babyjub

package
Version: v0.0.9 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 7, 2021 License: GPL-3.0 Imports: 10 Imported by: 49

Documentation

Overview

Package babyjub eddsa implements the EdDSA over the BabyJubJub curve

Index

Constants

This section is empty.

Variables

A is one of the babyjub constants.

Aff is A value in *ff.Element representation

D is one of the babyjub constants.

Dff is D value in *ff.Element representation

View Source
var Order *big.Int

Order of the babyjub curve.

View Source
var SubOrder *big.Int

SubOrder is the order of the subgroup of the babyjub curve that contains the points that we use.

Functions

func Blake512

func Blake512(m []byte) []byte

Blake512 performs the blake-512 hash over the buffer m. Note that this is the original blake from the SHA3 competition and not the new blake2 version.

func PackSignY added in v0.0.6

func PackSignY(sign bool, y *big.Int) [32]byte

PackSignY packs the given sign and the coordinate Y of a point into a 32 byte array. This method does not check that the values belong to a valid Point in the curve.

func PointCoordSign

func PointCoordSign(c *big.Int) bool

PointCoordSign returns the sign of the curve point coordinate. It returns false if the sign is positive and false if the sign is negative.

func SkToBigInt added in v0.0.5

func SkToBigInt(k *PrivateKey) *big.Int

SkToBigInt converts a private key into the *big.Int value following the EdDSA standard, and using blake-512 hash

func UnpackSignY added in v0.0.6

func UnpackSignY(leBuf [32]byte) (bool, *big.Int)

UnpackSignY returns the sign and coordinate Y from a given compressed point. This method does not check that the Point belongs to the BabyJubJub curve, thus does not return error in such case. This method is intended to obtain the sign and the Y coordinate without checking if the point belongs to the curve, if the objective is to uncompress a point, Decompress method should be used instead.

Types

type Point

type Point struct {
	X *big.Int
	Y *big.Int
}

Point represents a point of the babyjub curve.

var B8 *Point

B8 is a base point of the babyjub multiplied by 8 to make it a base point of the subgroup in the curve.

func NewPoint

func NewPoint() *Point

NewPoint creates a new Point.

func PointFromSignAndY added in v0.0.6

func PointFromSignAndY(sign bool, y *big.Int) (*Point, error)

PointFromSignAndY returns a Point from a Sign and the Y coordinate

func (*Point) Compress

func (p *Point) Compress() [32]byte

Compress the point into a 32 byte array that contains the y coordinate in little endian and the sign of the x coordinate.

func (*Point) Decompress

func (p *Point) Decompress(leBuf [32]byte) (*Point, error)

Decompress a compressed Point into p, and also returns the decompressed Point. Returns error if the compressed Point is invalid.

func (*Point) InCurve

func (p *Point) InCurve() bool

InCurve returns true when the Point p is in the babyjub curve.

func (*Point) InSubGroup

func (p *Point) InSubGroup() bool

InSubGroup returns true when the Point p is in the subgroup of the babyjub curve.

func (*Point) Mul

func (p *Point) Mul(s *big.Int, q *Point) *Point

Mul multiplies the Point q by the scalar s and stores the result in p, which is also returned.

func (*Point) Projective added in v0.0.6

func (p *Point) Projective() *PointProjective

Projective returns a PointProjective from the Point

func (*Point) Set

func (p *Point) Set(c *Point) *Point

Set copies a Point c into the Point p

type PointProjective added in v0.0.6

type PointProjective struct {
	X *ff.Element
	Y *ff.Element
	Z *ff.Element
}

PointProjective is the Point representation in projective coordinates

func NewPointProjective added in v0.0.6

func NewPointProjective() *PointProjective

NewPointProjective creates a new Point in projective coordinates.

func (*PointProjective) Add added in v0.0.6

Add computes the addition of two points in projective coordinates representation

func (*PointProjective) Affine added in v0.0.6

func (p *PointProjective) Affine() *Point

Affine returns the Point from the projective representation

type PrivKeyScalar

type PrivKeyScalar big.Int

PrivKeyScalar represents the scalar s output of a private key

func NewPrivKeyScalar

func NewPrivKeyScalar(s *big.Int) *PrivKeyScalar

NewPrivKeyScalar creates a new PrivKeyScalar from a big.Int

func (*PrivKeyScalar) BigInt

func (s *PrivKeyScalar) BigInt() *big.Int

BigInt returns the big.Int corresponding to a PrivKeyScalar.

func (*PrivKeyScalar) Public

func (s *PrivKeyScalar) Public() *PublicKey

Public returns the public key corresponding to the scalar value s of a private key.

type PrivateKey

type PrivateKey [32]byte

PrivateKey is an EdDSA private key, which is a 32byte buffer.

func NewRandPrivKey

func NewRandPrivKey() PrivateKey

NewRandPrivKey generates a new random private key (using cryptographically secure randomness).

func (*PrivateKey) Public

func (k *PrivateKey) Public() *PublicKey

Public returns the public key corresponding to a private key.

func (*PrivateKey) Scalar

func (k *PrivateKey) Scalar() *PrivKeyScalar

Scalar converts a private key into the scalar value s following the EdDSA standard, and using blake-512 hash.

func (*PrivateKey) SignMimc7

func (k *PrivateKey) SignMimc7(msg *big.Int) *Signature

SignMimc7 signs a message encoded as a big.Int in Zq using blake-512 hash for buffer hashing and mimc7 for big.Int hashing.

func (*PrivateKey) SignPoseidon added in v0.0.2

func (k *PrivateKey) SignPoseidon(msg *big.Int) *Signature

SignPoseidon signs a message encoded as a big.Int in Zq using blake-512 hash for buffer hashing and Poseidon for big.Int hashing.

type PublicKey

type PublicKey Point

PublicKey represents an EdDSA public key, which is a curve point.

func (*PublicKey) Compress

func (pk *PublicKey) Compress() PublicKeyComp

Compress returns the PublicKeyCompr for the given PublicKey

func (PublicKey) MarshalText

func (pk PublicKey) MarshalText() ([]byte, error)

MarshalText implements the marshaler for PublicKey

func (*PublicKey) Point

func (pk *PublicKey) Point() *Point

Point returns the Point corresponding to a PublicKey.

func (*PublicKey) Scan added in v0.0.6

func (pk *PublicKey) Scan(src interface{}) error

Scan implements Scanner for database/sql.

func (PublicKey) String

func (pk PublicKey) String() string

String returns the string representation of the PublicKey

func (*PublicKey) UnmarshalText

func (pk *PublicKey) UnmarshalText(h []byte) error

UnmarshalText implements the unmarshaler for the PublicKey

func (PublicKey) Value added in v0.0.6

func (pk PublicKey) Value() (driver.Value, error)

Value implements valuer for database/sql.

func (*PublicKey) VerifyMimc7

func (pk *PublicKey) VerifyMimc7(msg *big.Int, sig *Signature) bool

VerifyMimc7 verifies the signature of a message encoded as a big.Int in Zq using blake-512 hash for buffer hashing and mimc7 for big.Int hashing.

func (*PublicKey) VerifyPoseidon added in v0.0.2

func (pk *PublicKey) VerifyPoseidon(msg *big.Int, sig *Signature) bool

VerifyPoseidon verifies the signature of a message encoded as a big.Int in Zq using blake-512 hash for buffer hashing and Poseidon for big.Int hashing.

type PublicKeyComp

type PublicKeyComp [32]byte

PublicKeyComp represents a compressed EdDSA Public key; it's a compressed curve point.

func (*PublicKeyComp) Decompress

func (pkComp *PublicKeyComp) Decompress() (*PublicKey, error)

Decompress returns the PublicKey for the given PublicKeyComp

func (PublicKeyComp) MarshalText

func (pkComp PublicKeyComp) MarshalText() ([]byte, error)

MarshalText implements the marshaler for the PublicKeyComp

func (*PublicKeyComp) Scan added in v0.0.6

func (pkComp *PublicKeyComp) Scan(src interface{}) error

Scan implements Scanner for database/sql.

func (PublicKeyComp) String

func (pkComp PublicKeyComp) String() string

String returns the string representation of the PublicKeyComp

func (*PublicKeyComp) UnmarshalText

func (pkComp *PublicKeyComp) UnmarshalText(h []byte) error

UnmarshalText implements the unmarshaler for the PublicKeyComp

func (PublicKeyComp) Value added in v0.0.6

func (pkComp PublicKeyComp) Value() (driver.Value, error)

Value implements valuer for database/sql.

type Signature

type Signature struct {
	R8 *Point
	S  *big.Int
}

Signature represents an EdDSA uncompressed signature.

func (*Signature) Compress

func (s *Signature) Compress() SignatureComp

Compress an EdDSA signature by concatenating the compression of the point R8 and the Little-Endian encoding of S.

func (*Signature) Decompress

func (s *Signature) Decompress(buf [64]byte) (*Signature, error)

Decompress a compressed signature into s, and also returns the decompressed signature. Returns error if the Point decompression fails.

func (*Signature) Scan added in v0.0.6

func (s *Signature) Scan(src interface{}) error

Scan implements Scanner for database/sql.

func (Signature) Value added in v0.0.6

func (s Signature) Value() (driver.Value, error)

Value implements valuer for database/sql.

type SignatureComp

type SignatureComp [64]byte

SignatureComp represents a compressed EdDSA signature.

func (*SignatureComp) Decompress

func (sComp *SignatureComp) Decompress() (*Signature, error)

Decompress a compressed signature. Returns error if the Point decompression fails.

func (SignatureComp) MarshalText

func (sComp SignatureComp) MarshalText() ([]byte, error)

MarshalText implements the marshaler for the SignatureComp

func (*SignatureComp) Scan added in v0.0.6

func (sComp *SignatureComp) Scan(src interface{}) error

Scan implements Scanner for database/sql.

func (SignatureComp) String

func (sComp SignatureComp) String() string

String returns the string representation of the SignatureComp

func (*SignatureComp) UnmarshalText

func (sComp *SignatureComp) UnmarshalText(h []byte) error

UnmarshalText implements the unmarshaler for the SignatureComp

func (SignatureComp) Value added in v0.0.6

func (sComp SignatureComp) Value() (driver.Value, error)

Value implements valuer for database/sql.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
t or T : Toggle theme light dark auto
y or Y : Canonical URL