crypto::curve25519
The curve25519 module implements the x25519 function which performs scalar
multiplication on the elliptic curve known as Curve25519. See RFC 7748.
The implementation is based on the paper "Implementing Curve25519/X25519: A
Tutorial on Elliptic Curve Cryptography" by Martin Kleppmann.
This is a low-level module which implements cryptographic primitives. Direct use
of cryptographic primitives is not recommended for non-experts, as incorrect use
of these primitives can easily lead to the introduction of security
vulnerabilities. Non-experts are advised to use the high-level operations
available in the top-level crypto module.
Be advised that Hare's cryptography implementations have not been audited.
Index
Constants
const POINTSZ: size;
const SCALARSZ: size;
Globals
let BASEPOINT: [POINTSZ]u8;
Functions
fn clamp(*[SCALARSZ]u8) void;
fn scalarmult(*[SCALARSZ]u8, const *[SCALARSZ]u8, const *[POINTSZ]u8) void;
fn scalarmult_base(*[SCALARSZ]u8, const *[SCALARSZ]u8) void;
fn x25519(*[SCALARSZ]u8, const *[SCALARSZ]u8, const *[POINTSZ]u8) void;
Constants
def POINTSZ
def POINTSZ: size;
The size of the point input to X25519.
def SCALARSZ
def SCALARSZ: size;
The size of the scalar input to X25519.
Globals
let BASEPOINT
const BASEPOINT: [POINTSZ]u8;
The canonical Curve25519 generator
Functions
fn clamp
fn clamp(scalar: *[SCALARSZ]u8) void;
Prepares the scalar to avoid particular attacks. See the "clamping" section
in Kleppmann's paper.
fn scalarmult
fn scalarmult(
out: *[SCALARSZ]u8,
scalar: const *[SCALARSZ]u8,
point: const *[POINTSZ]u8,
) void;
Set out to the product (scalar * point)
fn scalarmult_base
fn scalarmult_base(out: *[SCALARSZ]u8, scalar: const *[SCALARSZ]u8) void;
Compute the result of the scalar multiplication (scalar * point) where point
is BASEPOINT.
fn x25519
fn x25519(
out: *[SCALARSZ]u8,
scalar: const *[SCALARSZ]u8,
point: const *[POINTSZ]u8,
) void;
Compute the result of the scalar multiplication (scalar * point) and put the
result in out.