points

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 16, 2026 License: Apache-2.0 Imports: 7 Imported by: 0

README

points

This package provides point arithmetic implementations for short Weierstrass and twisted Edwards curves.

Documentation

Overview

Package points provides point arithmetic implementations for short Weierstrass and twisted Edwards curves.

See README.md for details.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Point 

type Point[FP impl.FiniteFieldElementLowLevel[FP], PP ellipticPoint[FP, PP]] interface {
	// contains filtered or unexported methods
}

Point describes an elliptic curve point with encoding and hashing helpers.

type PointPtr 

type PointPtr[FP impl.FiniteFieldElementLowLevel[FP], PP ellipticPoint[FP, PP], P any] interface {
	*P
	// contains filtered or unexported methods
}

PointPtr is a pointer constraint for elliptic curve points.

type ShortWeierstrassCurveParams 

type ShortWeierstrassCurveParams[FP fieldsImpl.FiniteFieldElement[FP]] interface {
	// SetGenerator sets generator coordinates.
	SetGenerator(xOut, yOut, zOut FP)

	// ClearCofactor clears cofactor (must comply with RFC9380).
	ClearCofactor(xOut, yOut, zOut, xIn, yIn, zIn FP)

	// AddA computes out = in + A, where A is the A in the curve equation y^2 = x^3 + Ax + B
	AddA(out FP, in FP)

	// AddB computes out = in + B, where B is the B in the curve equation y^2 = x^3 + Ax + B
	AddB(out FP, in FP)

	// MulByA computes out = in * A, where A is the A in the curve equation y^2 = x^3 + Ax + B
	MulByA(out FP, in FP)

	// MulBy3B computes out = in * 3 * B, where B is the B in the curve equation y^2 = x^3 + Ax + B
	MulBy3B(out FP, in FP)
}

ShortWeierstrassCurveParams exposes curve constants and helpers for Weierstrass arithmetic.

type ShortWeierstrassPointImpl 

type ShortWeierstrassPointImpl[FP fieldsImpl.FiniteFieldElementPtr[FP, F], C ShortWeierstrassCurveParams[FP], H h2c.HasherParams, M h2c.PointMapper[FP], F any] struct {
	X F
	Y F
	Z F
}

ShortWeierstrassPointImpl implements Jacobian coordinates for short Weierstrass curves.

func (*ShortWeierstrassPointImpl[FP, C, H, M, F]) Add 

func (p *ShortWeierstrassPointImpl[FP, C, H, M, F]) Add(lhs, rhs *ShortWeierstrassPointImpl[FP, C, H, M, F])

Add computes p = lhs + rhs Source: 2015 Renes–Costello–Batina "Complete addition formulas for prime order elliptic curves", Appendix A.1. Add sets the receiver to lhs + rhs.

func (*ShortWeierstrassPointImpl[FP, C, H, M, F]) Bytes 

func (p *ShortWeierstrassPointImpl[FP, C, H, M, F]) Bytes() []byte

Bytes returns the concatenated byte encoding of projective coordinates.

func (*ShortWeierstrassPointImpl[FP, C, H, M, F]) ClearCofactor 

func (p *ShortWeierstrassPointImpl[FP, C, H, M, F]) ClearCofactor(in *ShortWeierstrassPointImpl[FP, C, H, M, F])

ClearCofactor clears the curve cofactor on input.

func (*ShortWeierstrassPointImpl[FP, C, H, M, F]) Double 

func (p *ShortWeierstrassPointImpl[FP, C, H, M, F]) Double(v *ShortWeierstrassPointImpl[FP, C, H, M, F])

Double computes p = v + v Source: 2015 Renes–Costello–Batina "Complete addition formulas for prime order elliptic curves", Appendix A.1. The Bernstein–Lange doubling might be slightly faster, but these are highly unified. Double sets the receiver to 2*x.

func (*ShortWeierstrassPointImpl[FP, C, H, M, F]) Encode 

func (p *ShortWeierstrassPointImpl[FP, C, H, M, F]) Encode(dstPrefix string, message []byte)

Encode hashes a message to a curve point with one hash-to-field element.

func (*ShortWeierstrassPointImpl[FP, C, H, M, F]) Equal 

func (p *ShortWeierstrassPointImpl[FP, C, H, M, F]) Equal(rhs *ShortWeierstrassPointImpl[FP, C, H, M, F]) ct.Bool

Equal reports whether p and rhs represent the same point.

func (*ShortWeierstrassPointImpl[FP, C, H, M, F]) Hash 

func (p *ShortWeierstrassPointImpl[FP, C, H, M, F]) Hash(dst string, message []byte)

Hash hashes a message to a curve point with two hash-to-field elements.

func (*ShortWeierstrassPointImpl[FP, C, H, M, F]) IsNonZero 

func (p *ShortWeierstrassPointImpl[FP, C, H, M, F]) IsNonZero() ct.Bool

IsNonZero reports whether p is not the identity point.

func (*ShortWeierstrassPointImpl[FP, C, H, M, F]) IsZero 

func (p *ShortWeierstrassPointImpl[FP, C, H, M, F]) IsZero() ct.Bool

IsZero reports whether p is the identity point.

func (*ShortWeierstrassPointImpl[FP, C, H, M, F]) Neg 

func (p *ShortWeierstrassPointImpl[FP, C, H, M, F]) Neg(v *ShortWeierstrassPointImpl[FP, C, H, M, F])

Neg sets p to the negation of v.

func (*ShortWeierstrassPointImpl[FP, C, H, M, F]) Select 

func (p *ShortWeierstrassPointImpl[FP, C, H, M, F]) Select(choice ct.Choice, z, nz *ShortWeierstrassPointImpl[FP, C, H, M, F])

Select conditionally assigns z or nz into p based on choice.

func (*ShortWeierstrassPointImpl[FP, C, H, M, F]) Set 

func (p *ShortWeierstrassPointImpl[FP, C, H, M, F]) Set(v *ShortWeierstrassPointImpl[FP, C, H, M, F])

Set sets p to v.

func (*ShortWeierstrassPointImpl[FP, C, H, M, F]) SetAffine 

func (p *ShortWeierstrassPointImpl[FP, C, H, M, F]) SetAffine(x, y FP) (ok ct.Bool)

SetAffine sets p from affine coordinates if they satisfy the curve equation.

func (*ShortWeierstrassPointImpl[FP, C, H, M, F]) SetBytes 

func (p *ShortWeierstrassPointImpl[FP, C, H, M, F]) SetBytes(input []byte) (ok ct.Bool)

SetBytes decodes projective coordinates from input.

func (*ShortWeierstrassPointImpl[FP, C, H, M, F]) SetFromAffineX 

func (p *ShortWeierstrassPointImpl[FP, C, H, M, F]) SetFromAffineX(x FP) (ok ct.Bool)

SetFromAffineX sets p from an affine x-coordinate, choosing a square root for y.

func (*ShortWeierstrassPointImpl[FP, C, H, M, F]) SetGenerator 

func (p *ShortWeierstrassPointImpl[FP, C, H, M, F]) SetGenerator()

SetGenerator sets p to the curve generator.

func (*ShortWeierstrassPointImpl[FP, C, H, M, F]) SetRandom 

func (p *ShortWeierstrassPointImpl[FP, C, H, M, F]) SetRandom(prng io.Reader) (ok ct.Bool)

SetRandom maps random field elements to a curve point and clears the cofactor.

func (*ShortWeierstrassPointImpl[FP, C, H, M, F]) SetZero 

func (p *ShortWeierstrassPointImpl[FP, C, H, M, F]) SetZero()

SetZero sets p to the identity point.

func (*ShortWeierstrassPointImpl[FP, C, H, M, F]) String 

func (p *ShortWeierstrassPointImpl[FP, C, H, M, F]) String() string

String formats the point in projective coordinates.

func (*ShortWeierstrassPointImpl[FP, C, H, M, F]) Sub 

func (p *ShortWeierstrassPointImpl[FP, C, H, M, F]) Sub(lhs, rhs *ShortWeierstrassPointImpl[FP, C, H, M, F])

Sub sets p = lhs - rhs.

func (*ShortWeierstrassPointImpl[FP, C, H, M, F]) ToAffine 

func (p *ShortWeierstrassPointImpl[FP, C, H, M, F]) ToAffine(xOut, yOut FP) (ok ct.Bool)

ToAffine converts p to affine coordinates if possible.

type TwistedEdwardsCurveParams 

type TwistedEdwardsCurveParams[FP fields.FiniteFieldElement[FP]] interface {
	// SetGenerator sets generator coordinates.
	SetGenerator(xOut, yOut, tOut, zOut FP)

	// ClearCofactor clears cofactor (must comply with RFC9380).
	ClearCofactor(xOut, yOut, tOut, zOut, xIn, yIn, tIn, zIn FP)

	// SetA sets the curve A parameter.
	SetA(out FP)
	// MulByA multiplies by the curve A parameter.
	MulByA(out, in FP)
	// MulByD multiplies by the curve D parameter.
	MulByD(out, in FP)
	// MulBy2D multiplies by 2*D.
	MulBy2D(out, in FP)
}

TwistedEdwardsCurveParams exposes curve constants and helpers for Edwards arithmetic.

type TwistedEdwardsPointImpl 

type TwistedEdwardsPointImpl[FP fields.FiniteFieldElementPtr[FP, F], C TwistedEdwardsCurveParams[FP], H h2c.HasherParams, M h2c.PointMapper[FP], F any] struct {
	X F
	Y F
	T F
	Z F
}

TwistedEdwardsPointImpl implements extended coordinates for Twisted Edwards curves.

func (*TwistedEdwardsPointImpl[FP, C, H, M, F]) Add 

func (p *TwistedEdwardsPointImpl[FP, C, H, M, F]) Add(lhs, rhs *TwistedEdwardsPointImpl[FP, C, H, M, F])

Add sets p = lhs + rhs.

func (*TwistedEdwardsPointImpl[FP, C, H, M, F]) Bytes 

func (p *TwistedEdwardsPointImpl[FP, C, H, M, F]) Bytes() []byte

Bytes returns the concatenated byte encoding of extended coordinates.

func (*TwistedEdwardsPointImpl[FP, C, H, M, F]) ClearCofactor 

func (p *TwistedEdwardsPointImpl[FP, C, H, M, F]) ClearCofactor(in *TwistedEdwardsPointImpl[FP, C, H, M, F])

ClearCofactor clears the curve cofactor on input.

func (*TwistedEdwardsPointImpl[FP, C, H, M, F]) Double 

func (p *TwistedEdwardsPointImpl[FP, C, H, M, F]) Double(v *TwistedEdwardsPointImpl[FP, C, H, M, F])

Double sets p = 2*v.

func (*TwistedEdwardsPointImpl[FP, C, H, M, F]) Encode 

func (p *TwistedEdwardsPointImpl[FP, C, H, M, F]) Encode(dstPrefix string, message []byte)

Encode hashes a message to a curve point with one hash-to-field element.

func (*TwistedEdwardsPointImpl[FP, C, H, M, F]) Equal 

func (p *TwistedEdwardsPointImpl[FP, C, H, M, F]) Equal(v *TwistedEdwardsPointImpl[FP, C, H, M, F]) ct.Bool

Equal reports whether p and v represent the same point.

func (*TwistedEdwardsPointImpl[FP, C, H, M, F]) Hash 

func (p *TwistedEdwardsPointImpl[FP, C, H, M, F]) Hash(dst string, message []byte)

Hash hashes a message to a curve point with two hash-to-field elements.

func (*TwistedEdwardsPointImpl[FP, C, H, M, F]) IsNonZero 

func (p *TwistedEdwardsPointImpl[FP, C, H, M, F]) IsNonZero() ct.Bool

IsNonZero reports whether p is not the identity point.

func (*TwistedEdwardsPointImpl[FP, C, H, M, F]) IsZero 

func (p *TwistedEdwardsPointImpl[FP, C, H, M, F]) IsZero() ct.Bool

IsZero reports whether p is the identity point.

func (*TwistedEdwardsPointImpl[FP, C, H, M, F]) Neg 

func (p *TwistedEdwardsPointImpl[FP, C, H, M, F]) Neg(v *TwistedEdwardsPointImpl[FP, C, H, M, F])

Neg sets p to the negation of v.

func (*TwistedEdwardsPointImpl[FP, C, H, M, F]) Select 

func (p *TwistedEdwardsPointImpl[FP, C, H, M, F]) Select(choice ct.Choice, z, nz *TwistedEdwardsPointImpl[FP, C, H, M, F])

Select conditionally assigns z or nz into p based on choice.

func (*TwistedEdwardsPointImpl[FP, C, H, M, F]) Set 

func (p *TwistedEdwardsPointImpl[FP, C, H, M, F]) Set(v *TwistedEdwardsPointImpl[FP, C, H, M, F])

Set sets p to v.

func (*TwistedEdwardsPointImpl[FP, C, H, M, F]) SetAffine 

func (p *TwistedEdwardsPointImpl[FP, C, H, M, F]) SetAffine(x, y FP) (ok ct.Bool)

SetAffine sets p from affine coordinates if they satisfy the curve equation.

func (*TwistedEdwardsPointImpl[FP, C, H, M, F]) SetBytes 

func (p *TwistedEdwardsPointImpl[FP, C, H, M, F]) SetBytes(input []byte) (ok ct.Bool)

SetBytes decodes extended coordinates from input.

func (*TwistedEdwardsPointImpl[FP, C, H, M, F]) SetFromAffineY 

func (p *TwistedEdwardsPointImpl[FP, C, H, M, F]) SetFromAffineY(y FP) (ok ct.Bool)

SetFromAffineY sets p from an affine y-coordinate, choosing a square root for x.

func (*TwistedEdwardsPointImpl[FP, C, H, M, F]) SetGenerator 

func (p *TwistedEdwardsPointImpl[FP, C, H, M, F]) SetGenerator()

SetGenerator sets p to the curve generator.

func (*TwistedEdwardsPointImpl[FP, C, H, M, F]) SetRandom 

func (p *TwistedEdwardsPointImpl[FP, C, H, M, F]) SetRandom(prng io.Reader) (ok ct.Bool)

SetRandom maps random field elements to a curve point and clears the cofactor.

func (*TwistedEdwardsPointImpl[FP, C, H, M, F]) SetZero 

func (p *TwistedEdwardsPointImpl[FP, C, H, M, F]) SetZero()

SetZero sets p to the identity point.

func (*TwistedEdwardsPointImpl[FP, C, H, M, F]) String 

func (p *TwistedEdwardsPointImpl[FP, C, H, M, F]) String() string

String formats the point in projective coordinates.

func (*TwistedEdwardsPointImpl[FP, C, H, M, F]) Sub 

func (p *TwistedEdwardsPointImpl[FP, C, H, M, F]) Sub(lhs, rhs *TwistedEdwardsPointImpl[FP, C, H, M, F])

Sub sets p = lhs - rhs.

func (*TwistedEdwardsPointImpl[FP, C, H, M, F]) ToAffine 

func (p *TwistedEdwardsPointImpl[FP, C, H, M, F]) ToAffine(x, y FP) (ok ct.Bool)

ToAffine converts p to affine coordinates if possible.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.