ED448

package
v0.0.0-...-975b9e6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 6, 2024 License: Apache-2.0 Imports: 3 Imported by: 0

Documentation

Index

Constants

View Source 
const AESKEY int = 32
View Source 
const ALLOW_ALT_COMPRESS bool = false
View Source 
const ATE_BITS int = NOT
View Source 
const BASEBITS uint = 58
View Source 
const BIGBITS int = int(MODBYTES * 8)
View Source 
const BIG_ENDIAN_SIGN bool = false
View Source 
const BLS12 int = 2
View Source 
const BLS24 int = 3
View Source 
const BLS48 int = 4
View Source 
const BN int = 1
View Source 
const CHUNK int = 64 /* Set word size */
View Source 
const CURVETYPE int = EDWARDS
View Source 
const CURVE_A int = 1
View Source 
const CURVE_B_I int = -39081
View Source 
const CURVE_Cof_I int = 4
View Source 
const CURVE_PAIRING_TYPE int = NOT
View Source 
const DNLEN int = 2 * NLEN
View Source 
const D_TYPE int = 0

Pairing Twist type

View Source 
const ECDH_ERROR int = -3
View Source 
const ECDH_INVALID_PUBLIC_KEY int = -2
View Source 
const EDDSA_INVALID_PUBLIC_KEY int = -2
View Source 
const EDWARDS int = 1
View Source 
const EFS int = int(MODBYTES)

const INVALID int = -4

View Source 
const EGS int = int(MODBYTES)
View Source 
const FEXCESS int32 = ((int32(1) << 16) - 1)
View Source 
const FP_DENSE int = 5
View Source 
const FP_ONE int = 1
View Source 
const FP_SPARSE int = 4
View Source 
const FP_SPARSER int = 3
View Source 
const FP_SPARSEST int = 2
View Source 
const FP_ZERO int = 0

Sparsity

View Source 
const G2_TABLE int = NOT
View Source 
const GENERALISED_MERSENNE int = 3
View Source 
const HASH_TYPE int = 64
View Source 
const HBITS uint = (BASEBITS / 2)
View Source 
const HTC_ISO int = 0
View Source 
const HTC_ISO_G2 int = 0
View Source 
const MODBITS uint = 448 /* Number of bits in Modulus */

Modulus details

View Source 
const MODBYTES uint = 56

BIG length in bytes and number base

View Source 
const MODTYPE int = GENERALISED_MERSENNE //NOT_SPECIAL
View Source 
const MONTGOMERY int = 2
View Source 
const MONTGOMERY_FRIENDLY int = 2
View Source 
const M_TYPE int = 1
View Source 
const NEGATIVEX int = 1
View Source 
const NEGATOWER int = 0
View Source 
const NEXCESS int = (1 << (uint(CHUNK) - BASEBITS - 1))
View Source 
const NLEN int = int((1 + ((8*MODBYTES - 1) / BASEBITS)))

BIG lengths and Masks

View Source 
const NOT int = 0

Pairing Friendly?

View Source 
const NOT_SPECIAL int = 0

Modulus types

View Source 
const PM1D2 uint = 1 /* Modulus mod 8 */
View Source 
const POSITIVEX int = 0

Pairing x parameter sign

View Source 
const POSITOWER int = 1
View Source 
const PSEUDO_MERSENNE int = 1
View Source 
const QNRI int = 0 // Fp2 QNR
View Source 
const RIADZ int = 0 /* hash-to-point Z */
View Source 
const RIADZG2A int = 0 /* G2 hash-to-point Z */
View Source 
const RIADZG2B int = 0 /* G2 hash-to-point Z */
View Source 
const SEXTIC_TWIST int = NOT
View Source 
const SIGN_OF_X int = NOT
View Source 
const TBITS uint = MODBITS % BASEBITS // Number of active bits in top word
View Source 
const TOWER int = NEGATOWER // Tower type
View Source 
const USE_GLV bool = true
View Source 
const USE_GS_G2 bool = true
View Source 
const USE_GS_GT bool = true
View Source 
const WEIERSTRASS int = 0

Curve types

Variables

View Source 
var CURVE_B = [...]Chunk{0x3FFFFFFFFFF6756, 0x3FFFFFFFFFFFFFF, 0x3FFFFFFFFFFFFFF, 0x3FBFFFFFFFFFFFF, 0x3FFFFFFFFFFFFFF, 0x3FFFFFFFFFFFFFF, 0x3FFFFFFFFFFFFFF, 0x3FFFFFFFFFF}
View Source 
var CURVE_Cof = [...]Chunk{0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}
View Source 
var CURVE_Gx = [...]Chunk{0x226A82BC70CC05E, 0x2E03862C024E389, 0x1AF72AB66511433, 0x928F4E91904AB8, 0x470F1767EA6DE3, 0xAFCDB6A785195C, 0x2D0DED221D15A62, 0x13C65C319AF}

var CURVE_Gx = [...]Chunk{0x155555555555555, 0x155555555555555, 0x155555555555555, 0x2A5555555555555, 0x2AAAAAAAAAAAAAA, 0x2AAAAAAAAAAAAAA, 0x2AAAAAAAAAAAAAA, 0x2AAAAAAAAAA} var CURVE_Gy = [...]Chunk{0x2EAFBCDEA9386ED, 0x32CAFB473681AF6, 0x25833A2A3098BBB, 0x1CA2B6312E03595, 0x35884DD7B7E36D, 0x21B0AC00DBB5E8, 0x17048DB359D6205, 0x2B817A58D2B}

View Source 
var CURVE_Gy = [...]Chunk{0x8795BF230FA14, 0x344CB13B5F22B66, 0x3F1CE67C39C4FDB, 0x7816830B5CEB4F, 0x36CA3984087789C, 0x1B271D892FA9CDC, 0x36BC24887620375, 0x1A4FD19C5BA}
View Source 
var CURVE_HTPC = [...]Chunk{0x3FFFFFFFFFFFFFE, 0x3FFFFFFFFFFFFFF, 0x3FFFFFFFFFFFFFF, 0x3FBFFFFFFFFFFFF, 0x3FFFFFFFFFFFFFF, 0x3FFFFFFFFFFFFFF, 0x3FFFFFFFFFFFFFF, 0x3FFFFFFFFFF}
View Source 
var CURVE_Order = [...]Chunk{0x378C292AB5844F3, 0x3309CA37163D548, 0x1B49AED63690216, 0x3FDF3288FA7113B, 0x3FFFFFFFFFFFFFF, 0x3FFFFFFFFFFFFFF, 0x3FFFFFFFFFFFFFF, 0xFFFFFFFFFF}
View Source 
var Modulus = [...]Chunk{0x3FFFFFFFFFFFFFF, 0x3FFFFFFFFFFFFFF, 0x3FFFFFFFFFFFFFF, 0x3FBFFFFFFFFFFFF, 0x3FFFFFFFFFFFFFF, 0x3FFFFFFFFFFFFFF, 0x3FFFFFFFFFFFFFF, 0x3FFFFFFFFFF}

Base Bits= 58

View Source 
var R2modp = [...]Chunk{0x200000000, 0x0, 0x0, 0x0, 0x3000000, 0x0, 0x0, 0x0}
View Source 
var ROI = [...]Chunk{0x3FFFFFFFFFFFFFE, 0x3FFFFFFFFFFFFFF, 0x3FFFFFFFFFFFFFF, 0x3FBFFFFFFFFFFFF, 0x3FFFFFFFFFFFFFF, 0x3FFFFFFFFFFFFFF, 0x3FFFFFFFFFFFFFF, 0x3FFFFFFFFFF}

Functions

func AuthDecap 

func AuthDecap(config_id int, skR []byte, pkE []byte, pkR []byte, pkS []byte) []byte

func AuthEncap 

func AuthEncap(config_id int, skE []byte, skS []byte, pkE []byte, pkR []byte, pkS []byte) []byte

func Comp 

func Comp(a *BIG, b *BIG) int

Compare a and b, return 0 if a==b, -1 if a<b, +1 if a>b. Inputs must be normalised

func Decap 

func Decap(config_id int, skR []byte, pkE []byte, pkR []byte) []byte

func DeriveKeyPair 

func DeriveKeyPair(config_id int, SK []byte, PK []byte, SEED []byte) bool

func ECDH_ECIES_DECRYPT 

func ECDH_ECIES_DECRYPT(sha int, P1 []byte, P2 []byte, V []byte, C []byte, T []byte, U []byte) []byte

IEEE1363 ECIES decryption. Decryption of ciphertext V,C,T using private key U outputs plaintext M

func ECDH_ECIES_ENCRYPT 

func ECDH_ECIES_ENCRYPT(sha int, P1 []byte, P2 []byte, RNG *core.RAND, W []byte, M []byte, V []byte, T []byte) []byte

IEEE1363 ECIES encryption. Encryption of plaintext M uses public key W and produces ciphertext V,C,T

func ECDH_ECPSP_DSA 

func ECDH_ECPSP_DSA(sha int, RNG *core.RAND, S []byte, F []byte, C []byte, D []byte) int

IEEE ECDSA Signature, C and D are signature on F using private key S

func ECDH_ECPSVDP_DH 

func ECDH_ECPSVDP_DH(S []byte, WD []byte, Z []byte, typ int) int
IEEE-1363 Diffie-Hellman online calculation Z=S.WD

type = 0 is just x coordinate output type = 1 for standard compressed output type = 2 for standard uncompress output 04|x|y

func ECDH_ECPVP_DSA 

func ECDH_ECPVP_DSA(sha int, W []byte, F []byte, C []byte, D []byte) int

IEEE1363 ECDSA Signature Verification. Signature C and D on F is verified using public key W

func ECDH_IN_RANGE 

func ECDH_IN_RANGE(S []byte) bool

return true if S is in ranger 0 < S < order , else return false

func ECDH_KEY_PAIR_GENERATE 

func ECDH_KEY_PAIR_GENERATE(RNG *core.RAND, S []byte, W []byte) int

Calculate a public/private EC GF(p) key pair W,S where W=S.G mod EC(p), * where S is the secret key and W is the public key * and G is fixed generator. * If RNG is NULL then the private key is provided externally in S * otherwise it is generated randomly internally

func ECDH_PUBLIC_KEY_VALIDATE 

func ECDH_PUBLIC_KEY_VALIDATE(W []byte) int

validate public key

func Encap 

func Encap(config_id int, skE []byte, pkE []byte, pkR []byte) []byte

func FP_tpo 

func FP_tpo(i *FP, s *FP) int

Two for the price of one - See Hamburg https://eprint.iacr.org/2012/309.pdf Calculate inverse of i and square root of s, return QR

func KEY_PAIR_GENERATE 

func KEY_PAIR_GENERATE(RNG *core.RAND, D []byte, Q []byte) int

Calculate a public/private EC GF(p) key pair. Q=D.G mod EC(p), * where D is the secret key and Q is the public key * and G is fixed generator. * RNG is a cryptographically strong RNG * If RNG==NULL, D is provided externally

func KeySchedule 

func KeySchedule(config_id int, mode int, Z []byte, info []byte, psk []byte, pskID []byte) ([]byte, []byte, []byte)

func RFC7748 

func RFC7748(r *BIG)

Transform a point multiplier to RFC7748 form

func SIGNATURE 

func SIGNATURE(ph bool, D []byte, ctx []byte, M []byte, SIG []byte) int

Generate a signature using key pair (D,Q) on message M Set ph=true if message has already been pre-hashed if ph=false, then context should be NULL for ed25519. However RFC8032 mode ed25519ctx is supported by supplying a non-NULL or non-empty context

func VERIFY 

func VERIFY(ph bool, Q []byte, ctx []byte, M []byte, SIG []byte) bool

Types

type BIG 

type BIG struct {
	// contains filtered or unexported fields
}

func BIG_frombytearray 

func BIG_frombytearray(b []byte, n int) *BIG

convert from byte array to BIG

func FromBytes 

func FromBytes(b []byte) *BIG

func Modadd 

func Modadd(a1, b1, m *BIG) *BIG

return a+b mod m

func Modmul 

func Modmul(a1, b1, m *BIG) *BIG

return a*b mod m

func Modneg 

func Modneg(a1, m *BIG) *BIG

return -a mod m

func Modsqr 

func Modsqr(a1, m *BIG) *BIG

return a^2 mod m

func NewBIG 

func NewBIG() *BIG

func NewBIGcopy 

func NewBIGcopy(x *BIG) *BIG

func NewBIGdcopy 

func NewBIGdcopy(x *DBIG) *BIG

func NewBIGint 

func NewBIGint(x int) *BIG

func NewBIGints 

func NewBIGints(x [NLEN]Chunk) *BIG

func Random 

func Random(rng *core.RAND) *BIG

get 8*MODBYTES size random number

func Randomnum 

func Randomnum(q *BIG, rng *core.RAND) *BIG

Create random BIG in portable way, one bit at a time

func Randtrunc 

func Randtrunc(q *BIG, trunc int, rng *core.RAND) *BIG

func (*BIG) Invmodp 

func (r *BIG) Invmodp(p *BIG)

this=1/this mod p. Binary method

func (*BIG) Jacobi 

func (r *BIG) Jacobi(p *BIG) int

Jacobi Symbol (this/p). Returns 0, 1 or -1

func (*BIG) Minus 

func (r *BIG) Minus(x *BIG) *BIG

return this-x

func (*BIG) Mod 

func (r *BIG) Mod(m *BIG)

reduce this mod m

func (*BIG) Nbits 

func (r *BIG) Nbits() int

func (*BIG) Plus 

func (r *BIG) Plus(x *BIG) *BIG

return this+x

func (*BIG) Powmod 

func (r *BIG) Powmod(e1 *BIG, m *BIG) *BIG

return this^e mod m

func (*BIG) ToBytes 

func (r *BIG) ToBytes(b []byte)

func (*BIG) ToString 

func (r *BIG) ToString() string

Convert to Hex String

type Chunk 

type Chunk int64
const BMASK Chunk = ((Chunk(1) << BASEBITS) - 1)
const HMASK Chunk = ((Chunk(1) << HBITS) - 1)
const MConst Chunk = 0x1
const OMASK Chunk = ((Chunk(-1)) << (MODBITS % BASEBITS))

Modulus Masks 

const TMASK Chunk = (Chunk(1) << TBITS) - 1

type DBIG 

type DBIG struct {
	// contains filtered or unexported fields
}

func DBIG_fromBytes 

func DBIG_fromBytes(b []byte) *DBIG

convert from byte array to BIG

func NewDBIG 

func NewDBIG() *DBIG

func NewDBIGcopy 

func NewDBIGcopy(x *DBIG) *DBIG

func NewDBIGscopy 

func NewDBIGscopy(x *BIG) *DBIG

func (*DBIG) Mod 

func (r *DBIG) Mod(m *BIG) *BIG

reduces this DBIG mod a BIG, and returns the BIG

type ECP 

type ECP struct {
	// contains filtered or unexported fields
}

func ECP_fromBytes 

func ECP_fromBytes(b []byte) *ECP

convert from byte array to point

func ECP_generator 

func ECP_generator() *ECP

func ECP_hap2point 

func ECP_hap2point(h *BIG) *ECP

Hunt and Peck a BIG to a curve point

func ECP_map2point 

func ECP_map2point(h *FP) *ECP

Constant time Map to Point

func ECP_mapit 

func ECP_mapit(h []byte) *ECP

func ECP_muln 

func ECP_muln(n int, X []*ECP, e []*BIG) *ECP

Generic multi-multiplication, fixed 4-bit window, P=Sigma e_i*X_i

func NewECP 

func NewECP() *ECP

Constructors

func NewECPbig 

func NewECPbig(ix *BIG) *ECP

set from x - calculate y from curve equation

func NewECPbigint 

func NewECPbigint(ix *BIG, s int) *ECP

set (x,y) from BIG and a bit

func NewECPbigs 

func NewECPbigs(ix *BIG, iy *BIG) *ECP

set (x,y) from two BIGs

func (*ECP) Add 

func (E *ECP) Add(Q *ECP)

this+=Q

func (*ECP) Affine 

func (E *ECP) Affine()

set to affine - from (x,y,z) to (x,y)

func (*ECP) Cfp 

func (E *ECP) Cfp()

func (*ECP) Copy 

func (E *ECP) Copy(P *ECP)

this=P

func (*ECP) Equals 

func (E *ECP) Equals(Q *ECP) bool

Test P == Q

func (*ECP) GetS 

func (E *ECP) GetS() int

get sign of Y

func (*ECP) GetX 

func (E *ECP) GetX() *BIG

extract x as a BIG

func (*ECP) GetY 

func (E *ECP) GetY() *BIG

extract y as a BIG

func (*ECP) Is_infinity 

func (E *ECP) Is_infinity() bool

test for O point-at-infinity

func (*ECP) Mul 

func (E *ECP) Mul(e *BIG) *ECP

Public version

func (*ECP) Mul2 

func (E *ECP) Mul2(e *BIG, Q *ECP, f *BIG) *ECP

func (*ECP) Neg 

func (E *ECP) Neg()

this=-this

func (*ECP) Sub 

func (E *ECP) Sub(Q *ECP)

this-=Q

func (*ECP) ToBytes 

func (E *ECP) ToBytes(b []byte, compress bool)

convert to byte array

func (*ECP) ToString 

func (E *ECP) ToString() string

convert to hex string

type FP 

type FP struct {
	XES int32
	// contains filtered or unexported fields
}

func FP_fromBytes 

func FP_fromBytes(b []byte) *FP

func NewFP 

func NewFP() *FP

func NewFPbig 

func NewFPbig(a *BIG) *FP

func NewFPcopy 

func NewFPcopy(a *FP) *FP

func NewFPint 

func NewFPint(a int) *FP

func NewFPrand 

func NewFPrand(rng *core.RAND) *FP

func RHS 

func RHS(x *FP) *FP

Calculate RHS of curve equation

func (*FP) Equals 

func (F *FP) Equals(a *FP) bool

return TRUE if this==a

func (*FP) ToBytes 

func (F *FP) ToBytes(b []byte)

func (*FP) ToString 

func (F *FP) ToString() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.