalar = Scalar;