sm2ec

package
v1.9.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 1, 2023 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Overview

Package sm2ec implements the SM2 Prime elliptic curves.

This package uses fiat-crypto or specialized assembly and Go code for its backend field arithmetic (not math/big) and exposes constant-time, heap allocation-free, byte slice-based safe APIs. Group operations use modern and safe complete addition formulas where possible. The point at infinity is handled and encoded according to SEC 1, Version 2.0, and invalid curve points can't be represented.

Index

Constants

This section is empty.

Variables

View Source
var RR = &p256OrdElement{0x901192af7c114f20, 0x3464504ade6fa2fa, 0x620fc84c3affe0d4, 0x1eb5e412a22b3d3b}

This code operates in the Montgomery domain where R = 2²⁵⁶ mod n and n is the order of the scalar field. Elements in the Montgomery domain take the form a×R and p256OrdMul calculates (a × b × R⁻¹) mod n. RR is R in the domain, or R×R mod n, thus p256OrdMul(x, RR) gives x×R, i.e. converts x into the Montgomery domain.

Functions

func ImplicitSig

func ImplicitSig(sPriv, ePriv, t []byte) ([]byte, error)

func P256OrdInverse

func P256OrdInverse(k []byte) ([]byte, error)

P256OrdInverse, sets out to in⁻¹ mod org(G). If in is zero, out will be zero. n-2 = 1111111111111111111111111111111011111111111111111111111111111111 1111111111111111111111111111111111111111111111111111111111111111 0111001000000011110111110110101100100001110001100000010100101011 0101001110111011111101000000100100111001110101010100000100100001

func P256OrdMul

func P256OrdMul(in1, in2 []byte) ([]byte, error)

P256OrdMul multiplication modulo org(G).

Types

type SM2P256Point

type SM2P256Point struct {
	// contains filtered or unexported fields
}

P256Point is a P-256 point. The zero value should not be assumed to be valid (although it is in this implementation).

func NewSM2P256Point

func NewSM2P256Point() *SM2P256Point

NewSM2P256Point returns a new SM2P256Point representing the point at infinity.

func (*SM2P256Point) Add

func (q *SM2P256Point) Add(r1, r2 *SM2P256Point) *SM2P256Point

Add sets q = p1 + p2, and returns q. The points may overlap.

func (*SM2P256Point) Bytes

func (p *SM2P256Point) Bytes() []byte

Bytes returns the uncompressed or infinity encoding of p, as specified in SEC 1, Version 2.0, Section 2.3.3. Note that the encoding of the point at infinity is shorter than all other encodings.

func (*SM2P256Point) BytesCompressed

func (p *SM2P256Point) BytesCompressed() []byte

BytesCompressed returns the compressed or infinity encoding of p, as specified in SEC 1, Version 2.0, Section 2.3.3. Note that the encoding of the point at infinity is shorter than all other encodings.

func (*SM2P256Point) BytesX

func (p *SM2P256Point) BytesX() ([]byte, error)

BytesX returns the encoding of the x-coordinate of p, as specified in SEC 1, Version 2.0, Section 2.3.5, or an error if p is the point at infinity.

func (*SM2P256Point) Double

func (q *SM2P256Point) Double(p *SM2P256Point) *SM2P256Point

Double sets q = p + p, and returns q. The points may overlap.

func (*SM2P256Point) ScalarBaseMult

func (r *SM2P256Point) ScalarBaseMult(scalar []byte) (*SM2P256Point, error)

ScalarBaseMult sets r = scalar * generator, where scalar is a 32-byte big endian value, and returns r. If scalar is not 32 bytes long, ScalarBaseMult returns an error and the receiver is unchanged.

func (*SM2P256Point) ScalarMult

func (r *SM2P256Point) ScalarMult(q *SM2P256Point, scalar []byte) (*SM2P256Point, error)

ScalarMult sets r = scalar * q, where scalar is a 32-byte big endian value, and returns r. If scalar is not 32 bytes long, ScalarBaseMult returns an error and the receiver is unchanged.

func (*SM2P256Point) Select

func (q *SM2P256Point) Select(p1, p2 *SM2P256Point, cond int) *SM2P256Point

Select sets q to p1 if cond == 1, and to p2 if cond == 0.

func (*SM2P256Point) Set

Set sets p = q and returns p.

func (*SM2P256Point) SetBytes

func (p *SM2P256Point) SetBytes(b []byte) (*SM2P256Point, error)

SetBytes sets p to the compressed, uncompressed, or infinity value encoded in b, as specified in SEC 1, Version 2.0, Section 2.3.4. If the point is not on the curve, it returns nil and an error, and the receiver is unchanged. Otherwise, it returns p.

func (*SM2P256Point) SetGenerator

func (p *SM2P256Point) SetGenerator() *SM2P256Point

SetGenerator sets p to the canonical generator and returns p.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL