ecgfp5

package
v0.0.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 20, 2025 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	WINDOW   = 5
	WIN_SIZE = 1 << (WINDOW - 1)
)

Variables

View Source 
var (
	A_ECgFp5Point = gFp5.FromUint64Array([5]uint64{2, 0, 0, 0, 0})

	B1                  = uint64(263)
	B_ECgFp5Point       = gFp5.FromUint64Array([5]uint64{0, B1, 0, 0, 0})
	B_MUL2_ECgFp5Point  = gFp5.FromUint64Array([5]uint64{0, 2 * B1, 0, 0, 0})
	B_MUL4_ECgFp5Point  = gFp5.FromUint64Array([5]uint64{0, 4 * B1, 0, 0, 0})
	B_MUL16_ECgFp5Point = gFp5.FromUint64Array([5]uint64{0, 16 * B1, 0, 0, 0})

	NEUTRAL_ECgFp5Point = ECgFp5Point{
						// contains filtered or unexported fields
	}

	GENERATOR_ECgFp5Point = ECgFp5Point{
							// contains filtered or unexported fields
	}
)

Constants for ECgFp5Point

View Source 
var (
	ORDER, _ = new(big.Int).SetString("1067993516717146951041484916571792702745057740581727230159139685185762082554198619328292418486241", 10)
	ZERO     = ECgFp5Scalar{}
	ONE      = ECgFp5Scalar{1, 0, 0, 0, 0}
	TWO      = ECgFp5Scalar{2, 0, 0, 0, 0}
	NEG_ONE  = ECgFp5Scalar{
		0xE80FD996948BFFE0,
		0xE8885C39D724A09C,
		0x7FFFFFE6CFB80639,
		0x7FFFFFF100000016,
		0x7FFFFFFD80000007,
	}
)
View Source 
var (

	// The modulus itself, stored in a Scalar structure (which
	// contravenes to the rules of a Scalar; this constant MUST NOT leak
	// outside the API).
	N = ECgFp5Scalar{
		0xE80FD996948BFFE1,
		0xE8885C39D724A09C,
		0x7FFFFFE6CFB80639,
		0x7FFFFFF100000016,
		0x7FFFFFFD80000007,
	}
	// -1/N[0] mod 2^64
	N0I = uint64(0xD78BEF72057B7BDF)
	// 2^640 mod n
	R2 = ECgFp5Scalar{
		0xA01001DCE33DC739,
		0x6C3228D33F62ACCF,
		0xD1D796CC91CF8525,
		0xAADFFF5D1574C1D8,
		0x4ACA13B28CA251F5,
	}
	// 2^632 mod n
	T632 = ECgFp5Scalar{
		0x2B0266F317CA91B3,
		0xEC1D26528E984773,
		0x8651D7865E12DB94,
		0xDA2ADFF5941574D0,
		0x53CACA12110CA256,
	}
)
View Source 
var (
	GENERATOR_WEIERSTRASS = WeierstrassPoint{
		X: gFp5.Element{
			g.FromUint64(11712523173042564207),
			g.FromUint64(14090224426659529053),
			g.FromUint64(13197813503519687414),
			g.FromUint64(16280770174934269299),
			g.FromUint64(15998333998318935536),
		},
		Y: gFp5.Element{
			g.FromUint64(14639054205878357578),
			g.FromUint64(17426078571020221072),
			g.FromUint64(2548978194165003307),
			g.FromUint64(8663895577921260088),
			g.FromUint64(9793640284382595140),
		},
		IsInf: false,
	}

	A_WEIERSTRASS = gFp5.Element{
		g.FromUint64(6148914689804861439),
		g.FromUint64(263),
		g.FromUint64(0),
		g.FromUint64(0),
		g.FromUint64(0),
	}

	NEUTRAL_WEIERSTRASS = WeierstrassPoint{
		X:     gFp5.FP5_ZERO,
		Y:     gFp5.FP5_ZERO,
		IsInf: true,
	}
)
View Source 
var AFFINE_NEUTRAL = AffinePoint{
	// contains filtered or unexported fields
}

Functions

func BigIntFromArray 

func BigIntFromArray(arr [5]uint64) *big.Int

func CanBeDecodedIntoPoint 

func CanBeDecodedIntoPoint(w gFp5.Element) bool

func RecodeSignedFromLimbs 

func RecodeSignedFromLimbs(limbs []uint64, ss []int32, w int32)

func U64Bitlength 

func U64Bitlength(w uint64) int32

Types

type AffinePoint 

type AffinePoint struct {
	// contains filtered or unexported fields
}

A curve point in affine (x,u) coordinates. This is used internally to make "windows" that speed up point multiplications.

func BatchToAffine 

func BatchToAffine(src []ECgFp5Point) []AffinePoint

Convert points to affine coordinates.

func Lookup 

func Lookup(win []AffinePoint, k int32) AffinePoint

func LookupVarTime 

func LookupVarTime(win []AffinePoint, k int32) AffinePoint

Same as lookup(), except this implementation is variable-time.

func (*AffinePoint) SetLookup 

func (p *AffinePoint) SetLookup(win []AffinePoint, k int32)

Lookup a point in a window. The win[] slice must contain values i*P for i = 1 to n (win[0] contains P, win[1] contains 2*P, and so on). Index value k is an integer in the -n to n range; returned point is k*P.

func (*AffinePoint) SetNeg 

func (p *AffinePoint) SetNeg()

func (AffinePoint) ToPoint 

func (p AffinePoint) ToPoint() ECgFp5Point

type ECgFp5Point 

type ECgFp5Point struct {
	// contains filtered or unexported fields
}

A curve point.

func Decode 

func Decode(w gFp5.Element) (ECgFp5Point, bool)

Attempt to decode a point from an gFp5 element

func (ECgFp5Point) Add 

func (p ECgFp5Point) Add(rhs ECgFp5Point) ECgFp5Point

General point addition. formulas are complete (no special case).

func (ECgFp5Point) AddAffine 

func (p ECgFp5Point) AddAffine(rhs AffinePoint) ECgFp5Point

Add a point in affine coordinates to this one.

func (ECgFp5Point) Double 

func (p ECgFp5Point) Double() ECgFp5Point

func (ECgFp5Point) Encode 

func (p ECgFp5Point) Encode() gFp5.Element

func (ECgFp5Point) Equals 

func (p ECgFp5Point) Equals(rhs ECgFp5Point) bool

func (ECgFp5Point) IsNeutral 

func (p ECgFp5Point) IsNeutral() bool

func (*ECgFp5Point) MDouble 

func (p *ECgFp5Point) MDouble(n uint32) ECgFp5Point

func (ECgFp5Point) MakeWindowAffine 

func (p ECgFp5Point) MakeWindowAffine() []AffinePoint

func (ECgFp5Point) Mul 

func (p ECgFp5Point) Mul(s *ECgFp5Scalar) ECgFp5Point

func (*ECgFp5Point) SetDouble 

func (p *ECgFp5Point) SetDouble()

func (*ECgFp5Point) SetMDouble 

func (p *ECgFp5Point) SetMDouble(n uint32)

func (*ECgFp5Point) SetMul 

func (p *ECgFp5Point) SetMul(s *ECgFp5Scalar)

Multiply this point by a scalar.

type ECgFp5Scalar 

type ECgFp5Scalar [5]uint64

ECgFp5Scalar represents the scalar field of the ECgFP5 elliptic curve where p = 1067993516717146951041484916571792702745057740581727230159139685185762082554198619328292418486241

func FromGfp5 

func FromGfp5(fp5 gFp5.Element) ECgFp5Scalar

func FromNonCanonicalBigInt 

func FromNonCanonicalBigInt(val *big.Int) ECgFp5Scalar

func SampleScalar 

func SampleScalar(seed *string) ECgFp5Scalar

func ScalarElementFromLittleEndianBytes 

func ScalarElementFromLittleEndianBytes(data []byte) ECgFp5Scalar

func Select 

func Select(c uint64, a0, a1 *ECgFp5Scalar) *ECgFp5Scalar

If c == 0, return a0. If c == 0xFFFFFFFFFFFFFFFF, return a1. c MUST be equal to 0 or 0xFFFFFFFFFFFFFFFF.

func (ECgFp5Scalar) Add 

func (s ECgFp5Scalar) Add(rhs ECgFp5Scalar) ECgFp5Scalar

func (ECgFp5Scalar) AddInner 

func (s ECgFp5Scalar) AddInner(a ECgFp5Scalar) ECgFp5Scalar

raw addition (no reduction)

func (*ECgFp5Scalar) DeepCopy 

func (s *ECgFp5Scalar) DeepCopy() ECgFp5Scalar

func (*ECgFp5Scalar) Equals 

func (s *ECgFp5Scalar) Equals(rhs *ECgFp5Scalar) bool

func (*ECgFp5Scalar) IsZero 

func (s *ECgFp5Scalar) IsZero() bool

func (*ECgFp5Scalar) MontyMul 

func (s *ECgFp5Scalar) MontyMul(rhs *ECgFp5Scalar) *ECgFp5Scalar

Montgomery multiplication. Returns (self*rhs)/2^320 mod n. 'self' MUST be less than n (the other operand can be up to 2^320-1).

func (*ECgFp5Scalar) Mul 

func (s *ECgFp5Scalar) Mul(rhs *ECgFp5Scalar) *ECgFp5Scalar

func (ECgFp5Scalar) Neg 

func (s ECgFp5Scalar) Neg() ECgFp5Scalar

func (ECgFp5Scalar) Order 

func (s ECgFp5Scalar) Order() *big.Int

func (ECgFp5Scalar) RecodeSigned 

func (s ECgFp5Scalar) RecodeSigned(ss []int32, w int32)

Recode a scalar into signed integers. For a window width of w bits, returned integers are in the -(2^w-1) to +2^w range. The provided slice is filled; if w*len(ss) >= 320, then the output encodes the complete scalar value, and the top (last) signed integer is nonnegative. Window width MUST be between 2 and 10.

func (ECgFp5Scalar) SplitTo4BitLimbs 

func (s ECgFp5Scalar) SplitTo4BitLimbs() [80]uint8

func (*ECgFp5Scalar) Square 

func (s *ECgFp5Scalar) Square() *ECgFp5Scalar

func (ECgFp5Scalar) Sub 

func (s ECgFp5Scalar) Sub(rhs ECgFp5Scalar) ECgFp5Scalar

func (*ECgFp5Scalar) SubInner 

func (s *ECgFp5Scalar) SubInner(a *ECgFp5Scalar) (*ECgFp5Scalar, uint64)

raw subtraction (no reduction) Final borrow is returned (0xFFFFFFFFFFFFFFFF if borrow, 0 otherwise).

func (ECgFp5Scalar) ToCanonicalBigInt 

func (s ECgFp5Scalar) ToCanonicalBigInt() *big.Int

func (ECgFp5Scalar) ToLittleEndianBytes 

func (s ECgFp5Scalar) ToLittleEndianBytes() []byte

type Signed161 

type Signed161 [3]uint64

A custom 161-bit integer type; used for splitting a scalar into a fraction. Negative values use two's complement notation; the value is truncated to 161 bits (upper bits in the top limb are ignored). Elements are mutable containers. WARNING: everything in here is vartime; do not use on secret values.

func (*Signed161) Add 

func (s *Signed161) Add(v []uint64)

func (*Signed161) AddShifted 

func (s *Signed161) AddShifted(v *Signed161, shift int32)

Add v*2^s to this value.

func (*Signed161) AddShiftedSmall 

func (s *Signed161) AddShiftedSmall(v []uint64, shift int32)

func (Signed161) RecodeSigned5 

func (s Signed161) RecodeSigned5() [33]int32

Recode this integer into 33 signed digits for a 5-bit window.

func (*Signed161) Sub 

func (s *Signed161) Sub(v []uint64)

func (*Signed161) SubShifted 

func (s *Signed161) SubShifted(v *Signed161, shift int32)

Subtract v*2^s from this value.

func (*Signed161) SubShiftedSmall 

func (s *Signed161) SubShiftedSmall(v []uint64, shift int32)

func (Signed161) ToU192 

func (s Signed161) ToU192() [3]uint64

Export this value as a 192-bit integer (three 64-bit limbs, in little-endian order).

type Signed640 

type Signed640 [10]uint64

A custom 640-bit integer type (signed). Elements are mutable containers. WARNING: everything in here is vartime; do not use on secret values.

func FromMulScalars 

func FromMulScalars(a, b *ECgFp5Scalar) *Signed640

Obtain an instance containing a*b (both a and b are interpreted as integers in the 0..n-1 range).

func FromNsquared 

func FromNsquared() *Signed640

Obtain an instance containing n^2.

func (*Signed640) Add 

func (s *Signed640) Add(v []uint64)

func (*Signed640) Add1 

func (s *Signed640) Add1()

Add 1 to this instance.

func (*Signed640) AddShifted 

func (s *Signed640) AddShifted(v *Signed640, shift int32)

Add v*2^s to this instance.

func (*Signed640) AddShiftedSmall 

func (s *Signed640) AddShiftedSmall(v []uint64, shift int32)

func (*Signed640) Bitlength 

func (s *Signed640) Bitlength() int32

Get the bit length of this value. The bit length is defined as the minimal size of the binary representation in two's complement, _excluding_ the sign bit (thus, -2^k has bit length k, whereas +2^k has bit length k+1).

func (*Signed640) IsNonnegative 

func (s *Signed640) IsNonnegative() bool

func (*Signed640) LtUnsigned 

func (s *Signed640) LtUnsigned(rhs *Signed640) bool

func (*Signed640) Sub 

func (s *Signed640) Sub(v []uint64)

func (*Signed640) SubShifted 

func (s *Signed640) SubShifted(v *Signed640, shift int32)

Subtract v*2^s from this instance.

func (*Signed640) SubShiftedSmall 

func (s *Signed640) SubShiftedSmall(v []uint64, shift int32)

type U128 

type U128 struct{ Hi, Lo uint64 }

func U128From64 

func U128From64(v uint64) U128

func (U128) Add64 

func (u U128) Add64(n uint64) (v U128)

func (U128) Mul64 

func (u U128) Mul64(n uint64) (dest U128)

func (U128) Sub64 

func (u U128) Sub64(n uint64) (v U128)

type WeierstrassPoint 

type WeierstrassPoint struct {
	X     gFp5.Element
	Y     gFp5.Element
	IsInf bool
}

A curve point in short Weirstrass form (x, y). This is used by the in-circuit representation

func DecodeFp5AsWeierstrass 

func DecodeFp5AsWeierstrass(w gFp5.Element) (WeierstrassPoint, bool)

func MulAdd2 

func MulAdd2(a, b WeierstrassPoint, scalarA, scalarB ECgFp5Scalar) WeierstrassPoint

func (WeierstrassPoint) Add 

func (p WeierstrassPoint) Add(q WeierstrassPoint) WeierstrassPoint

func (WeierstrassPoint) Double 

func (p WeierstrassPoint) Double() WeierstrassPoint

func (WeierstrassPoint) Encode 

func (p WeierstrassPoint) Encode() gFp5.Element

func (WeierstrassPoint) Equals 

func (p WeierstrassPoint) Equals(q WeierstrassPoint) bool

func (WeierstrassPoint) PrecomputeWindow 

func (p WeierstrassPoint) PrecomputeWindow(windowBits uint32) []WeierstrassPoint

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.