Skip to main content

ed448_goldilocks/
lib.rs

1#![no_std]
2#![cfg_attr(docsrs, feature(doc_cfg))]
3#![cfg_attr(
4    feature = "getrandom",
5    doc = include_str!("../README.md")
6)]
7#![doc(
8    html_logo_url = "https://raw.githubusercontent.com/RustCrypto/meta/master/logo.svg",
9    html_favicon_url = "https://raw.githubusercontent.com/RustCrypto/meta/master/logo.svg"
10)]
11#![allow(non_snake_case)]
12#![forbid(unsafe_code)]
13#![warn(
14    clippy::unwrap_used,
15    clippy::mod_module_files,
16    missing_copy_implementations,
17    missing_debug_implementations,
18    missing_docs,
19    trivial_casts,
20    trivial_numeric_casts,
21    unused,
22    unused_attributes,
23    unused_imports,
24    unused_mut,
25    unused_must_use
26)]
27
28//! ## `serde` support
29//!
30//! When the `serde` feature of this crate is enabled, `Serialize` and
31//! `Deserialize` are impl'd for the following types:
32//!
33//! - [`CompressedDecaf`]
34//! - [`CompressedEdwardsY`]
35//! - [`EdwardsPoint`]
36//! - [`Scalar`]
37//! - [`SigningKey`]
38//! - [`VerifyingKey`]
39//!
40//! Please see type-specific documentation for more information.
41
42#[cfg(feature = "alloc")]
43#[macro_use]
44extern crate alloc;
45#[cfg(feature = "std")]
46extern crate std;
47
48#[cfg(feature = "alloc")]
49use alloc::{boxed::Box, vec::Vec};
50
51// Internal macros. Must come first!
52#[macro_use]
53pub(crate) mod macros;
54
55pub use elliptic_curve;
56pub use hash2curve;
57pub use rand_core;
58pub use shake;
59pub use subtle;
60
61pub(crate) mod curve;
62pub(crate) mod decaf;
63pub(crate) mod edwards;
64pub(crate) mod field;
65pub(crate) mod montgomery;
66#[cfg(feature = "signing")]
67pub(crate) mod sign;
68
69pub(crate) use field::{GOLDILOCKS_BASE_POINT, TWISTED_EDWARDS_BASE_POINT};
70
71pub use decaf::{
72    AffinePoint as DecafAffinePoint, CompressedDecaf, DecafPoint, DecafScalar, DecafScalarBytes,
73    WideDecafScalarBytes,
74};
75pub use edwards::{
76    AffinePoint, CompressedEdwardsY, EdwardsPoint, EdwardsScalar, EdwardsScalarBytes,
77    WideEdwardsScalarBytes,
78};
79pub use field::{MODULUS_LIMBS, ORDER, Scalar, WIDE_ORDER};
80pub use montgomery::{MontgomeryPoint, ProjectiveMontgomeryPoint};
81#[cfg(feature = "signing")]
82pub use sign::*;
83
84use elliptic_curve::{
85    ByteOrder, Curve, PrimeCurve,
86    array::typenum::{U56, U57},
87    bigint::{ArrayEncoding, Odd, U448},
88    point::PointCompression,
89};
90use hash2curve::{ExpandMsgXof, GroupDigest};
91use shake::Shake256;
92
93/// Edwards448 curve.
94#[derive(Copy, Clone, Debug, Default, Eq, PartialEq, Ord, PartialOrd, Hash)]
95pub struct Ed448;
96
97/// Serialized byte representation of an Ed448 field element.
98pub type Ed448FieldBytes = elliptic_curve::FieldBytes<Ed448>;
99
100/// Non-zero scalar of the Ed448 scalar
101pub type Ed448NonZeroScalar = elliptic_curve::NonZeroScalar<Ed448>;
102
103impl Curve for Ed448 {
104    type FieldBytesSize = U57;
105    type Uint = U448;
106
107    const ORDER: Odd<U448> = ORDER;
108    const FIELD_ENDIANNESS: ByteOrder = ByteOrder::LittleEndian;
109}
110
111impl PrimeCurve for Ed448 {}
112
113impl PointCompression for Ed448 {
114    const COMPRESS_POINTS: bool = true;
115}
116
117impl elliptic_curve::CurveArithmetic for Ed448 {
118    type AffinePoint = AffinePoint;
119    type ProjectivePoint = EdwardsPoint;
120    type Scalar = EdwardsScalar;
121}
122
123impl GroupDigest for Ed448 {
124    const HASH_TO_CURVE_ID: &[u8] = b"edwards448_XOF:SHAKE256_ELL2_RO_";
125    const ENCODE_TO_CURVE_ID: &[u8] = b"edwards448_XOF:SHAKE256_ELL2_NU_";
126
127    type ExpandMsg = ExpandMsgXof<Shake256>;
128}
129
130/// Decaf448 curve.
131#[derive(Copy, Clone, Debug, Default, Eq, PartialEq, Ord, PartialOrd, Hash)]
132pub struct Decaf448;
133
134/// Bytes of the Decaf448 field
135pub type Decaf448FieldBytes = elliptic_curve::FieldBytes<Decaf448>;
136
137/// Non-zero scalar of the Decaf448 scalar
138pub type Decaf448NonZeroScalar = elliptic_curve::NonZeroScalar<Decaf448>;
139
140impl Curve for Decaf448 {
141    type FieldBytesSize = U56;
142    type Uint = U448;
143
144    const ORDER: Odd<U448> = ORDER;
145}
146
147impl PrimeCurve for Decaf448 {}
148
149impl PointCompression for Decaf448 {
150    const COMPRESS_POINTS: bool = true;
151}
152
153impl elliptic_curve::CurveArithmetic for Decaf448 {
154    type AffinePoint = DecafAffinePoint;
155    type ProjectivePoint = DecafPoint;
156    type Scalar = DecafScalar;
157}
158
159impl GroupDigest for Decaf448 {
160    const HASH_TO_CURVE_ID: &[u8] = b"decaf448_XOF:SHAKE256_D448MAP_RO_";
161    const ENCODE_TO_CURVE_ID: &[u8] = b"decaf448_XOF:SHAKE256_D448MAP_NU_";
162
163    type ExpandMsg = ExpandMsgXof<Shake256>;
164}