module Ed25519::Utils

Extended Modules

Defined in:

ed25519/utils.cr

Constant Summary

TORSION_SUBGROUP = ["0100000000000000000000000000000000000000000000000000000000000000", "c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac037a", "0000000000000000000000000000000000000000000000000000000000000080", "26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc05", "ecffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f", "26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc85", "0000000000000000000000000000000000000000000000000000000000000000", "c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac03fa"] of String

The 8-torsion subgroup ℰ8. Those are "buggy" points, if you multiply them by 8, you'll receive Point::ZERO. Ported from curve25519-dalek.

Instance Method Summary

Instance Method Detail

def hash_to_private_scalar(hash : Hex) : BigInt #

** Can take 40 or more bytes of uniform input e.g. from CSPRNG or KDF and convert them into private scalar, with the modulo bias being neglible. As per FIPS 186 B.1.1. @param hash hash output from sha512, or a similar function @returns valid private scalar /


[View source]
def precompute(window_size = 8, point = Point::BASE) : Point #

We're doing scalar multiplication (used in get_public_key etc) with precomputed BASE_POINT values. This slows down first get_public_key() by milliseconds (see Speed section), but allows to speed-up subsequent get_public_key() calls up to 20x. @param window_size 2, 4, 8, 16


[View source]
def random_bytes(bytes_length : Int = 32) : Bytes #

[View source]
def random_private_key : Bytes #

Note: ed25519 private keys are uniform 32-bit strings. We do not need to check for modulo bias like we do in noble-secp256k1 random_private_key()


[View source]
def sha512(message : Bytes) : Bytes #

[View source]