From e9a6e9e26009fab9e88e6288092690882009d1fb Mon Sep 17 00:00:00 2001
From: daxpedda <daxpedda@gmail.com>
Date: Thu, 14 Aug 2025 11:28:25 +0200
Subject: [PATCH] Test multiply by half scalar, double and compress

---
 curve25519-dalek/src/ristretto.rs | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/curve25519-dalek/src/ristretto.rs b/curve25519-dalek/src/ristretto.rs
index ca5fa88ec..e67664ec0 100644
--- a/curve25519-dalek/src/ristretto.rs
+++ b/curve25519-dalek/src/ristretto.rs
@@ -1867,6 +1867,35 @@ mod test {
         }
     }
 
+    #[test]
+    #[cfg(all(feature = "alloc", feature = "rand_core", feature = "group"))]
+    fn multiply_double_and_compress_1024_random_points() {
+        use ff::Field;
+        use group::Group;
+        let mut rng = OsRng;
+
+        let mut scalars: Vec<Scalar> = (0..1024)
+            .map(|_| Scalar::try_from_rng(&mut rng).unwrap())
+            .collect();
+        scalars[500] = Scalar::ZERO;
+
+        let mut points: Vec<RistrettoPoint> = (0..1024)
+            .map(|_| RistrettoPoint::try_from_rng(&mut rng).unwrap())
+            .collect();
+        points[500] = <RistrettoPoint as Group>::identity();
+
+        let multiplied_points: Vec<RistrettoPoint> = scalars
+            .iter()
+            .zip(&points)
+            .map(|(scalar, point)| scalar.div_by_2() * point)
+            .collect();
+        let compressed = RistrettoPoint::double_and_compress_batch(&multiplied_points);
+
+        for ((s, P), P2_compressed) in scalars.iter().zip(points).zip(compressed) {
+            assert_eq!(P2_compressed, (s * P).compress());
+        }
+    }
+
     #[test]
     #[cfg(feature = "alloc")]
     fn vartime_precomputed_vs_nonprecomputed_multiscalar() {