SECP256K1

package
v0.0.0-...-975b9e6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 6, 2024 License: Apache-2.0 Imports: 3 Imported by: 0

Documentation

Index

Constants

View Source 
const AESKEY int = 16
View Source 
const ALLOW_ALT_COMPRESS bool = false
View Source 
const ATE_BITS int = NOT
View Source 
const BASEBITS uint = 56
View Source 
const BIGBITS int = int(MODBYTES * 8)
View Source 
const BIG_ENDIAN_SIGN bool = false
View Source 
const BLS12 int = 2
View Source 
const BLS24 int = 3
View Source 
const BLS48 int = 4
View Source 
const BN int = 1
View Source 
const CHUNK int = 64 /* Set word size */
View Source 
const CURVETYPE int = WEIERSTRASS
View Source 
const CURVE_A int = 0
View Source 
const CURVE_B_I int = 7
View Source 
const CURVE_Cof_I int = 1
View Source 
const CURVE_PAIRING_TYPE int = NOT
View Source 
const DNLEN int = 2 * NLEN
View Source 
const D_TYPE int = 0

Pairing Twist type

View Source 
const ECDH_ERROR int = -3
View Source 
const ECDH_INVALID_PUBLIC_KEY int = -2
View Source 
const EDDSA_INVALID_PUBLIC_KEY int = -2
View Source 
const EDWARDS int = 1
View Source 
const EFS int = int(MODBYTES)

const INVALID int = -4

View Source 
const EGS int = int(MODBYTES)
View Source 
const FEXCESS int32 = ((int32(1) << 24) - 1)
View Source 
const FP_DENSE int = 5
View Source 
const FP_ONE int = 1
View Source 
const FP_SPARSE int = 4
View Source 
const FP_SPARSER int = 3
View Source 
const FP_SPARSEST int = 2
View Source 
const FP_ZERO int = 0

Sparsity

View Source 
const G2_TABLE int = NOT
View Source 
const GENERALISED_MERSENNE int = 3
View Source 
const HASH_TYPE int = 32
View Source 
const HBITS uint = (BASEBITS / 2)
View Source 
const HTC_ISO int = 3
View Source 
const HTC_ISO_G2 int = 0
View Source 
const MODBITS uint = 256 /* Number of bits in Modulus */

Modulus details

View Source 
const MODBYTES uint = 32

BIG length in bytes and number base

View Source 
const MODTYPE int = NOT_SPECIAL //NOT_SPECIAL
View Source 
const MONTGOMERY int = 2
View Source 
const MONTGOMERY_FRIENDLY int = 2
View Source 
const M_TYPE int = 1
View Source 
const NEGATIVEX int = 1
View Source 
const NEGATOWER int = 0
View Source 
const NEXCESS int = (1 << (uint(CHUNK) - BASEBITS - 1))
View Source 
const NLEN int = int((1 + ((8*MODBYTES - 1) / BASEBITS)))

BIG lengths and Masks

View Source 
const NOT int = 0

Pairing Friendly?

View Source 
const NOT_SPECIAL int = 0

Modulus types

View Source 
const PM1D2 uint = 1 /* Modulus mod 8 */
View Source 
const POSITIVEX int = 0

Pairing x parameter sign

View Source 
const POSITOWER int = 1
View Source 
const PSEUDO_MERSENNE int = 1
View Source 
const QNRI int = 0 // Fp2 QNR
View Source 
const RIADZ int = -11 /* hash-to-point Z */
View Source 
const RIADZG2A int = 0 /* G2 hash-to-point Z */
View Source 
const RIADZG2B int = 0 /* G2 hash-to-point Z */
View Source 
const SEXTIC_TWIST int = NOT
View Source 
const SIGN_OF_X int = NOT
View Source 
const TBITS uint = MODBITS % BASEBITS // Number of active bits in top word
View Source 
const TOWER int = NEGATOWER // Tower type
View Source 
const USE_GLV bool = true
View Source 
const USE_GS_G2 bool = true
View Source 
const USE_GS_GT bool = true
View Source 
const WEIERSTRASS int = 0

Curve types

Variables

View Source 
var CURVE_Ad = [...]Chunk{0x5447C01A444533, 0xD363CB6F0E5D40, 0x58F0F5D272E953, 0xDD661ADCA08A55, 0x3F8731AB}
View Source 
var CURVE_B = [...]Chunk{0x7, 0x0, 0x0, 0x0, 0x0}
View Source 
var CURVE_Bd = [...]Chunk{0x6EB, 0x0, 0x0, 0x0, 0x0}
View Source 
var CURVE_Cof = [...]Chunk{0x1, 0x0, 0x0, 0x0, 0x0}
View Source 
var CURVE_Gx = [...]Chunk{0xF2815B16F81798, 0xFCDB2DCE28D959, 0x95CE870B07029B, 0xF9DCBBAC55A062, 0x79BE667E}
View Source 
var CURVE_Gy = [...]Chunk{0x47D08FFB10D4B8, 0xB448A68554199C, 0xFC0E1108A8FD17, 0x26A3C4655DA4FB, 0x483ADA77}
View Source 
var CURVE_HTPC = [...]Chunk{0xC813789E8624AA, 0xCA45C23F508ECD, 0x640A39CD8BBBFD, 0x813FFE30F4D5B4, 0xCCE8E9E8}
View Source 
var CURVE_Order = [...]Chunk{0xD25E8CD0364141, 0xDCE6AF48A03BBF, 0xFFFFFFFFFEBAAE, 0xFFFFFFFFFFFFFF, 0xFFFFFFFF}
View Source 
var Modulus = [...]Chunk{0xFFFFFEFFFFFC2F, 0xFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFF, 0xFFFFFFFF}
View Source 
var PC = [13][5]Chunk{{0x38E38DAAAAA88C, 0x8E38E38E38E38E, 0xE38E38E38E38E3, 0x38E38E38E38E38, 0x8E38E38E}, {0xCBD0B53D9DD262, 0x6144037C40314E, 0xDECA25CAECE450, 0x23F234E6E2A413, 0x534C328D}, {0xFF1044F17C6581, 0xD2FC0BF63B92DF, 0xCEA7FD44C5D595, 0xBC321D5B9F315, 0x7D3D4C8}, {0x38E38DAAAAA8C7, 0x8E38E38E38E38E, 0xE38E38E38E38E3, 0x38E38E38E38E38, 0x8E38E38E}, {0x2A56612A8C6D14, 0x6B641F5E41BBC5, 0xD51B54225406D3, 0x4383DC1DF7C4B2, 0xEDADC6F6}, {0xE6B745781EB49B, 0x409542F8487D9F, 0xCBB7B640DD86CD, 0x3D94918A9CA34C, 0xD3577119}, {0xBDA12F38E38D84, 0x2F684BDA12F684, 0x4BDA12F684BDA1, 0x12F684BDA12F68, 0x2F684BDA}, {0x65E85A9ECEE931, 0x30A201BE2018A7, 0xEF6512E5767228, 0x91F91A73715209, 0x29A61946}, {0xFC90FC201D71A3, 0xB046D686DA6FDF, 0x4B12A0A6D5647A, 0xD5CB7C0FA9D0A5, 0xC75E0C32}, {0x2F684B8E38E23C, 0x4BDA12F684BDA1, 0x12F684BDA12F68, 0x84BDA12F684BDA, 0x4BDA12F6}, {0xBF8192BFD2A76F, 0x21162F0D6299A7, 0x3FA8FE337E0A3D, 0x6545CA2CF3A70C, 0x6484AA71}, {0xB425D2685C2573, 0xC1BFC8E8D978DF, 0x632722C2989467, 0xB8BDB49FD5E9E6, 0x7A06534B}, {0xFFFFFEFFFFF93B, 0xFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFF, 0xFFFFFFFF}}
View Source 
var R2modp = [...]Chunk{0xA1000000000000, 0x7A2000E90, 0x1, 0x0, 0x0}
View Source 
var ROI = [...]Chunk{0xFFFFFEFFFFFC2E, 0xFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFF, 0xFFFFFFFF}
View Source 
var SQRTm3 = [...]Chunk{0x8D27AE1CD5F852, 0x6D15DA14ECD47D, 0xC2A797962CC61F, 0x3507F1DF233770, 0xA2D2BA9}

Functions

func AuthDecap 

func AuthDecap(config_id int, skR []byte, pkE []byte, pkR []byte, pkS []byte) []byte

func AuthEncap 

func AuthEncap(config_id int, skE []byte, skS []byte, pkE []byte, pkR []byte, pkS []byte) []byte

func Comp 

func Comp(a *BIG, b *BIG) int

Compare a and b, return 0 if a==b, -1 if a<b, +1 if a>b. Inputs must be normalised

func Decap 

func Decap(config_id int, skR []byte, pkE []byte, pkR []byte) []byte

func DeriveKeyPair 

func DeriveKeyPair(config_id int, SK []byte, PK []byte, SEED []byte) bool

func ECDH_ECIES_DECRYPT 

func ECDH_ECIES_DECRYPT(sha int, P1 []byte, P2 []byte, V []byte, C []byte, T []byte, U []byte) []byte

IEEE1363 ECIES decryption. Decryption of ciphertext V,C,T using private key U outputs plaintext M

func ECDH_ECIES_ENCRYPT 

func ECDH_ECIES_ENCRYPT(sha int, P1 []byte, P2 []byte, RNG *core.RAND, W []byte, M []byte, V []byte, T []byte) []byte

IEEE1363 ECIES encryption. Encryption of plaintext M uses public key W and produces ciphertext V,C,T

func ECDH_ECPSP_DSA 

func ECDH_ECPSP_DSA(sha int, RNG *core.RAND, S []byte, F []byte, C []byte, D []byte) int

IEEE ECDSA Signature, C and D are signature on F using private key S

func ECDH_ECPSVDP_DH 

func ECDH_ECPSVDP_DH(S []byte, WD []byte, Z []byte, typ int) int
IEEE-1363 Diffie-Hellman online calculation Z=S.WD

type = 0 is just x coordinate output type = 1 for standard compressed output type = 2 for standard uncompress output 04|x|y

func ECDH_ECPVP_DSA 

func ECDH_ECPVP_DSA(sha int, W []byte, F []byte, C []byte, D []byte) int

IEEE1363 ECDSA Signature Verification. Signature C and D on F is verified using public key W

func ECDH_IN_RANGE 

func ECDH_IN_RANGE(S []byte) bool

return true if S is in ranger 0 < S < order , else return false

func ECDH_KEY_PAIR_GENERATE 

func ECDH_KEY_PAIR_GENERATE(RNG *core.RAND, S []byte, W []byte) int

Calculate a public/private EC GF(p) key pair W,S where W=S.G mod EC(p), * where S is the secret key and W is the public key * and G is fixed generator. * If RNG is NULL then the private key is provided externally in S * otherwise it is generated randomly internally

func ECDH_PUBLIC_KEY_VALIDATE 

func ECDH_PUBLIC_KEY_VALIDATE(W []byte) int

validate public key

func Encap 

func Encap(config_id int, skE []byte, pkE []byte, pkR []byte) []byte

func FP_tpo 

func FP_tpo(i *FP, s *FP) int

Two for the price of one - See Hamburg https://eprint.iacr.org/2012/309.pdf Calculate inverse of i and square root of s, return QR

func KEY_PAIR_GENERATE 

func KEY_PAIR_GENERATE(RNG *core.RAND, D []byte, Q []byte) int

Calculate a public/private EC GF(p) key pair. Q=D.G mod EC(p), * where D is the secret key and Q is the public key * and G is fixed generator. * RNG is a cryptographically strong RNG * If RNG==NULL, D is provided externally

func KeySchedule 

func KeySchedule(config_id int, mode int, Z []byte, info []byte, psk []byte, pskID []byte) ([]byte, []byte, []byte)

func RFC7748 

func RFC7748(r *BIG)

Transform a point multiplier to RFC7748 form

func SIGNATURE 

func SIGNATURE(ph bool, D []byte, ctx []byte, M []byte, SIG []byte) int

Generate a signature using key pair (D,Q) on message M Set ph=true if message has already been pre-hashed if ph=false, then context should be NULL for ed25519. However RFC8032 mode ed25519ctx is supported by supplying a non-NULL or non-empty context

func VERIFY 

func VERIFY(ph bool, Q []byte, ctx []byte, M []byte, SIG []byte) bool

Types

type BIG 

type BIG struct {
	// contains filtered or unexported fields
}

func BIG_frombytearray 

func BIG_frombytearray(b []byte, n int) *BIG

convert from byte array to BIG

func FromBytes 

func FromBytes(b []byte) *BIG

func Modadd 

func Modadd(a1, b1, m *BIG) *BIG

return a+b mod m

func Modmul 

func Modmul(a1, b1, m *BIG) *BIG

return a*b mod m

func Modneg 

func Modneg(a1, m *BIG) *BIG

return -a mod m

func Modsqr 

func Modsqr(a1, m *BIG) *BIG

return a^2 mod m

func NewBIG 

func NewBIG() *BIG

func NewBIGcopy 

func NewBIGcopy(x *BIG) *BIG

func NewBIGdcopy 

func NewBIGdcopy(x *DBIG) *BIG

func NewBIGint 

func NewBIGint(x int) *BIG

func NewBIGints 

func NewBIGints(x [NLEN]Chunk) *BIG

func Random 

func Random(rng *core.RAND) *BIG

get 8*MODBYTES size random number

func Randomnum 

func Randomnum(q *BIG, rng *core.RAND) *BIG

Create random BIG in portable way, one bit at a time

func Randtrunc 

func Randtrunc(q *BIG, trunc int, rng *core.RAND) *BIG

func (*BIG) Invmodp 

func (r *BIG) Invmodp(p *BIG)

this=1/this mod p. Binary method

func (*BIG) Jacobi 

func (r *BIG) Jacobi(p *BIG) int

Jacobi Symbol (this/p). Returns 0, 1 or -1

func (*BIG) Minus 

func (r *BIG) Minus(x *BIG) *BIG

return this-x

func (*BIG) Mod 

func (r *BIG) Mod(m *BIG)

reduce this mod m

func (*BIG) Nbits 

func (r *BIG) Nbits() int

func (*BIG) Plus 

func (r *BIG) Plus(x *BIG) *BIG

return this+x

func (*BIG) Powmod 

func (r *BIG) Powmod(e1 *BIG, m *BIG) *BIG

return this^e mod m

func (*BIG) ToBytes 

func (r *BIG) ToBytes(b []byte)

func (*BIG) ToString 

func (r *BIG) ToString() string

Convert to Hex String

type Chunk 

type Chunk int64
const BMASK Chunk = ((Chunk(1) << BASEBITS) - 1)
const HMASK Chunk = ((Chunk(1) << HBITS) - 1)
const MConst Chunk = 0x38091DD2253531
const OMASK Chunk = ((Chunk(-1)) << (MODBITS % BASEBITS))

Modulus Masks 

const TMASK Chunk = (Chunk(1) << TBITS) - 1

type DBIG 

type DBIG struct {
	// contains filtered or unexported fields
}

func DBIG_fromBytes 

func DBIG_fromBytes(b []byte) *DBIG

convert from byte array to BIG

func NewDBIG 

func NewDBIG() *DBIG

func NewDBIGcopy 

func NewDBIGcopy(x *DBIG) *DBIG

func NewDBIGscopy 

func NewDBIGscopy(x *BIG) *DBIG

func (*DBIG) Mod 

func (r *DBIG) Mod(m *BIG) *BIG

reduces this DBIG mod a BIG, and returns the BIG

type ECP 

type ECP struct {
	// contains filtered or unexported fields
}

func ECP_fromBytes 

func ECP_fromBytes(b []byte) *ECP

convert from byte array to point

func ECP_generator 

func ECP_generator() *ECP

func ECP_hap2point 

func ECP_hap2point(h *BIG) *ECP

Hunt and Peck a BIG to a curve point

func ECP_map2point 

func ECP_map2point(h *FP) *ECP

Constant time Map to Point

func ECP_mapit 

func ECP_mapit(h []byte) *ECP

func ECP_muln 

func ECP_muln(n int, X []*ECP, e []*BIG) *ECP

Generic multi-multiplication, fixed 4-bit window, P=Sigma e_i*X_i

func NewECP 

func NewECP() *ECP

Constructors

func NewECPbig 

func NewECPbig(ix *BIG) *ECP

set from x - calculate y from curve equation

func NewECPbigint 

func NewECPbigint(ix *BIG, s int) *ECP

set (x,y) from BIG and a bit

func NewECPbigs 

func NewECPbigs(ix *BIG, iy *BIG) *ECP

set (x,y) from two BIGs

func (*ECP) Add 

func (E *ECP) Add(Q *ECP)

this+=Q

func (*ECP) Affine 

func (E *ECP) Affine()

set to affine - from (x,y,z) to (x,y)

func (*ECP) Cfp 

func (E *ECP) Cfp()

func (*ECP) Copy 

func (E *ECP) Copy(P *ECP)

this=P

func (*ECP) Equals 

func (E *ECP) Equals(Q *ECP) bool

Test P == Q

func (*ECP) GetS 

func (E *ECP) GetS() int

get sign of Y

func (*ECP) GetX 

func (E *ECP) GetX() *BIG

extract x as a BIG

func (*ECP) GetY 

func (E *ECP) GetY() *BIG

extract y as a BIG

func (*ECP) Is_infinity 

func (E *ECP) Is_infinity() bool

test for O point-at-infinity

func (*ECP) Mul 

func (E *ECP) Mul(e *BIG) *ECP

Public version

func (*ECP) Mul2 

func (E *ECP) Mul2(e *BIG, Q *ECP, f *BIG) *ECP

func (*ECP) Neg 

func (E *ECP) Neg()

this=-this

func (*ECP) Sub 

func (E *ECP) Sub(Q *ECP)

this-=Q

func (*ECP) ToBytes 

func (E *ECP) ToBytes(b []byte, compress bool)

convert to byte array

func (*ECP) ToString 

func (E *ECP) ToString() string

convert to hex string

type FP 

type FP struct {
	XES int32
	// contains filtered or unexported fields
}

func FP_fromBytes 

func FP_fromBytes(b []byte) *FP

func NewFP 

func NewFP() *FP

func NewFPbig 

func NewFPbig(a *BIG) *FP

func NewFPcopy 

func NewFPcopy(a *FP) *FP

func NewFPint 

func NewFPint(a int) *FP

func NewFPrand 

func NewFPrand(rng *core.RAND) *FP

func RHS 

func RHS(x *FP) *FP

Calculate RHS of curve equation

func (*FP) Equals 

func (F *FP) Equals(a *FP) bool

return TRUE if this==a

func (*FP) ToBytes 

func (F *FP) ToBytes(b []byte)

func (*FP) ToString 

func (F *FP) ToString() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.