edwards25519

package
v0.8.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 5, 2024 License: MIT Imports: 10 Imported by: 0

Documentation

Overview

Package edwards25519 allows simple and abstracted operations in the Edwards25519 group.

Index

Constants

View Source
const (
	// H2C represents the hash-to-curve string identifier.
	H2C = "edwards25519_XMD:SHA-512_ELL2_RO_"
)
View Source
const (
	// Identifier distinguishes this group from the others by a byte representation.
	Identifier = byte(6)
)

Variables

This section is empty.

Functions

func AffineToEdwards

func AffineToEdwards(x, y *field.Element) *edwards25519.Point

AffineToEdwards takes the affine coordinates of an Edwards25519 and returns a pointer to Point represented in extended projective coordinates.

func Elligator2Edwards

func Elligator2Edwards(e *field.Element) *edwards25519.Point

Elligator2Edwards maps the field element to a point on Edwards25519.

func Elligator2Montgomery

func Elligator2Montgomery(e *field.Element) (x, y *field.Element)

Elligator2Montgomery implements the Elligator2 mapping to Curve25519.

func EncodeToEdwards25519

func EncodeToEdwards25519(input, dst []byte) *edwards25519.Point

EncodeToEdwards25519 implements encode-to-curve mapping to Edwards25519 of input with dst.

func HashToEdwards25519

func HashToEdwards25519(input, dst []byte) *edwards25519.Point

HashToEdwards25519 implements hash-to-curve mapping to Edwards25519 of input with dst.

func HashToEdwards25519Field

func HashToEdwards25519Field(input, dst []byte) *edwards25519.Scalar

HashToEdwards25519Field implements hash-to-scalar mapping modulo the order of Edwards25519 using input with dst.

func MontgomeryToEdwards

func MontgomeryToEdwards(u, v *field.Element) (x, y *field.Element)

MontgomeryToEdwards lifts a Curve25519 point to its Edwards25519 equivalent.

func MontgomeryUToEdwardsY

func MontgomeryUToEdwardsY(u *field.Element) *field.Element

MontgomeryUToEdwardsY transforms a Curve25519 x (or u) coordinate to an Edwards25519 y coordinate.

func New

func New() internal.Group

New returns a new instantiation of the Edwards25519 Group.

Types

type Element

type Element struct {
	// contains filtered or unexported fields
}

Element implements the Element interface for the Edwards25519 group element.

func (*Element) Add

func (e *Element) Add(element internal.Element) internal.Element

Add sets the receiver to the sum of the input and the receiver, and returns the receiver.

func (*Element) Base

func (e *Element) Base() internal.Element

Base sets the element to the group's base point a.k.a. canonical generator.

func (*Element) Copy

func (e *Element) Copy() internal.Element

Copy returns a copy of the receiver.

func (*Element) Decode

func (e *Element) Decode(data []byte) error

Decode sets the receiver to a decoding of the input data, and returns an error on failure.

func (*Element) DecodeHex

func (e *Element) DecodeHex(h string) error

DecodeHex sets e to the decoding of the hex encoded element.

func (*Element) Double

func (e *Element) Double() internal.Element

Double sets the receiver to its double, and returns it.

func (*Element) Encode

func (e *Element) Encode() []byte

Encode returns the compressed byte encoding of the element.

func (*Element) Equal

func (e *Element) Equal(element internal.Element) int

Equal returns 1 if the elements are equivalent, and 0 otherwise.

func (*Element) Group

func (e *Element) Group() byte

Group returns the group's Identifier.

func (*Element) Hex

func (e *Element) Hex() string

Hex returns the fixed-sized hexadecimal encoding of e.

func (*Element) Identity

func (e *Element) Identity() internal.Element

Identity sets the element to the point at infinity of the Group's underlying curve.

func (*Element) IsIdentity

func (e *Element) IsIdentity() bool

IsIdentity returns whether the Element is the point at infinity of the Group's underlying curve.

func (*Element) Multiply

func (e *Element) Multiply(scalar internal.Scalar) internal.Element

Multiply sets the receiver to the scalar multiplication of the receiver with the given Scalar, and returns it.

func (*Element) Negate

func (e *Element) Negate() internal.Element

Negate sets the receiver to its negation, and returns it.

func (*Element) Set

func (e *Element) Set(element internal.Element) internal.Element

Set sets the receiver to the value of the argument, and returns the receiver.

func (*Element) Subtract

func (e *Element) Subtract(element internal.Element) internal.Element

Subtract subtracts the input from the receiver, and returns the receiver.

func (*Element) XCoordinate

func (e *Element) XCoordinate() []byte

XCoordinate returns the encoded u coordinate of the element. Note that there's no inverse function for this, and that decoding this output might result in another point.

type Group

type Group struct{}

Group represents the Edwards25519 group. It exposes a prime-order group API with hash-to-curve operations.

func (Group) Base

func (g Group) Base() internal.Element

Base returns group's base point a.k.a. canonical generator.

func (Group) Ciphersuite

func (g Group) Ciphersuite() string

Ciphersuite returns the hash-to-curve ciphersuite identifier.

func (Group) ElementLength

func (g Group) ElementLength() int

ElementLength returns the byte size of an encoded element.

func (Group) EncodeToGroup

func (g Group) EncodeToGroup(input, dst []byte) internal.Element

EncodeToGroup returns a non-uniform mapping of the arbitrary input to an Element in the Group. The DST must not be empty or nil, and is recommended to be longer than 16 bytes.

func (Group) HashFunc

func (g Group) HashFunc() crypto.Hash

HashFunc returns the RFC9380 associated hash function of the group.

func (Group) HashToGroup

func (g Group) HashToGroup(input, dst []byte) internal.Element

HashToGroup returns a safe mapping of the arbitrary input to an Element in the Group. The DST must not be empty or nil, and is recommended to be longer than 16 bytes.

func (Group) HashToScalar

func (g Group) HashToScalar(input, dst []byte) internal.Scalar

HashToScalar returns a safe mapping of the arbitrary input to a Scalar. The DST must not be empty or nil, and is recommended to be longer than 16 bytes.

func (Group) NewElement

func (g Group) NewElement() internal.Element

NewElement returns the identity element (point at infinity).

func (Group) NewScalar

func (g Group) NewScalar() internal.Scalar

NewScalar returns a new scalar set to 0.

func (Group) Order

func (g Group) Order() []byte

Order returns the order of the canonical group of scalars.

func (Group) ScalarLength

func (g Group) ScalarLength() int

ScalarLength returns the byte size of an encoded element.

type Scalar

type Scalar struct {
	// contains filtered or unexported fields
}

Scalar implements the Scalar interface for Edwards25519 group scalars.

func (*Scalar) Add

func (s *Scalar) Add(scalar internal.Scalar) internal.Scalar

Add sets the receiver to the sum of the input and the receiver, and returns the receiver.

func (*Scalar) Copy

func (s *Scalar) Copy() internal.Scalar

Copy returns a copy of the receiver.

func (*Scalar) Decode

func (s *Scalar) Decode(in []byte) error

Decode sets the receiver to a decoding of the input data, and returns an error on failure.

func (*Scalar) DecodeHex

func (s *Scalar) DecodeHex(h string) error

DecodeHex sets s to the decoding of the hex encoded scalar.

func (*Scalar) Encode

func (s *Scalar) Encode() []byte

Encode returns the compressed byte encoding of the scalar.

func (*Scalar) Equal

func (s *Scalar) Equal(scalar internal.Scalar) int

Equal returns 1 if the scalars are equal, and 0 otherwise.

func (*Scalar) Group

func (s *Scalar) Group() byte

Group returns the group's Identifier.

func (*Scalar) Hex

func (s *Scalar) Hex() string

Hex returns the fixed-sized hexadecimal encoding of s.

func (*Scalar) Invert

func (s *Scalar) Invert() internal.Scalar

Invert sets the receiver to the scalar's modular inverse ( 1 / scalar ), and returns it.

func (*Scalar) IsZero

func (s *Scalar) IsZero() bool

IsZero returns whether the scalar is 0.

func (*Scalar) LessOrEqual

func (s *Scalar) LessOrEqual(scalar internal.Scalar) int

LessOrEqual returns 1 if s <= scalar and 0 otherwise.

func (*Scalar) MinusOne

func (s *Scalar) MinusOne() internal.Scalar

MinusOne sets the scalar to order-1, and returns it.

func (*Scalar) Multiply

func (s *Scalar) Multiply(scalar internal.Scalar) internal.Scalar

Multiply multiplies the receiver with the input, and returns the receiver.

func (*Scalar) One

func (s *Scalar) One() internal.Scalar

One sets the scalar to 1, and returns it.

func (*Scalar) Pow

func (s *Scalar) Pow(scalar internal.Scalar) internal.Scalar

Pow sets s to s**scalar modulo the group order, and returns s. If scalar is nil, it returns 1.

func (*Scalar) Random

func (s *Scalar) Random() internal.Scalar

Random sets the current scalar to a new random scalar and returns it. The random source is crypto/rand, and this functions is guaranteed to return a non-zero scalar.

func (*Scalar) Set

func (s *Scalar) Set(scalar internal.Scalar) internal.Scalar

Set sets the receiver to the value of the argument scalar, and returns the receiver.

func (*Scalar) SetUInt64

func (s *Scalar) SetUInt64(i uint64) internal.Scalar

SetUInt64 sets s to i modulo the field order, and returns an error if one occurs.

func (*Scalar) Subtract

func (s *Scalar) Subtract(scalar internal.Scalar) internal.Scalar

Subtract subtracts the input from the receiver, and returns the receiver.

func (*Scalar) UInt64

func (s *Scalar) UInt64() (uint64, error)

UInt64 returns the uint64 representation of the scalar, or an error if its value is higher than the authorized limit for uint64.

func (*Scalar) Zero

func (s *Scalar) Zero() internal.Scalar

Zero sets the scalar to 0, and returns it.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL