crypto::curve25519
curve25519: Curve25519/X25519 support
The curve25519 module implements the x25519 function which performs scalar multiplication on the elliptic curve known as Curve25519. See RFC 7748.
The implementation is based on the paper "Implementing Curve25519/X25519: A Tutorial on Elliptic Curve Cryptography" by Martin Kleppmann.
This is a low-level module which implements cryptographic primitives. Direct use of cryptographic primitives is not recommended for non-experts, as incorrect use of these primitives can easily lead to the introduction of security vulnerabilities. Non-experts are advised to use the high-level operations available in the top-level crypto:: module.
Be advised that Hare's cryptography implementations have not been audited.
Index
Constants
def POINTSZ: size = 32;
def SCALARSZ: size = 32;
Globals
const BASEPOINT: [POINTSZ]u8;
Functions
fn clamp(scalar: []u8) void;
fn scalarmult(out: []u8, scalar: const []u8, point: const []u8) void;
fn scalarmult_base(out: []u8, scalar: const []u8) void;
fn x25519(out: []u8, scalar: const []u8, point: const []u8) void;
Constants
def POINTSZ
def POINTSZ: size = 32;
The size of the point input to X25519.
def SCALARSZ
def SCALARSZ: size = 32;
The size of the scalar input to X25519.
Globals
let BASEPOINT
const BASEPOINT: [POINTSZ]u8;
The canonical Curve25519 generator
Functions
fn clamp
fn clamp(scalar: []u8) void;
Prepares the scalar to avoid particular attacks. See the "clamping" section in Kleppmann's paper.
fn scalarmult
fn scalarmult(out: []u8, scalar: const []u8, point: const []u8) void;
Set out to the product (scalar * point)
fn scalarmult_base
fn scalarmult_base(out: []u8, scalar: const []u8) void;
Compute the result of the scalar multiplication (scalar * point) where point is BASEPOINT.
fn x25519
fn x25519(out: []u8, scalar: const []u8, point: const []u8) void;
Compute the result of the scalar multiplication (scalar * point) and put the result in out.