internal

package
v0.5.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 17, 2023 License: MIT Imports: 5 Imported by: 0

Documentation

Overview

Package internal defines simple and abstract APIs to group Elements and Scalars.

Package internal defines simple and abstract APIs to group Elements and Scalars.

Package internal defines simple and abstract APIs to group Elements and Scalars.

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrParamNilScalar indicates a forbidden nil or empty scalar.
	ErrParamNilScalar = errors.New("nil or empty scalar")

	// ErrParamScalarLength indicates an invalid scalar length.
	ErrParamScalarLength = errors.New("invalid scalar length")

	// ErrParamNilPoint indicated a forbidden nil or empty point.
	ErrParamNilPoint = errors.New("nil or empty point")

	// ErrParamInvalidPointEncoding indicates an invalid point encoding has been provided.
	ErrParamInvalidPointEncoding = errors.New("invalid point encoding")

	// ErrCastElement indicates a failed attempt to cast to a point.
	ErrCastElement = errors.New("could not cast to same group element (wrong group ?)")

	// ErrCastScalar indicates a failed attempt to cast to a scalar.
	ErrCastScalar = errors.New("could not cast to same group scalar (wrong group ?)")

	// ErrWrongField indicates an incompatible field has been encountered.
	ErrWrongField = errors.New("incompatible fields")

	// ErrIdentity indicates that the identity point (or point at infinity) has been encountered.
	ErrIdentity = errors.New("infinity/identity point")

	// ErrBigIntConversion reports an error in converting to a *big.int.
	ErrBigIntConversion = errors.New("conversion error")

	// ErrParamNegScalar reports an error when the input scalar is negative.
	ErrParamNegScalar = errors.New("negative scalar")

	// ErrParamScalarTooBig reports an error when the input scalar is too big.
	ErrParamScalarTooBig = errors.New("scalar too big")
)

Functions

func RandomBytes added in v0.3.1

func RandomBytes(length int) []byte

RandomBytes returns random bytes of length len (wrapper for crypto/rand).

Types

type Element added in v0.3.1

type Element interface {
	// Base sets the element to the group's base point a.k.a. canonical generator.
	Base() Element

	// Identity sets the element to the point at infinity of the Group's underlying curve.
	Identity() Element

	// Add sets the receiver to the sum of the input and the receiver, and returns the receiver.
	Add(Element) Element

	// Double sets the receiver to its double, and returns it.
	Double() Element

	// Negate sets the receiver to its negation, and returns it.
	Negate() Element

	// Subtract subtracts the input from the receiver, and returns the receiver.
	Subtract(Element) Element

	// Multiply sets the receiver to the scalar multiplication of the receiver with the given Scalar, and returns it.
	Multiply(Scalar) Element

	// Equal returns 1 if the elements are equivalent, and 0 otherwise.
	Equal(Element) int

	// IsIdentity returns whether the Element is the point at infinity of the Group's underlying curve.
	IsIdentity() bool

	// Set sets the receiver to the value of the argument, and returns the receiver.
	Set(Element) Element

	// Copy returns a copy of the receiver.
	Copy() Element

	// Encode returns the compressed byte encoding of the element.
	Encode() []byte

	// XCoordinate returns the encoded x coordinate of the element.
	XCoordinate() []byte

	// Decode sets the receiver to a decoding of the input data, and returns an error on failure.
	Decode(data []byte) error

	// BinaryMarshaler implementation.
	encoding.BinaryMarshaler

	// BinaryUnmarshaler implementation.
	encoding.BinaryUnmarshaler
}

Element interface abstracts common operations on an Element in a prime-order Group.

type Group added in v0.3.1

type Group interface {
	// NewScalar returns a new scalar set to 0.
	NewScalar() Scalar

	// NewElement returns the identity element (point at infinity).
	NewElement() Element

	// Base returns the group's base point a.k.a. canonical generator.
	Base() Element

	// HashToScalar returns a safe mapping of the arbitrary input to a Scalar.
	// The DST must not be empty or nil, and is recommended to be longer than 16 bytes.
	HashToScalar(input, dst []byte) Scalar

	// HashToGroup returns a safe mapping of the arbitrary input to an Element in the Group.
	// The DST must not be empty or nil, and is recommended to be longer than 16 bytes.
	HashToGroup(input, dst []byte) Element

	// EncodeToGroup returns a non-uniform mapping of the arbitrary input to an Element in the Group.
	// The DST must not be empty or nil, and is recommended to be longer than 16 bytes.
	EncodeToGroup(input, dst []byte) Element

	// Ciphersuite returns the hash-to-curve ciphersuite identifier.
	Ciphersuite() string

	// ScalarLength returns the byte size of an encoded scalar.
	ScalarLength() int

	// ElementLength returns the byte size of an encoded element.
	ElementLength() int

	// Order returns the order of the canonical group of scalars.
	Order() string
}

Group abstracts operations in a prime-order group.

type Scalar added in v0.3.1

type Scalar interface {
	// Zero sets the scalar to 0, and returns it.
	Zero() Scalar

	// One sets the scalar to 1, and returns it.
	One() Scalar

	// Random sets the current scalar to a new random scalar and returns it.
	// The random source is crypto/rand, and this functions is guaranteed to return a non-zero scalar.
	Random() Scalar

	// Add sets the receiver to the sum of the input and the receiver, and returns the receiver.
	Add(Scalar) Scalar

	// Subtract subtracts the input from the receiver, and returns the receiver.
	Subtract(Scalar) Scalar

	// Multiply multiplies the receiver with the input, and returns the receiver.
	Multiply(Scalar) Scalar

	// Pow sets s to s**scalar modulo the group order, and returns s. If scalar is nil, it returns 1.
	Pow(scalar Scalar) Scalar

	// Invert sets the receiver to the scalar's modular inverse ( 1 / scalar ), and returns it.
	Invert() Scalar

	// Equal returns 1 if the scalars are equal, and 0 otherwise.
	Equal(Scalar) int

	// LessOrEqual returns 1 if s <= scalar, and 0 otherwise.
	LessOrEqual(scalar Scalar) int

	// IsZero returns whether the scalar is 0.
	IsZero() bool

	// Set sets the receiver to the value of the argument scalar, and returns the receiver.
	Set(Scalar) Scalar

	// SetInt sets s to i modulo the field order, and returns an error if one occurs.
	SetInt(i *big.Int) error

	// Copy returns a copy of the receiver.
	Copy() Scalar

	// Encode returns the compressed byte encoding of the scalar.
	Encode() []byte

	// Decode sets the receiver to a decoding of the input data, and returns an error on failure.
	Decode(in []byte) error

	// BinaryMarshaler returns a byte representation of the element.
	encoding.BinaryMarshaler

	// BinaryUnmarshaler recovers an element from a byte representation
	// produced either by encoding.BinaryMarshaler or MarshalBinaryCompress.
	encoding.BinaryUnmarshaler
}

Scalar interface abstracts common operations on scalars in a prime-order Group.

Directories

Path Synopsis
Package edwards25519 allows simple and abstracted operations in the Edwards25519 group.
Package edwards25519 allows simple and abstracted operations in the Edwards25519 group.
Package field provides modular operations over very high integers.
Package field provides modular operations over very high integers.
Package h2c provides hash-to-curve primitives and mapping.
Package h2c provides hash-to-curve primitives and mapping.
Package nist allows simple and abstracted operations in the NIST P-256, P-384, and P-521 groups.
Package nist allows simple and abstracted operations in the NIST P-256, P-384, and P-521 groups.
Package ristretto allows simple and abstracted operations in the Ristretto255 group.
Package ristretto allows simple and abstracted operations in the Ristretto255 group.
Package secp256k1 allows simple and abstracted operations in the Secp256k1 group.
Package secp256k1 allows simple and abstracted operations in the Secp256k1 group.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL