RistrettoPoint::vartime_check_double_scalar_mul_basepoint

Checks whether [a]A + [b]B = C in variable time.

src/ristretto.rs

@@ -974,6 +974,18 @@ impl RistrettoPoint {
             EdwardsPoint::vartime_double_scalar_mul_basepoint(a, &A.0, b)
         )
     }
+
+    /// Checks whether \\([a]A + [b]B = C\\) in variable time.
+    pub fn vartime_check_double_scalar_mul_basepoint(
+        a: &Scalar,
+        A: &RistrettoPoint,
+        b: &Scalar,
+        C: &RistrettoPoint,
+    ) -> bool {
+        use crate::traits::IsIdentity;
+
+        scalar_mul::abglsv_pornin::mul(a, &A.0, b, &C.0).is_identity()
+    }
 }
 
 /// A precomputed table of multiples of a basepoint, used to accelerate