Documentation
¶
Overview ¶
Package babyjub eddsa implements the EdDSA over the BabyJubJub curve
Index ¶
- Variables
- func Blake512(m []byte) []byte
- func PackSignY(sign bool, y *big.Int) [32]byte
- func PointCoordSign(c *big.Int) bool
- func UnpackSignY(leBuf [32]byte) (bool, *big.Int)
- type Point
- type PointProjective
- type PrivKeyScalar
- type PrivateKey
- type PublicKey
- type PublicKeyComp
- type Signature
- type SignatureComp
Constants ¶
This section is empty.
Variables ¶
var ( // A is one of the babyjub constants.(Coefficient A) A *big.Int // Aff is A value in *ff.Element representation Aff *ff.Element // D is one of the babyjub constants.(Coefficient D) D *big.Int // Dff is D value in *ff.Element representation Dff *ff.Element // Order of the babyjubjub curve. Order *big.Int // SubOrder is the order of the subgroup of the babyjub curve that contains the // points that we use. SubOrder *big.Int // B8 is a base point of the babyjub multiplied by 8 to make it a base point of // the subgroup in the curve. B8 *Point )
babyjub curve: ax^2 + y^2 = 1 + d*x^2*y^2
Functions ¶
func Blake512 ¶
Blake512 performs the blake-512 hash over the buffer m. Note that this is the original blake from the SHA3 competition and not the new blake2 version.
func PackSignY ¶
PackSignY packs the given sign and the coordinate Y of a point into a 32 byte array. This method does not check that the values belong to a valid Point in the curve.
func PointCoordSign ¶
PointCoordSign returns the sign of the curve point coordinate. It returns false if the sign is positive and false if the sign is negative.
func UnpackSignY ¶
UnpackSignY returns the sign and coordinate Y from a given compressed point. This method does not check that the Point belongs to the BabyJubJub curve, thus does not return error in such case. This method is intended to obtain the sign and the Y coordinate without checking if the point belongs to the curve, if the objective is to uncompress a point, Decompress method should be used instead.
Types ¶
type Point ¶
Point represents a point of the babyjub curve.
func PointFromSignAndY ¶
PointFromSignAndY returns a Point from a Sign and the Y coordinate x^2 = (1 - y^2) / (a - d*y^2)
func (*Point) Compress ¶
Compress the point into a 32 byte array that contains the y coordinate in little endian and the sign of the x coordinate.
func (*Point) Decompress ¶
Decompress a compressed Point into p, and also returns the decompressed Point. Returns error if the compressed Point is invalid.
func (*Point) InSubGroup ¶
InSubGroup returns true when the Point p is in the subgroup of the babyjub curve.
func (*Point) Mul ¶
Mul multiplies the Point q by the scalar s and stores the result in p, which is also returned.
func (*Point) Projective ¶
func (p *Point) Projective() *PointProjective
Projective returns a PointProjective from the Point
type PointProjective ¶
PointProjective is the Point representation in projective coordinates
func NewPointProjective ¶
func NewPointProjective() *PointProjective
NewPointProjective creates a new Point in projective coordinates(0,1,1). the new point as know as infinity
func (*PointProjective) Add ¶
func (p *PointProjective) Add(q *PointProjective, o *PointProjective) *PointProjective
Add computes the addition of two points in projective coordinates representation
func (*PointProjective) Affine ¶
func (p *PointProjective) Affine() *Point
Affine returns the Point from the projective representation
type PrivKeyScalar ¶
**** * Private Key Scalar **** PrivKeyScalar represents the scalar s output of a private key
func NewPrivKeyScalar ¶
func NewPrivKeyScalar(s *big.Int) *PrivKeyScalar
NewPrivKeyScalar creates a new PrivKeyScalar from a big.Int
func (*PrivKeyScalar) BigInt ¶
func (s *PrivKeyScalar) BigInt() *big.Int
BigInt returns the big.Int corresponding to a PrivKeyScalar.
func (*PrivKeyScalar) Public ¶
func (s *PrivKeyScalar) Public() *PublicKey
Public returns the public key corresponding to the scalar value s of a private key.
type PrivateKey ¶
type PrivateKey [32]byte
**** * Private Key **** PrivateKey is an EdDSA private key, which is a 32byte buffer.
func (*PrivateKey) Public ¶
func (k *PrivateKey) Public() *PublicKey
Public returns the public key corresponding to a private key.
func (*PrivateKey) Scalar ¶
func (k *PrivateKey) Scalar() *PrivKeyScalar
Scalar converts a private key into the scalar value s
func (*PrivateKey) SignPoseidon ¶
func (k *PrivateKey) SignPoseidon(msg *big.Int) *Signature
SignPoseidon signs a message encoded as a big.Int in Zq
type PublicKey ¶
type PublicKey Point
PublicKey represents an EdDSA public key, which is a curve point.
func (*PublicKey) Compress ¶
func (pk *PublicKey) Compress() PublicKeyComp
Compress returns the PublicKeyCompr for the given PublicKey
func (PublicKey) MarshalText ¶
MarshalText implements the marshaler for PublicKey
func (*PublicKey) UnmarshalText ¶
UnmarshalText implements the unmarshaler for the PublicKey
type PublicKeyComp ¶
type PublicKeyComp [32]byte
PublicKeyComp represents a compressed EdDSA Public key; it's a compressed curve point.
func (*PublicKeyComp) Decompress ¶
func (pkComp *PublicKeyComp) Decompress() (*PublicKey, error)
Decompress returns the PublicKey for the given PublicKeyComp
func (PublicKeyComp) MarshalText ¶
func (pkComp PublicKeyComp) MarshalText() ([]byte, error)
MarshalText implements the marshaler for the PublicKeyComp
func (PublicKeyComp) String ¶
func (pkComp PublicKeyComp) String() string
String returns the string representation of the PublicKeyComp
func (*PublicKeyComp) UnmarshalText ¶
func (pkComp *PublicKeyComp) UnmarshalText(h []byte) error
UnmarshalText implements the unmarshaler for the PublicKeyComp
type Signature ¶
Signature represents an EdDSA uncompressed signature.
func (*Signature) Compress ¶
func (s *Signature) Compress() SignatureComp
Compress an EdDSA signature by concatenating the compression of the point R8 and the Little-Endian encoding of S.
type SignatureComp ¶
type SignatureComp [64]byte
SignatureComp represents a compressed EdDSA signature.
func (*SignatureComp) Decompress ¶
func (sComp *SignatureComp) Decompress() (*Signature, error)
Decompress a compressed signature. Returns error if the Point decompression fails.
func (SignatureComp) MarshalText ¶
func (sComp SignatureComp) MarshalText() ([]byte, error)
MarshalText implements the marshaler for the SignatureComp
func (SignatureComp) String ¶
func (sComp SignatureComp) String() string
String returns the string representation of the SignatureComp
func (*SignatureComp) UnmarshalText ¶
func (sComp *SignatureComp) UnmarshalText(h []byte) error
UnmarshalText implements the unmarshaler for the SignatureComp