Documentation ¶
Overview ¶
Package edwards25519 allows simple and abstracted operations in the Edwards25519 group.
Index ¶
- Constants
- func AffineToEdwards(x, y *field.Element) *edwards25519.Point
- func Elligator2Edwards(e *field.Element) *edwards25519.Point
- func Elligator2Montgomery(e *field.Element) (x, y *field.Element)
- func EncodeToEdwards25519(input, dst []byte) *edwards25519.Point
- func HashToEdwards25519(input, dst []byte) *edwards25519.Point
- func HashToEdwards25519Field(input, dst []byte) *edwards25519.Scalar
- func MontgomeryToEdwards(u, v *field.Element) (x, y *field.Element)
- func MontgomeryUToEdwardsY(u *field.Element) *field.Element
- func New() internal.Group
- type Element
- func (e *Element) Add(element internal.Element) internal.Element
- func (e *Element) Base() internal.Element
- func (e *Element) Copy() internal.Element
- func (e *Element) Decode(data []byte) error
- func (e *Element) DecodeHex(h string) error
- func (e *Element) Double() internal.Element
- func (e *Element) Encode() []byte
- func (e *Element) Equal(element internal.Element) int
- func (e *Element) Group() byte
- func (e *Element) Hex() string
- func (e *Element) Identity() internal.Element
- func (e *Element) IsIdentity() bool
- func (e *Element) Multiply(scalar internal.Scalar) internal.Element
- func (e *Element) Negate() internal.Element
- func (e *Element) Set(element internal.Element) internal.Element
- func (e *Element) Subtract(element internal.Element) internal.Element
- func (e *Element) XCoordinate() []byte
- type Group
- func (g Group) Base() internal.Element
- func (g Group) Ciphersuite() string
- func (g Group) ElementLength() int
- func (g Group) EncodeToGroup(input, dst []byte) internal.Element
- func (g Group) HashFunc() crypto.Hash
- func (g Group) HashToGroup(input, dst []byte) internal.Element
- func (g Group) HashToScalar(input, dst []byte) internal.Scalar
- func (g Group) NewElement() internal.Element
- func (g Group) NewScalar() internal.Scalar
- func (g Group) Order() []byte
- func (g Group) ScalarLength() int
- type Scalar
- func (s *Scalar) Add(scalar internal.Scalar) internal.Scalar
- func (s *Scalar) Copy() internal.Scalar
- func (s *Scalar) Decode(in []byte) error
- func (s *Scalar) DecodeHex(h string) error
- func (s *Scalar) Encode() []byte
- func (s *Scalar) Equal(scalar internal.Scalar) int
- func (s *Scalar) Group() byte
- func (s *Scalar) Hex() string
- func (s *Scalar) Invert() internal.Scalar
- func (s *Scalar) IsZero() bool
- func (s *Scalar) LessOrEqual(scalar internal.Scalar) int
- func (s *Scalar) MinusOne() internal.Scalar
- func (s *Scalar) Multiply(scalar internal.Scalar) internal.Scalar
- func (s *Scalar) One() internal.Scalar
- func (s *Scalar) Pow(scalar internal.Scalar) internal.Scalar
- func (s *Scalar) Random() internal.Scalar
- func (s *Scalar) Set(scalar internal.Scalar) internal.Scalar
- func (s *Scalar) SetUInt64(i uint64) internal.Scalar
- func (s *Scalar) Subtract(scalar internal.Scalar) internal.Scalar
- func (s *Scalar) UInt64() (uint64, error)
- func (s *Scalar) Zero() internal.Scalar
Constants ¶
const (
// H2C represents the hash-to-curve string identifier.
H2C = "edwards25519_XMD:SHA-512_ELL2_RO_"
)
const ( // Identifier distinguishes this group from the others by a byte representation. Identifier = byte(6) )
Variables ¶
This section is empty.
Functions ¶
func AffineToEdwards ¶
func AffineToEdwards(x, y *field.Element) *edwards25519.Point
AffineToEdwards takes the affine coordinates of an Edwards25519 and returns a pointer to Point represented in extended projective coordinates.
func Elligator2Edwards ¶
func Elligator2Edwards(e *field.Element) *edwards25519.Point
Elligator2Edwards maps the field element to a point on Edwards25519.
func Elligator2Montgomery ¶
Elligator2Montgomery implements the Elligator2 mapping to Curve25519.
func EncodeToEdwards25519 ¶
func EncodeToEdwards25519(input, dst []byte) *edwards25519.Point
EncodeToEdwards25519 implements encode-to-curve mapping to Edwards25519 of input with dst.
func HashToEdwards25519 ¶
func HashToEdwards25519(input, dst []byte) *edwards25519.Point
HashToEdwards25519 implements hash-to-curve mapping to Edwards25519 of input with dst.
func HashToEdwards25519Field ¶
func HashToEdwards25519Field(input, dst []byte) *edwards25519.Scalar
HashToEdwards25519Field implements hash-to-scalar mapping modulo the order of Edwards25519 using input with dst.
func MontgomeryToEdwards ¶
MontgomeryToEdwards lifts a Curve25519 point to its Edwards25519 equivalent.
func MontgomeryUToEdwardsY ¶
MontgomeryUToEdwardsY transforms a Curve25519 x (or u) coordinate to an Edwards25519 y coordinate.
Types ¶
type Element ¶
type Element struct {
// contains filtered or unexported fields
}
Element implements the Element interface for the Edwards25519 group element.
func (*Element) Add ¶
Add sets the receiver to the sum of the input and the receiver, and returns the receiver.
func (*Element) Decode ¶
Decode sets the receiver to a decoding of the input data, and returns an error on failure.
func (*Element) Identity ¶
Identity sets the element to the point at infinity of the Group's underlying curve.
func (*Element) IsIdentity ¶
IsIdentity returns whether the Element is the point at infinity of the Group's underlying curve.
func (*Element) Multiply ¶
Multiply sets the receiver to the scalar multiplication of the receiver with the given Scalar, and returns it.
func (*Element) Subtract ¶
Subtract subtracts the input from the receiver, and returns the receiver.
func (*Element) XCoordinate ¶
XCoordinate returns the encoded u coordinate of the element. Note that there's no inverse function for this, and that decoding this output might result in another point.
type Group ¶
type Group struct{}
Group represents the Edwards25519 group. It exposes a prime-order group API with hash-to-curve operations.
func (Group) Ciphersuite ¶
Ciphersuite returns the hash-to-curve ciphersuite identifier.
func (Group) ElementLength ¶
ElementLength returns the byte size of an encoded element.
func (Group) EncodeToGroup ¶
EncodeToGroup returns a non-uniform mapping of the arbitrary input to an Element in the Group. The DST must not be empty or nil, and is recommended to be longer than 16 bytes.
func (Group) HashToGroup ¶
HashToGroup returns a safe mapping of the arbitrary input to an Element in the Group. The DST must not be empty or nil, and is recommended to be longer than 16 bytes.
func (Group) HashToScalar ¶
HashToScalar returns a safe mapping of the arbitrary input to a Scalar. The DST must not be empty or nil, and is recommended to be longer than 16 bytes.
func (Group) NewElement ¶
NewElement returns the identity element (point at infinity).
func (Group) ScalarLength ¶
ScalarLength returns the byte size of an encoded element.
type Scalar ¶
type Scalar struct {
// contains filtered or unexported fields
}
Scalar implements the Scalar interface for Edwards25519 group scalars.
func (*Scalar) Add ¶
Add sets the receiver to the sum of the input and the receiver, and returns the receiver.
func (*Scalar) Decode ¶
Decode sets the receiver to a decoding of the input data, and returns an error on failure.
func (*Scalar) Invert ¶
Invert sets the receiver to the scalar's modular inverse ( 1 / scalar ), and returns it.
func (*Scalar) LessOrEqual ¶
LessOrEqual returns 1 if s <= scalar and 0 otherwise.
func (*Scalar) Multiply ¶
Multiply multiplies the receiver with the input, and returns the receiver.
func (*Scalar) Pow ¶
Pow sets s to s**scalar modulo the group order, and returns s. If scalar is nil, it returns 1.
func (*Scalar) Random ¶
Random sets the current scalar to a new random scalar and returns it. The random source is crypto/rand, and this functions is guaranteed to return a non-zero scalar.
func (*Scalar) Set ¶
Set sets the receiver to the value of the argument scalar, and returns the receiver.
func (*Scalar) SetUInt64 ¶
SetUInt64 sets s to i modulo the field order, and returns an error if one occurs.