bigmod

package module

v0.0.3 Latest Latest Go to latest Published: Dec 12, 2023 License: BSD-3-Clause Imports: 5 Imported by: 5

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/FiloSottile/bigmod

Links

Open Source Insights

Documentation ¶

Rendered for

Overview ¶

Package bigmod implements constant-time big integer arithmetic modulo large odd moduli. Unlike math/big, this package is suitable for implementing security-sensitive cryptographic operations. It is a re-exported version the standard library package crypto/internal/bigmod used to implement crypto/rsa amongst others.

The API is NOT stable. In particular, its safety is suboptimal, as the caller is responsible for ensuring that Nats are reduced modulo the Modulus they are used with.

Index ¶

type Modulus
- func NewModulusFromBig(n *big.Int) (*Modulus, error)
type Nat
- func NewNat() *Nat

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Modulus ¶

type Modulus struct {
	// contains filtered or unexported fields
}

Modulus is used for modular arithmetic, precomputing relevant constants.

Moduli are assumed to be odd numbers. Moduli can also leak the exact number of bits needed to store their value, and are stored without padding.

Their actual value is still kept secret.

func NewModulusFromBig ¶

func NewModulusFromBig(n *big.Int) (*Modulus, error)

NewModulusFromBig creates a new Modulus from a big.Int.

The Int must be odd. The number of significant bits (and nothing else) is leaked through timing side-channels.

func (*Modulus) BitLen ¶

func (m *Modulus) BitLen() int

BitLen returns the size of m in bits.

func (*Modulus) Nat ¶

func (m *Modulus) Nat() *Nat

Nat returns m as a Nat. The return value must not be written to.

func (*Modulus) Size ¶

func (m *Modulus) Size() int

Size returns the size of m in bytes.

type Nat ¶

type Nat struct {
	// contains filtered or unexported fields
}

Nat represents an arbitrary natural number

Each Nat has an announced length, which is the number of limbs it has stored. Operations on this number are allowed to leak this length, but will not leak any information about the values contained in those limbs.

func NewNat ¶

func NewNat() *Nat

NewNat returns a new nat with a size of zero, just like new(Nat), but with the preallocated capacity to hold a number of up to 2048 bits. NewNat inlines, so the allocation can live on the stack.

func (*Nat) Add ¶

func (x *Nat) Add(y *Nat, m *Modulus) *Nat

Add computes x = x + y mod m.

The length of both operands must be the same as the modulus. Both operands must already be reduced modulo m.

func (*Nat) Bytes ¶

func (x *Nat) Bytes(m *Modulus) []byte

Bytes returns x as a zero-extended big-endian byte slice. The size of the slice will match the size of m.

x must have the same size as m and it must be reduced modulo m.

func (*Nat) Equal ¶

func (x *Nat) Equal(y *Nat) uint

Equal returns 1 if x == y, and 0 otherwise.

Both operands must have the same announced length.

func (*Nat) Exp ¶

func (x *Nat) Exp(y *Nat, e []byte, m *Modulus) *Nat

Exp calculates x = y^e mod m.

The exponent e is represented in big-endian order. The output will be resized to the size of m and overwritten. y must already be reduced modulo m.

func (*Nat) ExpShort ¶ added in v0.0.2

func (out *Nat) ExpShort(x *Nat, e uint, m *Modulus) *Nat

ExpShort calculates out = x^e mod m.

The output will be resized to the size of m and overwritten. x must already be reduced modulo m. This leaks the exact bit size of the exponent.

func (*Nat) ExpandFor ¶

func (x *Nat) ExpandFor(m *Modulus) *Nat

ExpandFor ensures x has the right size to work with operations modulo m.

The announced size of x must be smaller than or equal to that of m.

func (*Nat) IsZero ¶

func (x *Nat) IsZero() uint

IsZero returns 1 if x == 0, and 0 otherwise.

func (*Nat) Mod ¶

func (x *Nat) Mod(y *Nat, m *Modulus) *Nat

Mod calculates out = y mod m.

This works regardless how large the value of y is.

The output will be resized to the size of m and overwritten.

func (*Nat) Mul ¶

func (x *Nat) Mul(y *Nat, m *Modulus) *Nat

Mul calculates x = x * y mod m.

The length of both operands must be the same as the modulus. Both operands must already be reduced modulo m.

func (*Nat) SetBytes ¶

func (x *Nat) SetBytes(b []byte, m *Modulus) (*Nat, error)

SetBytes assigns x = b, where b is a slice of big-endian bytes. SetBytes returns an error if b >= m.

The output will be resized to the size of m and overwritten.

func (*Nat) SetOverflowingBytes ¶

func (x *Nat) SetOverflowingBytes(b []byte, m *Modulus) (*Nat, error)

SetOverflowingBytes assigns x = b, where b is a slice of big-endian bytes. SetOverflowingBytes returns an error if b has a longer bit length than m, but reduces overflowing values up to 2^⌈log2(m)⌉ - 1.

The output will be resized to the size of m and overwritten.

func (*Nat) Sub ¶

func (x *Nat) Sub(y *Nat, m *Modulus) *Nat

Sub computes x = x - y mod m.

The length of both operands must be the same as the modulus. Both operands must already be reduced modulo m.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL