Documentation ¶
Overview ¶
Package elliptic implements several standard elliptic curves over prime fields.
Index ¶
- func GenerateKey(curve Curve, rand io.Reader) (priv []byte, x, y *big.Int, err error)
- func Marshal(curve Curve, x, y *big.Int) []byte
- func Unmarshal(curve Curve, data []byte) (x, y *big.Int)
- func WNafReversed(wnaf []int8) []int8
- type Curve
- type CurveParams
- func (curve *CurveParams) Add(x1, y1, x2, y2 *big.Int) (*big.Int, *big.Int)
- func (curve *CurveParams) Double(x1, y1 *big.Int) (*big.Int, *big.Int)
- func (curve *CurveParams) IsOnCurve(x, y *big.Int) bool
- func (curve *CurveParams) Params() *CurveParams
- func (curve *CurveParams) ScalarBaseMult(k []byte) (*big.Int, *big.Int)
- func (curve *CurveParams) ScalarMult(Bx, By *big.Int, k []byte) (*big.Int, *big.Int)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GenerateKey ¶
GenerateKey returns a public/private key pair. The private key is generated using the given reader, which must return random data.
func Marshal ¶
Marshal converts a point into the uncompressed form specified in section 4.3.6 of ANSI X9.62.
func Unmarshal ¶
Unmarshal converts a point, serialized by Marshal, into an x, y pair. It is an error if the point is not in uncompressed form or is not on the curve. On error, x = nil.
func WNafReversed ¶
Types ¶
type Curve ¶
type Curve interface { // Params returns the parameters for the curve. Params() *CurveParams // IsOnCurve reports whether the given (x,y) lies on the curve. IsOnCurve(x, y *big.Int) bool // Add returns the sum of (x1,y1) and (x2,y2) Add(x1, y1, x2, y2 *big.Int) (x, y *big.Int) // Double returns 2*(x,y) Double(x1, y1 *big.Int) (x, y *big.Int) // ScalarMult returns k*(Bx,By) where k is a number in big-endian form. ScalarMult(x1, y1 *big.Int, k []byte) (x, y *big.Int) // ScalarBaseMult returns k*G, where G is the base point of the group // and k is an integer in big-endian form. ScalarBaseMult(k []byte) (x, y *big.Int) }
A Curve represents a short-form Weierstrass curve with a=-3. See https://www.hyperelliptic.org/EFD/g1p/auto-shortw.html
func P224 ¶
func P224() Curve
P224 returns a Curve which implements P-224 (see FIPS 186-3, section D.2.2).
The cryptographic operations are implemented using constant-time algorithms.
func P256 ¶
func P256() Curve
P256 returns a Curve which implements NIST P-256 (FIPS 186-3, section D.2.3), also known as secp256r1 or prime256v1. The CurveParams.Name of this Curve is "P-256".
Multiple invocations of this function will return the same value, so it can be used for equality checks and switch statements.
The cryptographic operations are implemented using constant-time algorithms.
func P384 ¶
func P384() Curve
P384 returns a Curve which implements NIST P-384 (FIPS 186-3, section D.2.4), also known as secp384r1. The CurveParams.Name of this Curve is "P-384".
Multiple invocations of this function will return the same value, so it can be used for equality checks and switch statements.
The cryptographic operations do not use constant-time algorithms.
func P521 ¶
func P521() Curve
P521 returns a Curve which implements NIST P-521 (FIPS 186-3, section D.2.5), also known as secp521r1. The CurveParams.Name of this Curve is "P-521".
Multiple invocations of this function will return the same value, so it can be used for equality checks and switch statements.
The cryptographic operations do not use constant-time algorithms.
type CurveParams ¶
type CurveParams struct { P *big.Int // the order of the underlying field N *big.Int // the order of the base point B *big.Int // the constant of the curve equation Gx, Gy *big.Int // (x,y) of the base point BitSize int // the size of the underlying field Name string // the canonical name of the curve }
CurveParams contains the parameters of an elliptic curve and also provides a generic, non-constant time implementation of Curve.
func (*CurveParams) Params ¶
func (curve *CurveParams) Params() *CurveParams