sm9curve

package
v1.0.5013 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 10, 2025 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var Gen1 = &G1{curveGen}

Gen1 is the generator of G1.

View Source
var Gen2 = &G2{twistGen}

Gen2 is the generator of G2.

View Source
var Order = bigFromHex("b640000002a3a6f1d603ab4ff58ec74449f2934b18ea8beee56ee19cd69ecf25")

Order is the number of elements in both G₁ and G₂: 36u⁴+36u³+18u²+6u+1.

Functions

func GenerateGTFieldTable added in v1.0.2040

func GenerateGTFieldTable(basePoint *GT) *[32 * 2]GTFieldTable

func NewCurveGenerator added in v1.0.2040

func NewCurveGenerator() *curvePoint

func NewCurvePoint added in v1.0.2040

func NewCurvePoint() *curvePoint

func NewTwistGenerator added in v1.0.2040

func NewTwistGenerator() *twistPoint

func NewTwistPoint added in v1.0.2040

func NewTwistPoint() *twistPoint

func NormalizeScalar added in v1.0.2040

func NormalizeScalar(scalar []byte) []byte

func Sqrt added in v1.0.2040

func Sqrt(e, x *gfP) (isSquare bool)

Sqrt sets e to a square root of x. If x is not a square, Sqrt returns false and e is unchanged. e and x can overlap.

Types

type G1

type G1 struct {
	// contains filtered or unexported fields
}

G1 is an abstract cyclic group. The zero value is suitable for use as the output of an operation, but cannot be used as an input.

func RandomG1

func RandomG1(r io.Reader) (*big.Int, *G1, error)

RandomG1 returns x and g₁ˣ where x is a random, non-zero number read from r.

func (*G1) Add

func (e *G1) Add(a, b *G1) *G1

Add sets e to a+b and then returns e.

func (*G1) Double added in v1.0.2040

func (e *G1) Double(a *G1) *G1

Double sets e to [2]a and then returns e.

func (*G1) Equal added in v1.0.2040

func (e *G1) Equal(other *G1) bool

Equal compare e and other

func (*G1) IsOnCurve added in v1.0.2040

func (e *G1) IsOnCurve() bool

IsOnCurve returns true if e is on the curve.

func (*G1) Marshal

func (e *G1) Marshal() []byte

Marshal converts e to a byte slice.

func (*G1) MarshalCompressed added in v1.0.2040

func (e *G1) MarshalCompressed() []byte

MarshalCompressed converts e to a byte slice with compress prefix. If the point is not on the curve (or is the conventional point at infinity), the behavior is undefined.

func (*G1) MarshalUncompressed added in v1.0.2040

func (e *G1) MarshalUncompressed() []byte

MarshalUncompressed converts e to a byte slice with prefix

func (*G1) Neg

func (e *G1) Neg(a *G1) *G1

Neg sets e to -a and then returns e.

func (*G1) ScalarBaseMult

func (e *G1) ScalarBaseMult(scalar []byte) (*G1, error)

ScalarBaseMult sets e to scaler*g where g is the generator of the group and then returns e.

func (*G1) ScalarMult

func (e *G1) ScalarMult(a *G1, scalar []byte) (*G1, error)

ScalarMult sets e to a*k and then returns e.

func (*G1) Set

func (e *G1) Set(a *G1) *G1

Set sets e to a and then returns e.

func (*G1) String

func (g *G1) String() string

func (*G1) Unmarshal

func (e *G1) Unmarshal(m []byte) ([]byte, error)

Unmarshal sets e to the result of converting the output of Marshal back into a group element and then returns e.

func (*G1) UnmarshalCompressed added in v1.0.2040

func (e *G1) UnmarshalCompressed(data []byte) ([]byte, error)

UnmarshalCompressed sets e to the result of converting the output of Marshal back into a group element and then returns e.

func (*G1) UnmarshalUncompressed added in v1.0.2040

func (e *G1) UnmarshalUncompressed(data []byte) ([]byte, error)

type G2

type G2 struct {
	// contains filtered or unexported fields
}

G2 is an abstract cyclic group. The zero value is suitable for use as the output of an operation, but cannot be used as an input.

func RandomG2

func RandomG2(r io.Reader) (*big.Int, *G2, error)

RandomG2 returns x and g₂ˣ where x is a random, non-zero number read from r.

func (*G2) Add

func (e *G2) Add(a, b *G2) *G2

Add sets e to a+b and then returns e.

func (*G2) Equal added in v1.0.2040

func (e *G2) Equal(other *G2) bool

Equal compare e and other

func (*G2) IsOnCurve added in v1.0.2040

func (e *G2) IsOnCurve() bool

IsOnCurve returns true if e is on the twist curve.

func (*G2) Marshal

func (e *G2) Marshal() []byte

Marshal converts e into a byte slice.

func (*G2) MarshalCompressed added in v1.0.2040

func (e *G2) MarshalCompressed() []byte

MarshalCompressed converts e into a byte slice with uncompressed point prefix

func (*G2) MarshalUncompressed added in v1.0.2040

func (e *G2) MarshalUncompressed() []byte

MarshalUncompressed converts e into a byte slice with uncompressed point prefix

func (*G2) Neg

func (e *G2) Neg(a *G2) *G2

Neg sets e to -a and then returns e.

func (*G2) ScalarBaseMult

func (e *G2) ScalarBaseMult(scalar []byte) (*G2, error)

ScalarBaseMult sets e to g*k where g is the generator of the group and then returns out.

func (*G2) ScalarMult

func (e *G2) ScalarMult(a *G2, scalar []byte) (*G2, error)

ScalarMult sets e to a*k and then returns e.

func (*G2) Set

func (e *G2) Set(a *G2) *G2

Set sets e to a and then returns e.

func (*G2) String

func (e *G2) String() string

func (*G2) Unmarshal

func (e *G2) Unmarshal(m []byte) ([]byte, error)

Unmarshal sets e to the result of converting the output of Marshal back into a group element and then returns e.

func (*G2) UnmarshalCompressed added in v1.0.2040

func (e *G2) UnmarshalCompressed(data []byte) ([]byte, error)

UnmarshalCompressed sets e to the result of converting the output of Marshal back into a group element and then returns e.

func (*G2) UnmarshalUncompressed added in v1.0.2040

func (e *G2) UnmarshalUncompressed(data []byte) ([]byte, error)

type GT

type GT struct {
	// contains filtered or unexported fields
}

GT is an abstract cyclic group. The zero value is suitable for use as the output of an operation, but cannot be used as an input.

func Miller

func Miller(g1 *G1, g2 *G2) *GT

Miller applies Miller's algorithm, which is a bilinear function from the source groups to F_p^12. Miller(g1, g2).Finalize() is equivalent to Pair(g1, g2).

func Pair

func Pair(g1 *G1, g2 *G2) *GT

Pair calculates an R-Ate pairing.

func RandomGT

func RandomGT(r io.Reader) (*big.Int, *GT, error)

RandomGT returns x and e(g₁, g₂)ˣ where x is a random, non-zero number read from r.

func ScalarBaseMultGT added in v1.0.2040

func ScalarBaseMultGT(tables *[32 * 2]GTFieldTable, scalar []byte) (*GT, error)

ScalarBaseMultGT compute basepoint^r with precomputed table

func ScalarMultGT added in v1.0.2040

func ScalarMultGT(a *GT, scalar []byte) (*GT, error)

ScalarMultGT compute a^scalar

func (*GT) Add

func (e *GT) Add(a, b *GT) *GT

Add sets e to a+b and then returns e.

func (*GT) Equal added in v1.0.2040

func (e *GT) Equal(t *GT) bool

func (*GT) Finalize

func (e *GT) Finalize() *GT

Finalize is a linear function from F_p^12 to GT.

func (*GT) Marshal

func (e *GT) Marshal() []byte

Marshal converts e into a byte slice. To support SM9 alg, we marshal it as 1-2-4-12 towering extentions here.

func (*GT) ScalarBaseMult

func (e *GT) ScalarBaseMult(k *big.Int) *GT

ScalarBaseMult sets e to g*k where g is the generator of the group and then returns out.

func (*GT) ScalarMult

func (e *GT) ScalarMult(a *GT, k *big.Int) *GT

ScalarMult sets e to a*k and then returns e.

func (*GT) Set

func (e *GT) Set(a *GT) *GT

Set sets e to a and then returns e.

func (*GT) SetOne added in v1.0.2040

func (e *GT) SetOne() *GT

Set sets e to one and then returns e.

func (*GT) String

func (g *GT) String() string

func (*GT) Unmarshal

func (e *GT) Unmarshal(m []byte) ([]byte, error)

Unmarshal sets e to the result of converting the output of Marshal back into a group element and then returns e. To support SM9 alg, we unmarshal it as 1-2-4-12 towering extentions here.

type GTFieldTable added in v1.0.2040

type GTFieldTable [15]*GT

A GTFieldTable holds the first 15 Exp of a value at offset -1, so P is at table[0], P^15 is at table[14], and P^0 is implicitly the identity point.

func (*GTFieldTable) Select added in v1.0.2040

func (table *GTFieldTable) Select(p *GT, n uint8)

Select selects the n-th multiple of the table base point into p. It works in constant time by iterating over every entry of the table. n must be in [0, 15].

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL