pub fn point_add<const LIMBS: usize>(
p_pt: &JacobianPoint<LIMBS>,
q_pt: &JacobianPoint<LIMBS>,
params: &CurveParams<LIMBS>,
) -> JacobianPoint<LIMBS>Expand description
Jacobian point addition: P + Q. Uses the generic “add-2007-bl” formula
(no assumption on Z coordinates).
Not constant-time: branches on whether P == Q (to delegate to
point_double) and on whether P == -Q (to short-circuit to infinity).
Intended for operations on public points only, such as the Shamir
trick in double_scalar_mul used by ECDSA verify.
For the CT-critical scalar multiplication path (signing, ECDH), use
point_add_ct which is uniform over all P, Q but requires the
caller to respect the Montgomery ladder invariant R1 - R0 == P so
that P == Q can never occur (the only case the CT variant cannot
handle via the generic formulas alone).
Reference: https://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian.html#addition-add-2007-bl