nistec

package module
v0.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 24, 2023 License: BSD-3-Clause Imports: 9 Imported by: 1

README

filippo.io/nistec

import "filippo.io/nistec"

This package implements the NIST P elliptic curves, according to FIPS 186-4 and SEC 1, Version 2.0, exposing the necessary APIs to build a wide array of higher-level primitives.

It's an exported version of crypto/internal/nistec in the standard library, which powers crypto/elliptic, crypto/ecdsa, and crypto/ecdh. The git history has been preserved, and new upstream changes are applied periodically.

This package uses fiat-crypto or specialized assembly and Go code for its backend field arithmetic (not math/big) and exposes constant-time, heap allocation-free, byte slice-based safe APIs. Group operations use modern and safe complete addition formulas where possible. The point at infinity is handled and encoded according to SEC 1, Version 2.0, and invalid curve points can't be represented. This makes it particularly suitable to be used as a prime order group implementation.

Use the purego build tag to exclude the assembly and rely entirely on formally verified fiat-crypto arithmetic and complete addition formulas.

Read the docs at pkg.go.dev/filippo.io/nistec.

This repository does not accept contributions. Any changes should be submitted upstream to the Go project.

Documentation

Overview

Package nistec implements the NIST P elliptic curves from FIPS 186-4.

This package uses fiat-crypto or specialized assembly and Go code for its backend field arithmetic (not math/big) and exposes constant-time, heap allocation-free, byte slice-based safe APIs. Group operations use modern and safe complete addition formulas where possible. The point at infinity is handled and encoded according to SEC 1, Version 2.0, and invalid curve points can't be represented.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type P224Point 

type P224Point struct {
	// contains filtered or unexported fields
}

P224Point is a P224 point. The zero value is NOT valid.

func NewP224Point 

func NewP224Point() *P224Point

NewP224Point returns a new P224Point representing the point at infinity point.

func (*P224Point) Add 

func (q *P224Point) Add(p1, p2 *P224Point) *P224Point

Add sets q = p1 + p2, and returns q. The points may overlap.

func (*P224Point) Bytes 

func (p *P224Point) Bytes() []byte

Bytes returns the uncompressed or infinity encoding of p, as specified in SEC 1, Version 2.0, Section 2.3.3. Note that the encoding of the point at infinity is shorter than all other encodings.

func (*P224Point) BytesCompressed 

func (p *P224Point) BytesCompressed() []byte

BytesCompressed returns the compressed or infinity encoding of p, as specified in SEC 1, Version 2.0, Section 2.3.3. Note that the encoding of the point at infinity is shorter than all other encodings.

func (*P224Point) BytesX 

func (p *P224Point) BytesX() ([]byte, error)

BytesX returns the encoding of the x-coordinate of p, as specified in SEC 1, Version 2.0, Section 2.3.5, or an error if p is the point at infinity.

func (*P224Point) Double 

func (q *P224Point) Double(p *P224Point) *P224Point

Double sets q = p + p, and returns q. The points may overlap.

func (*P224Point) ScalarBaseMult 

func (p *P224Point) ScalarBaseMult(scalar []byte) (*P224Point, error)

ScalarBaseMult sets p = scalar * B, where B is the canonical generator, and returns p.

func (*P224Point) ScalarMult 

func (p *P224Point) ScalarMult(q *P224Point, scalar []byte) (*P224Point, error)

ScalarMult sets p = scalar * q, and returns p.

func (*P224Point) Select 

func (q *P224Point) Select(p1, p2 *P224Point, cond int) *P224Point

Select sets q to p1 if cond == 1, and to p2 if cond == 0.

func (*P224Point) Set 

func (p *P224Point) Set(q *P224Point) *P224Point

Set sets p = q and returns p.

func (*P224Point) SetBytes 

func (p *P224Point) SetBytes(b []byte) (*P224Point, error)

SetBytes sets p to the compressed, uncompressed, or infinity value encoded in b, as specified in SEC 1, Version 2.0, Section 2.3.4. If the point is not on the curve, it returns nil and an error, and the receiver is unchanged. Otherwise, it returns p.

func (*P224Point) SetGenerator 

func (p *P224Point) SetGenerator() *P224Point

SetGenerator sets p to the canonical generator and returns p.

type P256Point 

type P256Point struct {
	// contains filtered or unexported fields
}

P256Point is a P-256 point. The zero value should not be assumed to be valid (although it is in this implementation).

func NewP256Point 

func NewP256Point() *P256Point

NewP256Point returns a new P256Point representing the point at infinity.

func (*P256Point) Add 

func (q *P256Point) Add(r1, r2 *P256Point) *P256Point

Add sets q = p1 + p2, and returns q. The points may overlap.

func (*P256Point) Bytes 

func (p *P256Point) Bytes() []byte

Bytes returns the uncompressed or infinity encoding of p, as specified in SEC 1, Version 2.0, Section 2.3.3. Note that the encoding of the point at infinity is shorter than all other encodings.

func (*P256Point) BytesCompressed 

func (p *P256Point) BytesCompressed() []byte

BytesCompressed returns the compressed or infinity encoding of p, as specified in SEC 1, Version 2.0, Section 2.3.3. Note that the encoding of the point at infinity is shorter than all other encodings.

func (*P256Point) BytesX 

func (p *P256Point) BytesX() ([]byte, error)

BytesX returns the encoding of the x-coordinate of p, as specified in SEC 1, Version 2.0, Section 2.3.5, or an error if p is the point at infinity.

func (*P256Point) Double 

func (q *P256Point) Double(p *P256Point) *P256Point

Double sets q = p + p, and returns q. The points may overlap.

func (*P256Point) ScalarBaseMult 

func (r *P256Point) ScalarBaseMult(scalar []byte) (*P256Point, error)

ScalarBaseMult sets r = scalar * generator, where scalar is a 32-byte big endian value, and returns r. If scalar is not 32 bytes long, ScalarBaseMult returns an error and the receiver is unchanged.

func (*P256Point) ScalarMult 

func (r *P256Point) ScalarMult(q *P256Point, scalar []byte) (*P256Point, error)

ScalarMult sets r = scalar * q, where scalar is a 32-byte big endian value, and returns r. If scalar is not 32 bytes long, ScalarBaseMult returns an error and the receiver is unchanged.

func (*P256Point) Select 

func (q *P256Point) Select(p1, p2 *P256Point, cond int) *P256Point

Select sets q to p1 if cond == 1, and to p2 if cond == 0.

func (*P256Point) Set 

func (p *P256Point) Set(q *P256Point) *P256Point

Set sets p = q and returns p.

func (*P256Point) SetBytes 

func (p *P256Point) SetBytes(b []byte) (*P256Point, error)

SetBytes sets p to the compressed, uncompressed, or infinity value encoded in b, as specified in SEC 1, Version 2.0, Section 2.3.4. If the point is not on the curve, it returns nil and an error, and the receiver is unchanged. Otherwise, it returns p.

func (*P256Point) SetGenerator 

func (p *P256Point) SetGenerator() *P256Point

SetGenerator sets p to the canonical generator and returns p.

type P384Point 

type P384Point struct {
	// contains filtered or unexported fields
}

P384Point is a P384 point. The zero value is NOT valid.

func NewP384Point 

func NewP384Point() *P384Point

NewP384Point returns a new P384Point representing the point at infinity point.

func (*P384Point) Add 

func (q *P384Point) Add(p1, p2 *P384Point) *P384Point

Add sets q = p1 + p2, and returns q. The points may overlap.

func (*P384Point) Bytes 

func (p *P384Point) Bytes() []byte

Bytes returns the uncompressed or infinity encoding of p, as specified in SEC 1, Version 2.0, Section 2.3.3. Note that the encoding of the point at infinity is shorter than all other encodings.

func (*P384Point) BytesCompressed 

func (p *P384Point) BytesCompressed() []byte

BytesCompressed returns the compressed or infinity encoding of p, as specified in SEC 1, Version 2.0, Section 2.3.3. Note that the encoding of the point at infinity is shorter than all other encodings.

func (*P384Point) BytesX 

func (p *P384Point) BytesX() ([]byte, error)

BytesX returns the encoding of the x-coordinate of p, as specified in SEC 1, Version 2.0, Section 2.3.5, or an error if p is the point at infinity.

func (*P384Point) Double 

func (q *P384Point) Double(p *P384Point) *P384Point

Double sets q = p + p, and returns q. The points may overlap.

func (*P384Point) ScalarBaseMult 

func (p *P384Point) ScalarBaseMult(scalar []byte) (*P384Point, error)

ScalarBaseMult sets p = scalar * B, where B is the canonical generator, and returns p.

func (*P384Point) ScalarMult 

func (p *P384Point) ScalarMult(q *P384Point, scalar []byte) (*P384Point, error)

ScalarMult sets p = scalar * q, and returns p.

func (*P384Point) Select 

func (q *P384Point) Select(p1, p2 *P384Point, cond int) *P384Point

Select sets q to p1 if cond == 1, and to p2 if cond == 0.

func (*P384Point) Set 

func (p *P384Point) Set(q *P384Point) *P384Point

Set sets p = q and returns p.

func (*P384Point) SetBytes 

func (p *P384Point) SetBytes(b []byte) (*P384Point, error)

SetBytes sets p to the compressed, uncompressed, or infinity value encoded in b, as specified in SEC 1, Version 2.0, Section 2.3.4. If the point is not on the curve, it returns nil and an error, and the receiver is unchanged. Otherwise, it returns p.

func (*P384Point) SetGenerator 

func (p *P384Point) SetGenerator() *P384Point

SetGenerator sets p to the canonical generator and returns p.

type P521Point 

type P521Point struct {
	// contains filtered or unexported fields
}

P521Point is a P521 point. The zero value is NOT valid.

func NewP521Point 

func NewP521Point() *P521Point

NewP521Point returns a new P521Point representing the point at infinity point.

func (*P521Point) Add 

func (q *P521Point) Add(p1, p2 *P521Point) *P521Point

Add sets q = p1 + p2, and returns q. The points may overlap.

func (*P521Point) Bytes 

func (p *P521Point) Bytes() []byte

Bytes returns the uncompressed or infinity encoding of p, as specified in SEC 1, Version 2.0, Section 2.3.3. Note that the encoding of the point at infinity is shorter than all other encodings.

func (*P521Point) BytesCompressed 

func (p *P521Point) BytesCompressed() []byte

BytesCompressed returns the compressed or infinity encoding of p, as specified in SEC 1, Version 2.0, Section 2.3.3. Note that the encoding of the point at infinity is shorter than all other encodings.

func (*P521Point) BytesX 

func (p *P521Point) BytesX() ([]byte, error)

BytesX returns the encoding of the x-coordinate of p, as specified in SEC 1, Version 2.0, Section 2.3.5, or an error if p is the point at infinity.

func (*P521Point) Double 

func (q *P521Point) Double(p *P521Point) *P521Point

Double sets q = p + p, and returns q. The points may overlap.

func (*P521Point) ScalarBaseMult 

func (p *P521Point) ScalarBaseMult(scalar []byte) (*P521Point, error)

ScalarBaseMult sets p = scalar * B, where B is the canonical generator, and returns p.

func (*P521Point) ScalarMult 

func (p *P521Point) ScalarMult(q *P521Point, scalar []byte) (*P521Point, error)

ScalarMult sets p = scalar * q, and returns p.

func (*P521Point) Select 

func (q *P521Point) Select(p1, p2 *P521Point, cond int) *P521Point

Select sets q to p1 if cond == 1, and to p2 if cond == 0.

func (*P521Point) Set 

func (p *P521Point) Set(q *P521Point) *P521Point

Set sets p = q and returns p.

func (*P521Point) SetBytes 

func (p *P521Point) SetBytes(b []byte) (*P521Point, error)

SetBytes sets p to the compressed, uncompressed, or infinity value encoded in b, as specified in SEC 1, Version 2.0, Section 2.3.4. If the point is not on the curve, it returns nil and an error, and the receiver is unchanged. Otherwise, it returns p.

func (*P521Point) SetGenerator 

func (p *P521Point) SetGenerator() *P521Point

SetGenerator sets p to the canonical generator and returns p.

Source Files

View all Source files

Directories

Path Synopsis
internal
fiat

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.