module Noble::Ed25519::Utils

Extended Modules

Defined in:

noble-ed25519.cr

Constant Summary

TORSION_SUBGROUP = ["0100000000000000000000000000000000000000000000000000000000000000", "c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac037a", "0000000000000000000000000000000000000000000000000000000000000080", "26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc05", "ecffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f", "26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc85", "0000000000000000000000000000000000000000000000000000000000000000", "c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac03fa"] of String

The 8-torsion subgroup ℰ8. Those are "buggy" points, if you multiply them by 8, you'll receive Point::ZERO. Ported from curve25519-dalek.

Instance Method Summary

Instance Method Detail

def hashToPrivateScalar(hash : Hex) : BigInt #

** Can take 40 or more bytes of uniform input e.g. from CSPRNG or KDF and convert them into private scalar, with the modulo bias being neglible. As per FIPS 186 B.1.1. @param hash hash output from sha512, or a similar function @returns valid private scalar /


[View source]
def precompute(windowSize = 8, point = Point::BASE) : Point #

We're doing scalar multiplication (used in getPublicKey etc) with precomputed BASE_POINT values. This slows down first getPublicKey() by milliseconds (see Speed section), but allows to speed-up subsequent getPublicKey() calls up to 20x. @param windowSize 2, 4, 8, 16


[View source]
def randomBytes(bytesLength : Int = 32) : Bytes #

[View source]
def randomPrivateKey : Bytes #

Note: ed25519 private keys are uniform 32-bit strings. We do not need to check for modulo bias like we do in noble-secp256k1 randomPrivateKey()


[View source]
def sha512(message : Bytes) : Bytes #

[View source]