noise: github.com/perlin-network/noise/internal/edwards25519 Index | Files

package edwards25519

import "github.com/perlin-network/noise/internal/edwards25519"

Package ed25519 implements the Ed25519 signature algorithm. See https://ed25519.cr.yp.to/.

These functions are also compatible with the “Ed25519” function defined in https://tools.ietf.org/html/draft-irtf-cfrg-eddsa-05.

Index

Package Files

const_amd64.go fe_amd64.go field.go group.go mod.go scalar.go

Constants

const (
    // PublicKeySize is the size, in bytes, of public keys as used in this package.
    PublicKeySize = 32
    // PrivateKeySize is the size, in bytes, of private keys as used in this package.
    PrivateKeySize = 64
    // SignatureSize is the size, in bytes, of signatures generated and verified by this package.
    SignatureSize = 64
)

Variables

var A = FieldElement{
    486662, 0, 0, 0, 0,
}
var SqrtM1 = FieldElement{
    1718705420411056, 234908883556509, 2233514472574048, 2117202627021982, 765476049583133,
}

func FeAdd Uses

func FeAdd(out, a, b *FieldElement)

FeAdd sets out = a + b. Long sequences of additions without reduction that let coefficients grow larger than 54 bits would be a problem. Paper cautions: "do not have such sequences of additions".

func FeCMove Uses

func FeCMove(f, g *FieldElement, b int32)

Replace (f,g) with (g,g) if b == 1; replace (f,g) with (f,g) if b == 0.

Preconditions: b in {0,1}.

func FeCopy Uses

func FeCopy(dst, src *FieldElement)

func FeFromBytes Uses

func FeFromBytes(v *FieldElement, x *[32]byte)

func FeInvert Uses

func FeInvert(out, z *FieldElement)

func FeIsNegative Uses

func FeIsNegative(f *FieldElement) byte

func FeIsNonZero Uses

func FeIsNonZero(f *FieldElement) int32

func FeMul Uses

func FeMul(out, a, b *FieldElement)

go:noescape FeMul calculates out = a * b.

func FeNeg Uses

func FeNeg(out, a *FieldElement)

FeNeg sets out = -a

func FeOne Uses

func FeOne(fe *FieldElement)

func FeSquare Uses

func FeSquare(out, a *FieldElement)

go:noescape FeSquare calculates out = a * a.

func FeSquare2 Uses

func FeSquare2(out, a *FieldElement)

FeSquare2 calculates out = 2 * a * a.

func FeSub Uses

func FeSub(out, a, b *FieldElement)

FeSub sets out = a - b

func FeToBytes Uses

func FeToBytes(r *[32]byte, v *FieldElement)

func FeZero Uses

func FeZero(fe *FieldElement)

func GeDoubleScalarMultVartime Uses

func GeDoubleScalarMultVartime(r *ProjectiveGroupElement, a *[32]byte, A *ExtendedGroupElement, b *[32]byte)

GeDoubleScalarMultVartime sets r = a*A + b*B where a = a[0]+256*a[1]+...+256^31 a[31]. and b = b[0]+256*b[1]+...+256^31 b[31]. B is the Ed25519 base point (x,4/5) with x positive.

func GeScalarMult Uses

func GeScalarMult(h *ExtendedGroupElement, a *[32]byte, A *ExtendedGroupElement)

func GeScalarMultBase Uses

func GeScalarMultBase(h *ExtendedGroupElement, a *[32]byte)

GeScalarMultBase computes h = a*B, where

a = a[0]+256*a[1]+...+256^31 a[31]
B is the Ed25519 base point (x,4/5) with x positive.

Preconditions:

a[31] <= 127

func GenerateKey Uses

func GenerateKey(rand io.Reader) (publicKey PublicKey, privateKey PrivateKey, err error)

GenerateKey generates a public/private key pair using entropy from rand. If rand is nil, crypto/rand.Reader will be used.

func PreComputedGroupElementCMove Uses

func PreComputedGroupElementCMove(t, u *PreComputedGroupElement, b int32)

func ScMulAdd Uses

func ScMulAdd(s, a, b, c *[32]byte)

Input:

a[0]+256*a[1]+...+256^31*a[31] = a
b[0]+256*b[1]+...+256^31*b[31] = b
c[0]+256*c[1]+...+256^31*c[31] = c

Output:

s[0]+256*s[1]+...+256^31*s[31] = (ab+c) mod l
where l = 2^252 + 27742317777372353535851937790883648493.

func ScReduce Uses

func ScReduce(out *[32]byte, s *[64]byte)

Input:

s[0]+256*s[1]+...+256^63*s[63] = s

Output:

s[0]+256*s[1]+...+256^31*s[31] = s mod l
where l = 2^252 + 27742317777372353535851937790883648493.

func Sign Uses

func Sign(privateKey PrivateKey, message []byte) []byte

Sign signs the message with privateKey and returns a signature. It will panic if len(privateKey) is not PrivateKeySize.

func Verify Uses

func Verify(publicKey PublicKey, message, sig []byte) bool

Verify reports whether sig is a valid signature of message by publicKey. It will panic if len(publicKey) is not PublicKeySize.

type CachedGroupElement Uses

type CachedGroupElement struct {
    Z, T2d FieldElement
    // contains filtered or unexported fields
}

type CompletedGroupElement Uses

type CompletedGroupElement struct {
    X, Y, Z, T FieldElement
}

func (*CompletedGroupElement) ToExtended Uses

func (p *CompletedGroupElement) ToExtended(r *ExtendedGroupElement)

func (*CompletedGroupElement) ToProjective Uses

func (p *CompletedGroupElement) ToProjective(r *ProjectiveGroupElement)

type ExtendedGroupElement Uses

type ExtendedGroupElement struct {
    X, Y, Z, T FieldElement
}

func (*ExtendedGroupElement) Double Uses

func (p *ExtendedGroupElement) Double(r *CompletedGroupElement)

func (*ExtendedGroupElement) FromBytes Uses

func (p *ExtendedGroupElement) FromBytes(s *[32]byte) bool

func (*ExtendedGroupElement) ToBytes Uses

func (p *ExtendedGroupElement) ToBytes(s *[32]byte)

func (*ExtendedGroupElement) ToCached Uses

func (p *ExtendedGroupElement) ToCached(r *CachedGroupElement)

func (*ExtendedGroupElement) ToProjective Uses

func (p *ExtendedGroupElement) ToProjective(r *ProjectiveGroupElement)

func (*ExtendedGroupElement) Zero Uses

func (p *ExtendedGroupElement) Zero()

type FieldElement Uses

type FieldElement [5]uint64

FieldElement represents an element of the field GF(2^255-19). An element t represents the integer t[0] + t[1]*2^51 + t[2]*2^102 + t[3]*2^153 + t[4]*2^204.

type PreComputedGroupElement Uses

type PreComputedGroupElement struct {
    // contains filtered or unexported fields
}

func (*PreComputedGroupElement) Zero Uses

func (p *PreComputedGroupElement) Zero()

type PrivateKey Uses

type PrivateKey []byte

PrivateKey is the type of Ed25519 private keys. It implements crypto.Signer.

func (PrivateKey) Public Uses

func (priv PrivateKey) Public() crypto.PublicKey

Public returns the PublicKey corresponding to priv.

func (PrivateKey) Sign Uses

func (priv PrivateKey) Sign(rand io.Reader, message []byte, opts crypto.SignerOpts) (signature []byte, err error)

Sign signs the given message with priv. Ed25519 performs two passes over messages to be signed and therefore cannot handle pre-hashed messages. Thus opts.HashFunc() must return zero to indicate the message hasn't been hashed. This can be achieved by passing crypto.Hash(0) as the value for opts.

type ProjectiveGroupElement Uses

type ProjectiveGroupElement struct {
    X, Y, Z FieldElement
}

func (*ProjectiveGroupElement) Double Uses

func (p *ProjectiveGroupElement) Double(r *CompletedGroupElement)

func (*ProjectiveGroupElement) ToBytes Uses

func (p *ProjectiveGroupElement) ToBytes(s *[32]byte)

func (*ProjectiveGroupElement) Zero Uses

func (p *ProjectiveGroupElement) Zero()

type PublicKey Uses

type PublicKey []byte

PublicKey is the type of Ed25519 public keys.

Package edwards25519 imports 7 packages (graph) and is imported by 4 packages. Updated 2019-02-19. Refresh now. Tools for package owners.