README

ristretto255

GoDoc

Package ristretto255 implements draft-hdevalence-cfrg-ristretto-01.

Expand ▾ Collapse ▴

Documentation

Overview

    Package ristretto255 implements the group of prime order

    2**252 + 27742317777372353535851937790883648493
    

    as specified in draft-hdevalence-cfrg-ristretto-01.

    All operations are constant time unless otherwise specified.

    Index

    Constants

    This section is empty.

    Variables

    This section is empty.

    Functions

    This section is empty.

    Types

    type Element

    type Element struct {
    	// contains filtered or unexported fields
    }

      Element is an element of the ristretto255 prime-order group.

      func NewElement

      func NewElement() *Element

        NewElement returns a new Element set to the identity value.

        func (*Element) Add

        func (e *Element) Add(p, q *Element) *Element

          Add sets e = p + q, and returns e.

          func (*Element) Base

          func (e *Element) Base() *Element

            Base sets e to the canonical generator specified in draft-hdevalence-cfrg-ristretto-01, Section 3, and returns e.

            func (*Element) Decode

            func (e *Element) Decode(in []byte) error

              Decode sets e to the decoded value of in. If in is not a 32 byte canonical encoding, Decode returns an error, and the receiver is unchanged.

              func (*Element) Encode

              func (e *Element) Encode(b []byte) []byte

                Encode appends the 32 bytes canonical encoding of e to b and returns the result.

                func (*Element) Equal

                func (e *Element) Equal(ee *Element) int

                  Equal returns 1 if e is equivalent to ee, and 0 otherwise.

                  Note that Elements must not be compared in any other way.

                  func (*Element) FromUniformBytes

                  func (e *Element) FromUniformBytes(b []byte) *Element

                    FromUniformBytes maps the 64-byte slice b to e uniformly and deterministically, and returns e. This can be used for hash-to-group operations or to obtain a random element.

                    func (*Element) MarshalText

                    func (e *Element) MarshalText() (text []byte, err error)

                      MarshalText implements encoding/TextMarshaler interface

                      func (*Element) MultiScalarMult

                      func (e *Element) MultiScalarMult(s []*Scalar, p []*Element) *Element

                        MultiScalarMult sets e = sum(s[i] * p[i]), and returns e.

                        Execution time depends only on the lengths of the two slices, which must match.

                        func (*Element) Negate

                        func (e *Element) Negate(p *Element) *Element

                          Negate sets e = -p, and returns e.

                          func (*Element) ScalarBaseMult

                          func (e *Element) ScalarBaseMult(s *Scalar) *Element

                            ScalarBaseMult sets e = s * B, where B is the canonical generator, and returns e.

                            func (*Element) ScalarMult

                            func (e *Element) ScalarMult(s *Scalar, p *Element) *Element

                              ScalarMult sets e = s * p, and returns e.

                              func (*Element) String

                              func (e *Element) String() string

                                String implements the Stringer interface

                                func (*Element) Subtract

                                func (e *Element) Subtract(p, q *Element) *Element

                                  Subtract sets e = p - q, and returns e.

                                  func (*Element) UnmarshalText

                                  func (e *Element) UnmarshalText(text []byte) error

                                    UnmarshalText implements encoding/TextMarshaler interface

                                    func (*Element) VarTimeDoubleScalarBaseMult

                                    func (e *Element) VarTimeDoubleScalarBaseMult(a *Scalar, A *Element, b *Scalar) *Element

                                      VarTimeDoubleScalarBaseMult sets e = a * A + b * B, where B is the canonical generator, and returns e.

                                      Execution time depends on the inputs.

                                      func (*Element) VarTimeMultiScalarMult

                                      func (e *Element) VarTimeMultiScalarMult(s []*Scalar, p []*Element) *Element

                                        VarTimeMultiScalarMult sets e = sum(s[i] * p[i]), and returns e.

                                        Execution time depends on the inputs.

                                        func (*Element) Zero

                                        func (e *Element) Zero() *Element

                                          Zero sets e to the identity element of the group, and returns e.

                                          type Scalar

                                          type Scalar struct {
                                          	// contains filtered or unexported fields
                                          }

                                            A Scalar is an element of the ristretto255 scalar field, as specified in draft-hdevalence-cfrg-ristretto-01, Section 3.4. That is, an integer modulo

                                            l = 2^252 + 27742317777372353535851937790883648493
                                            

                                            func NewScalar

                                            func NewScalar() *Scalar

                                              NewScalar returns a Scalar set to the value 0.

                                              func (*Scalar) Add

                                              func (s *Scalar) Add(x, y *Scalar) *Scalar

                                                Add sets s = x + y mod l and returns s.

                                                func (*Scalar) Decode

                                                func (s *Scalar) Decode(x []byte) error

                                                  Decode sets s = x, where x is a 32 bytes little-endian encoding of s. If x is not a canonical encoding of s, Decode returns an error and the receiver is unchanged.

                                                  func (*Scalar) Encode

                                                  func (s *Scalar) Encode(b []byte) []byte

                                                    Encode appends a 32 bytes little-endian encoding of s to b.

                                                    func (*Scalar) Equal

                                                    func (s *Scalar) Equal(u *Scalar) int

                                                      Equal returns 1 if v and u are equal, and 0 otherwise.

                                                      func (*Scalar) FromUniformBytes

                                                      func (s *Scalar) FromUniformBytes(x []byte) *Scalar

                                                        FromUniformBytes sets s to an uniformly distributed value given 64 uniformly distributed random bytes.

                                                        func (*Scalar) Invert

                                                        func (s *Scalar) Invert(x *Scalar) *Scalar

                                                          Invert sets s = 1 / x such that s * x = 1 mod l and returns s.

                                                          If x is 0, the result is undefined.

                                                          func (*Scalar) MarshalText

                                                          func (s *Scalar) MarshalText() (text []byte, err error)

                                                            MarshalText implements encoding/TextMarshaler interface

                                                            func (*Scalar) Multiply

                                                            func (s *Scalar) Multiply(x, y *Scalar) *Scalar

                                                              Multiply sets s = x * y mod l and returns s.

                                                              func (*Scalar) Negate

                                                              func (s *Scalar) Negate(x *Scalar) *Scalar

                                                                Negate sets s = -x mod l and returns s.

                                                                func (*Scalar) String

                                                                func (s *Scalar) String() string

                                                                  String implements the Stringer interface

                                                                  func (*Scalar) Subtract

                                                                  func (s *Scalar) Subtract(x, y *Scalar) *Scalar

                                                                    Subtract sets s = x - y mod l and returns s.

                                                                    func (*Scalar) UnmarshalText

                                                                    func (s *Scalar) UnmarshalText(text []byte) error

                                                                      UnmarshalText implements encoding/TextMarshaler interface

                                                                      func (*Scalar) Zero

                                                                      func (s *Scalar) Zero() *Scalar

                                                                        Zero sets s = 0 and returns s.

                                                                        Directories

                                                                        Path Synopsis
                                                                        internal
                                                                        edwards25519
                                                                        Package edwards25519 implements group logic for the twisted Edwards curve -x^2 + y^2 = 1 + -(121665/121666)*x^2*y^2 This is better known as the Edwards curve equivalent to curve25519, and is the curve used by the Ed25519 signature scheme.
                                                                        Package edwards25519 implements group logic for the twisted Edwards curve -x^2 + y^2 = 1 + -(121665/121666)*x^2*y^2 This is better known as the Edwards curve equivalent to curve25519, and is the curve used by the Ed25519 signature scheme.
                                                                        radix51
                                                                        GF(2^255-19) field arithmetic in radix 2^51 representation.
                                                                        GF(2^255-19) field arithmetic in radix 2^51 representation.
                                                                        scalar
                                                                        Package scalar implements the ristretto255 scalar group.
                                                                        Package scalar implements the ristretto255 scalar group.