group

package
Version: v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 13, 2021 License: MIT Imports: 8 Imported by: 1

README

Prime-order Elliptic Curve Groups

Package group exposes operations over prime-order elliptic curve groups and their scalars and elements, and implements the latest hash-to-curve specification to date (https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-11).

The following table indexes supported groups with hash-to-curve capability and links each one to the underlying implementations:

ID Name Production ready Implementation
1 Ristretto255 n/a github.com/gtank/ristretto255
2 Decaf448 n/a n/a
3 P-256 n/a github.com/armfazh/h2c-go-ref
4 P-384 n/a github.com/armfazh/h2c-go-ref
5 P-521 n/a github.com/armfazh/h2c-go-ref
6 Curve25519 n/a filippo.io/edwards25519
7 Edwards25519 n/a filippo.io/edwards25519
8 Curve448 n/a github.com/armfazh/h2c-go-ref
9 Edwards448 n/a github.com/armfazh/h2c-go-ref
10 Secp256k1 n/a github.com/armfazh/h2c-go-ref

Documentation

Overview

Package group exposes a prime-order elliptic curve groups with additional hash-to-curve operations.

It implements the latest hash-to-curve specification to date (https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-11).

Package group exposes a prime-order elliptic curve groups with additional hash-to-curve operations.

Package group exposes a prime-order elliptic curve groups with additional hash-to-curve operations.

Package group exposes a prime-order elliptic curve groups with additional hash-to-curve operations.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Group

type Group byte

Group defines registered groups for use in the implementation.

const (
	// Ristretto255Sha512 identifies the Ristretto255 group with SHA2-512 hash-to-group hashing.
	Ristretto255Sha512 Group = 1 + iota

	// P256Sha256 identifies a group over P256 with SHA2-512 hash-to-group hashing.
	P256Sha256

	// P384Sha512 identifies a group over P384 with SHA2-512 hash-to-group hashing.
	P384Sha512

	// P521Sha512 identifies a group over P521 with SHA2-512 hash-to-group hashing.
	P521Sha512

	// Curve25519Sha512 identifies a group over Curve25519 with SHA2-512 hash-to-group hashing.
	Curve25519Sha512

	// Edwards25519Sha512 identifies a group over Edwards25519 with SHA2-512 hash-to-group hashing.
	Edwards25519Sha512

	// Curve448Sha512 identifies a group over Curve448 with SHA2-512 hash-to-group hashing.
	Curve448Sha512

	// Edwards448Sha512 identifies a group over Edwards448 with SHA2-512 hash-to-group hashing.
	Edwards448Sha512

	// Secp256k1Sha256 identifies a group over Secp256k1 with SHA2-512 hash-to-group hashing.
	Secp256k1Sha256
)

func (Group) Available

func (i Group) Available() bool

Available reports whether the given Group is linked into the binary.

func (Group) Base

func (i Group) Base() *Point

Base returns the group's base point a.k.a. canonical generator.

func (Group) ElementLength

func (i Group) ElementLength() int

ElementLength returns the byte size of an encoded element.

func (Group) HashToGroup

func (i Group) HashToGroup(input, dst []byte) *Point

HashToGroup allows arbitrary input to be safely mapped to the curve of the Group.

func (Group) HashToScalar

func (i Group) HashToScalar(input, dst []byte) *Scalar

HashToScalar allows arbitrary input to be safely mapped to the field.

func (Group) Identity

func (i Group) Identity() *Point

Identity returns the group's identity element.

func (Group) MakeDST

func (i Group) MakeDST(app, version string) ([]byte, error)

MakeDST builds a domain separation tag in the form of <app>-V<version>-CS<id>-<hash-to-curve-ID>, or returns an error.

func (Group) MultBytes

func (i Group) MultBytes(scalar, element []byte) (*Point, error)

MultBytes allows []byte encodings of a scalar and an element of the Group to be multiplied.

func (Group) NewElement

func (i Group) NewElement() *Point

NewElement returns a new, empty, element.

func (Group) NewScalar

func (i Group) NewScalar() *Scalar

NewScalar returns a new, empty, scalar.

func (Group) String

func (i Group) String() string

String returns the hash-to-curve string identifier of the ciphersuite.

type Point

type Point struct {
	internal.Point
}

Point represents a point on the curve of the prime-order group.

func (*Point) Add

func (p *Point) Add(point *Point) *Point

Add returns the sum of the Points, and does not change the receiver.

func (*Point) Bytes

func (p *Point) Bytes() []byte

Bytes returns the compressed byte encoding of the point.

func (*Point) Copy

func (p *Point) Copy() *Point

Copy returns a copy of the point.

func (*Point) Decode

func (p *Point) Decode(in []byte) (*Point, error)

Decode decodes the input an sets the current point to its value, and returns it.

func (*Point) InvertMult

func (p *Point) InvertMult(scalar *Scalar) *Point

InvertMult returns the scalar multiplication of the receiver point with the inverse of the given scalar.

func (*Point) IsIdentity

func (p *Point) IsIdentity() bool

IsIdentity returns whether the point is the Group's identity point.

func (*Point) Mult

func (p *Point) Mult(scalar *Scalar) *Point

Mult returns the scalar multiplication of the receiver point with the given scalar.

func (*Point) Sub

func (p *Point) Sub(point *Point) *Point

Sub returns the difference between the Points, and does not change the receiver.

type Scalar

type Scalar struct {
	internal.Scalar
}

Scalar represents a scalar in the prime-order group.

func (*Scalar) Add

func (s *Scalar) Add(scalar *Scalar) *Scalar

Add returns the sum of the scalars, and does not change the receiver.

func (*Scalar) Bytes

func (s *Scalar) Bytes() []byte

Bytes returns the byte encoding of the element.

func (*Scalar) Copy

func (s *Scalar) Copy() *Scalar

Copy returns a copy of the Scalar.

func (*Scalar) Decode

func (s *Scalar) Decode(in []byte) (*Scalar, error)

Decode decodes the input an sets the current scalar to its value, and returns it.

func (*Scalar) Invert

func (s *Scalar) Invert() *Scalar

Invert returns the scalar's modular inverse ( 1 / scalar ), and does not change the receiver.

func (*Scalar) Mult

func (s *Scalar) Mult(scalar *Scalar) *Scalar

Mult returns the multiplication of the scalars, and does not change the receiver.

func (*Scalar) Random

func (s *Scalar) Random() *Scalar

Random sets the current scalar to a new random scalar and returns it.

func (*Scalar) Sub

func (s *Scalar) Sub(scalar *Scalar) *Scalar

Sub returns the difference between the scalars, and does not change the receiver.

Directories

Path Synopsis
Package curve25519 implements a prime-order group over Curve25519 with hash-to-curve.
Package curve25519 implements a prime-order group over Curve25519 with hash-to-curve.
Package edwards25519 wraps filippo.io/edwards25519 and exposes a simple prime-order group API with hash-to-curve.
Package edwards25519 wraps filippo.io/edwards25519 and exposes a simple prime-order group API with hash-to-curve.
Package hash2curve provides hash-to-curve compatible hashing over arbitrary input.
Package hash2curve provides hash-to-curve compatible hashing over arbitrary input.
Package other wraps an hash-to-curve implementation and exposes functions for operations on points and scalars.
Package other wraps an hash-to-curve implementation and exposes functions for operations on points and scalars.
Package ristretto allows simple and abstracted operations in the Ristretto255 group Package ristretto wraps "github.com/gtank/ristretto255" and exposes a simple prime-order group API with hash-to-curve.
Package ristretto allows simple and abstracted operations in the Ristretto255 group Package ristretto wraps "github.com/gtank/ristretto255" and exposes a simple prime-order group API with hash-to-curve.
Package internal defines simple and abstract APIs to group Elements and Scalars.
Package internal defines simple and abstract APIs to group Elements and Scalars.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
t or T : Toggle theme light dark auto
y or Y : Canonical URL