Documentation
¶
Overview ¶
Package bls provides BLS signatures using the BLS12-381 pairing curve.
This packages implements the IETF/CFRG draft for BLS signatures [1]. Currently only the BASIC mode (one of the three modes specified in the draft) is supported. The pairing function is instantiated with the BLS12-381 curve.
Groups ¶
The BLS signature scheme can be instantiated with keys in one of the two groups: G1 or G2, which correspond to the input domain of a pairing function e(G1,G2) -> Gt. Thus, choosing keys in G1 implies that signature values are internally represented in G2; or viceversa. Use the types KeyG1SigG2 or KeyG2SigG1 to express this preference.
Serialization ¶
The serialization of elements in G1 and G2 follows the recommendation given in [2], in order to be compatible with other implementations of BLS12-381 curve.
References ¶
[1] https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-bls-signature-05
[2] https://github.com/zkcrypto/bls12_381/blob/0.7.0/src/notes/serialization.rs
Index ¶
- Variables
- func Verify[K KeyGroup](pub *PublicKey[K], msg []byte, sig Signature) bool
- func VerifyAggregate[K KeyGroup](pubs []*PublicKey[K], msgs [][]byte, aggSig Signature) bool
- type G1
- type G2
- type KeyG1SigG2
- type KeyG2SigG1
- type KeyGroup
- type PrivateKey
- func (k *PrivateKey[K]) Equal(x crypto.PrivateKey) bool
- func (k *PrivateKey[K]) MarshalBinary() ([]byte, error)
- func (k *PrivateKey[K]) Public() crypto.PublicKey
- func (k *PrivateKey[K]) PublicKey() *PublicKey[K]
- func (k *PrivateKey[K]) UnmarshalBinary(data []byte) error
- func (k *PrivateKey[K]) Validate() bool
- type PublicKey
- type Signature
Constants ¶
This section is empty.
Variables ¶
var ( ErrInvalid = errors.New("bls: invalid BLS instance") ErrInvalidKey = errors.New("bls: invalid key") ErrKeyGen = errors.New("bls: too many unsuccessful key generation tries") ErrShortIKM = errors.New("bls: IKM material shorter than 32 bytes") ErrAggregate = errors.New("bls: error while aggregating signatures") )
Functions ¶
Types ¶
type G1 ¶
type G1 struct {
// contains filtered or unexported fields
}
G1 group used for keys defined in pairing group G1.
type G2 ¶
type G2 struct {
// contains filtered or unexported fields
}
G2 group used for keys defined in pairing group G2.
type KeyGroup ¶
KeyGroup determines the group used for keys, while the other group is used for signatures.
type PrivateKey ¶
type PrivateKey[K KeyGroup] struct { // contains filtered or unexported fields }
func KeyGen ¶
func KeyGen[K KeyGroup](ikm, salt, keyInfo []byte) (*PrivateKey[K], error)
KeyGen derives a private key for the specified group (G1 or G2). The length of ikm material should be at least 32 bytes length. The salt value should be either empty or a uniformly random bytes whose length equals the output length of SHA-256.
func (*PrivateKey[K]) Equal ¶
func (k *PrivateKey[K]) Equal(x crypto.PrivateKey) bool
func (*PrivateKey[K]) MarshalBinary ¶
func (k *PrivateKey[K]) MarshalBinary() ([]byte, error)
MarshalBinary returns a slice with the representation of the underlying PrivateKey scalar (in big-endian order).
func (*PrivateKey[K]) Public ¶
func (k *PrivateKey[K]) Public() crypto.PublicKey
func (*PrivateKey[K]) PublicKey ¶
func (k *PrivateKey[K]) PublicKey() *PublicKey[K]
PublicKey computes the corresponding public key. The key is cached for further invocations to this function.
func (*PrivateKey[K]) UnmarshalBinary ¶
func (k *PrivateKey[K]) UnmarshalBinary(data []byte) error
func (*PrivateKey[K]) Validate ¶
func (k *PrivateKey[K]) Validate() bool
Validate explicitly determines if a private key is valid.
type PublicKey ¶
type PublicKey[K KeyGroup] struct { // contains filtered or unexported fields }
func (*PublicKey[K]) MarshalBinary ¶
MarshalBinary returns a slice with the compressed representation of the underlying element in G1 or G2.
Source Files