Ristretto255 prime-order group. See: - [[ https://www.rfc-editor.org/rfc/rfc9496 ]]

Collection Info

View Source
Collection
core
Path
crypto/ristretto255
Entries
38
Constants 4
Jump to Constants
ELEMENT_SIZE SCALAR_SIZE WIDE_ELEMENT_SIZE WIDE_SCALAR_SIZE
Types 2
Jump to Types
Group_Element Scalar
Procedures 32
Jump to Procedures
ge_add ge_bytes ge_clear ge_cond_assign ge_cond_negate ge_cond_select ge_double ge_double_scalarmult_generator_vartime ge_equal ge_generator ge_identity ge_is_identity ge_negate ge_scalarmult ge_scalarmult_generator ge_scalarmult_vartime +16 more
Procedure Groups 0
Variables 0

Source Files

Constants

4

ELEMENT_SIZE #

Source 
ELEMENT_SIZE :: 32

ELEMENT_SIZE is the size of a byte-encoded ristretto255 group element.

SCALAR_SIZE #

Source 
SCALAR_SIZE :: 32

SCALAR_SIZE is the size of a byte-encoded ristretto255 scalar.

WIDE_ELEMENT_SIZE #

Source 
WIDE_ELEMENT_SIZE :: 64

WIDE_ELEMENT_SIZE is the side of a wide byte-encoded ristretto255 group element.

WIDE_SCALAR_SIZE #

Source 
WIDE_SCALAR_SIZE :: 64

WIDE_SCALAR_SIZE is the size of a wide byte-encoded ristretto255 scalar.

Types

2

Group_Element #

Source 
Group_Element :: Group_Element

Group_Element is a ristretto255 group element. The zero-initialized value is invalid.

Scalar #

Source 
Scalar :: Montgomery_Domain_Field_Element

Scalar is a ristretto255 scalar. The zero-initialized value is valid, and represents `0`.

Procedures

32

ge_cond_assign #

Source 
ge_cond_assign :: proc(ge, a: ^Group_Element, ctrl: int) {…}

ge_cond_assign sets `ge = ge` if and only if (⟺) `ctrl == 0` and `ge = a` if and only if (⟺) `ctrl == 1`. Behavior for all other values of ctrl are undefined,

ge_cond_negate #

Source 
ge_cond_negate :: proc(ge, a: ^Group_Element, ctrl: int) {…}

ge_cond_negate sets `ge = a` if and only if (⟺) `ctrl == 0` and `ge = -a` if and only if (⟺) `ctrl == 1`. Behavior for all other values of ctrl are undefined,

ge_cond_select #

Source 
ge_cond_select :: proc(ge, a, b: ^Group_Element, ctrl: int) {…}

ge_cond_select sets `ge = a` if and only if (⟺) `ctrl == 0` and `ge = b` if and only if (⟺) `ctrl == 1`. Behavior for all other values of ctrl are undefined,

ge_double_scalarmult_generator_vartime #

Source 
ge_double_scalarmult_generator_vartime :: proc(ge: ^Group_Element, a: ^Montgomery_Domain_Field_Element, A: ^Group_Element, b: ^Montgomery_Domain_Field_Element) {…}

ge_double_scalarmult_generator_vartime sets `ge = A * a + G * b` in variable time.

ge_equal #

Source 
@(require_results)
ge_equal :: proc(a, b: ^Group_Element) -> int {…}

ge_equal returns 1 if and only if (⟺) `a == b`, and 0 otherwise.

ge_identity #

Source 
ge_identity :: proc "contextless" (ge: ^Group_Element) {…}

ge_identity sets ge to the identity (neutral) element.

ge_is_identity #

Source 
@(require_results)
ge_is_identity :: proc(ge: ^Group_Element) -> int {…}

ge_is_identity returns 1 if and only if (⟺) `ge` is the identity element, and 0 otherwise.

ge_scalarmult #

Source 
ge_scalarmult :: proc(ge, A: ^Group_Element, sc: ^Montgomery_Domain_Field_Element) {…}

ge_scalarmult sets `ge = A * sc`.

ge_scalarmult_generator #

Source 
ge_scalarmult_generator :: proc "contextless" (ge: ^Group_Element, sc: ^Montgomery_Domain_Field_Element) {…}

ge_scalarmult_generator sets `ge = G * sc`

ge_scalarmult_vartime #

Source 
ge_scalarmult_vartime :: proc(ge, A: ^Group_Element, sc: ^Montgomery_Domain_Field_Element) {…}

ge_scalarmult_vartime sets `ge = A * sc` in variable time.

ge_set_bytes #

Source 
@(require_results)
ge_set_bytes :: proc "contextless" (ge: ^Group_Element, b: []u8) -> bool {…}

ge_set_bytes sets ge to the result of decoding b as a ristretto255 group element, and returns true on success.

ge_set_wide_bytes #

Source 
ge_set_wide_bytes :: proc(ge: ^Group_Element, b: []u8) {…}

ge_set_wide_bytes sets ge to the result of deriving a ristretto255 group element, from a wide (512-bit) byte string.

sc_add #

Source 
sc_add :: proc "contextless" (sc, a, b: ^Montgomery_Domain_Field_Element) {…}

sc_add sets `sc = a + b`.

sc_bytes #

Source 
sc_bytes :: proc(sc: ^Montgomery_Domain_Field_Element, dst: []u8) {…}

sc_bytes sets dst to the canonical encoding of sc.

sc_clear #

Source 
sc_clear :: proc "contextless" (sc: ^Montgomery_Domain_Field_Element) {…}

sc_clear clears sc to the uninitialized state.

sc_cond_assign #

Source 
sc_cond_assign :: proc(sc, a: ^Montgomery_Domain_Field_Element, ctrl: int) {…}

sc_cond_assign sets `sc = sc` if and only if (⟺) `ctrl == 0` and `sc = a` if and only if (⟺) `ctrl == 1`. Behavior for all other values of ctrl are undefined,

sc_equal #

Source 
@(require_results)
sc_equal :: proc(a, b: ^Montgomery_Domain_Field_Element) -> int {…}

sc_equal returns 1 if and only if (⟺) `a == b`, and 0 otherwise.

sc_mul #

Source 
sc_mul :: proc "contextless" (sc, a, b: ^Montgomery_Domain_Field_Element) {…}

sc_mul sets `sc = a * b`.

sc_negate #

Source 
sc_negate :: proc "contextless" (sc, a: ^Montgomery_Domain_Field_Element) {…}

sc_negate sets `sc = -a`.

sc_set #

Source 
sc_set :: proc "contextless" (sc, a: ^Montgomery_Domain_Field_Element) {…}

sc_set sets `sc = a`.

sc_set_bytes #

Source 
@(require_results)
sc_set_bytes :: proc(sc: ^Montgomery_Domain_Field_Element, b: []u8) -> bool {…}

sc_set_bytes sets sc to the result of decoding b as a ristretto255 scalar, and returns true on success.

sc_set_bytes_wide #

Source 
sc_set_bytes_wide :: proc(sc: ^Montgomery_Domain_Field_Element, b: []u8) {…}

sc_set_wide_bytes sets sc to the result of deriving a ristretto255 scalar, from a wide (512-bit) byte string by interpreting b as a little-endian value, and reducing it mod the group order.

sc_set_u64 #

Source 
sc_set_u64 :: proc "contextless" (sc: ^Montgomery_Domain_Field_Element, i: u64) {…}

sc_set_u64 sets `sc = i`.

sc_square #

Source 
sc_square :: proc "contextless" (sc, a: ^Montgomery_Domain_Field_Element) {…}

sc_square sets `sc = a^2`.

sc_sub #

Source 
sc_sub :: proc "contextless" (sc, a, b: ^Montgomery_Domain_Field_Element) {…}

sc_sub sets `sc = a - b`.