From 369177f0bac119998c573754ad14896a0492d8c7 Mon Sep 17 00:00:00 2001
From: David Rubin <david@vortan.dev>
Date: Mon, 5 May 2025 06:30:59 -0700
Subject: [PATCH] crypto: add `sub` function to `Ristretto255` (#23724)

---
 lib/std/crypto/25519/ristretto255.zig | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/lib/std/crypto/25519/ristretto255.zig b/lib/std/crypto/25519/ristretto255.zig
index d12a672e7d..5a00bf523a 100644
--- a/lib/std/crypto/25519/ristretto255.zig
+++ b/lib/std/crypto/25519/ristretto255.zig
@@ -150,11 +150,16 @@ pub const Ristretto255 = struct {
         return .{ .p = p.p.add(q.p) };
     }
 
+    /// Subtract two Ristretto255 elements.
+    pub inline fn sub(p: Ristretto255, q: Ristretto255) Ristretto255 {
+        return .{ .p = p.p.sub(q.p) };
+    }
+
     /// Multiply a Ristretto255 element with a scalar.
     /// Return error.WeakPublicKey if the resulting element is
     /// the identity element.
     pub inline fn mul(p: Ristretto255, s: [encoded_length]u8) (IdentityElementError || WeakPublicKeyError)!Ristretto255 {
-        return Ristretto255{ .p = try p.p.mul(s) };
+        return .{ .p = try p.p.mul(s) };
     }
 
     /// Return true if two Ristretto255 elements are equivalent