hash2curve

package module

v0.5.1 Latest Latest Go to latest Published: Feb 17, 2025 License: MIT Imports: 5 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

README ¶

Hash To Curve

  import "github.com/bytemare/hash2curve"

Package hash2curve implements Hashing to Elliptic Curves as specified in RFC 9380. It exposed a minimal API so you don't have to worry about the parameters.

The following table shows supported groups with hash-to-curve capability and links each one to the underlying implementations:

Curve	Backend
Ristretto255	github.com/gtank/ristretto255
P-256	filippo.io/nistec
P-384	filippo.io/nistec
P-521	filippo.io/nistec
Edwards25519	filippo.io/edwards25519
Secp256k1	github.com/bytemare/secp256k1

What is hash2curve?

Hashing to Elliptic Curves allows for encoding or hashing an arbitrary string to a point on an elliptic curve (or element in a group), therefore benefiting from interesting mathematical properties very useful in cryptographic protocols, like CPace, VOPRF, and OPAQUE.

References

Documentation

You can find the documentation and usage examples in the package doc.

Versioning

SemVer is used for versioning. For the versions available, see the tags on the repository.

Contributing

Please read CONTRIBUTING.md for details on the code of conduct, and the process for submitting pull requests.

License

This project is licensed under the MIT License - see the LICENSE file for details.

Documentation ¶

Overview ¶

Package hash2curve Hashing to Elliptic Curves as specified in RFC 9380 (https://datatracker.ietf.org/doc/rfc9380).

Index ¶

func ExpandXMD(id crypto.Hash, input, dst []byte, length uint) []byte
func ExpandXOF(ext *hash.ExtendableHash, input, dst []byte, length uint) []byte
func HashToFieldXMD(id crypto.Hash, input, dst []byte, count, ext, securityLength uint, ...) []*big.Int
func HashToFieldXOF(id *hash.ExtendableHash, input, dst []byte, count, ext, securityLength uint, ...) []*big.Int

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ExpandXMD ¶

func ExpandXMD(id crypto.Hash, input, dst []byte, length uint) []byte

ExpandXMD expands the input and dst using the given fixed length hash function. - dst MUST be non-nil, longer than 0 and lower than 256. It's recommended that DST at least 16 bytes long. - length must be a positive integer lower than 255 * (size of digest).

func ExpandXOF ¶

func ExpandXOF(ext *hash.ExtendableHash, input, dst []byte, length uint) []byte

ExpandXOF expands the input and dst using the given extendable output hash function. - dst MUST be non-nil and its length longer than 0. It's recommended that DST at least 16 bytes long. - length must be a positive integer higher than 32.

func HashToFieldXMD ¶

func HashToFieldXMD(id crypto.Hash, input, dst []byte, count, ext, securityLength uint, modulo *big.Int) []*big.Int

HashToFieldXMD hashes the input with the domain separation tag (dst) to an integer under modulo, using a merkle-damgard based expander (e.g. SHA256). - dst MUST be non-nil, longer than 0 and lower than 256. It's recommended that DST at least 16 bytes long. - count * ext * securityLength must be a positive integer lower than 255 * (size of digest).

func HashToFieldXOF ¶

func HashToFieldXOF(
	id *hash.ExtendableHash,
	input, dst []byte,
	count, ext, securityLength uint,
	modulo *big.Int,
) []*big.Int

HashToFieldXOF hashes the input with the domain separation tag (dst) to an integer under modulo, using an extensible output function (e.g. SHAKE). - dst MUST be non-nil and its length longer than 0. It's recommended that DST at least 16 bytes long. - count * ext * securityLength must be positive integers higher than 32.

Types ¶

This section is empty.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
edwards25519 Package edwards25519 implements RFC9380 for the edwards25519 group, and returns points and scalars in filippo.io/edwards25519.	Package edwards25519 implements RFC9380 for the edwards25519 group, and returns points and scalars in filippo.io/edwards25519.
internal Package internal values, structures, and functions that are not part of the public API.	Package internal values, structures, and functions that are not part of the public API.
nist
internal Package internal implements the core functionalities for RFC9380 on NIST groups.	Package internal implements the core functionalities for RFC9380 on NIST groups.
internal/field Package field provides modular operations over very high integers.	Package field provides modular operations over very high integers.
p256 Package p256 implements RFC9380 for the P256 group.	Package p256 implements RFC9380 for the P256 group.
p384 Package p384 implements RFC9380 for the P384 group.	Package p384 implements RFC9380 for the P384 group.
p521 Package p521 implements RFC9380 for the P521 group.	Package p521 implements RFC9380 for the P521 group.
ristretto255 Package ristretto255 implements RFC9380 for the ristretto255 group, and returns points and scalar from github.com/gtank/ristretto255.	Package ristretto255 implements RFC9380 for the ristretto255 group, and returns points and scalar from github.com/gtank/ristretto255.
secp256k1 Package secp256k1 implements RFC9380 for the secp256k1 group.	Package secp256k1 implements RFC9380 for the secp256k1 group.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL