Skip to main content

lib_q_prf/
lib.rs

1//! Legendre and Gold (power-residue) PRFs over prime fields \(\mathbb{F}_p\).
2//!
3//! This crate provides constant-time field arithmetic via [`crypto_bigint::modular::FixedMontyForm`]
4//! for pilot safe-prime moduli documented in [`params`]. It is intended as a building block for
5//! Fiat–Shamir protocols such as DualRing-PRF (QROM), composed at the [`lib-q-ring-sig`] layer.
6//!
7//! Secret key material for Legendre and Gold PRFs is held in opaque key types with validated
8//! constructors ([`LegendreKey256::from_uint`], [`GoldKey256::from_uint`], and `derive_from_seed`
9//! variants); use [`LegendreKey256::as_uint`], [`LegendreKey512::as_uint`], [`GoldKey256::as_uint`],
10//! or [`GoldKey512::as_uint`] when you need the field element for serialization or constant-time
11//! equality checks. The shared scalar checks live in [`keys`].
12//!
13//! [`lib-q-ring-sig`]: https://github.com/Enkom-Tech/libQ/tree/main/lib-q-ring-sig
14#![forbid(unsafe_code)]
15#![cfg_attr(not(feature = "std"), no_std)]
16
17#[cfg(all(not(feature = "std"), any(feature = "alloc", feature = "wasm")))]
18extern crate alloc;
19
20#[cfg(all(not(feature = "std"), feature = "no_std_panic_handler"))]
21mod no_std_panic_handler {
22    use core::panic::PanicInfo;
23
24    #[panic_handler]
25    #[allow(clippy::empty_loop)]
26    fn panic(_info: &PanicInfo) -> ! {
27        loop {}
28    }
29}
30
31pub mod error;
32pub mod field;
33pub mod gold;
34pub mod keys;
35pub mod legendre;
36pub mod params;
37mod shake;
38
39#[cfg(feature = "wasm")]
40mod wasm;
41
42pub use error::PrfError;
43pub use field::{
44    fp_add,
45    fp_mul,
46    fp_pow,
47    legendre_symbol_monty,
48    legendre_symbol_residue,
49    to_monty,
50    uint_ct_eq_zero,
51};
52pub use gold::{
53    GoldKey256,
54    GoldKey512,
55    gold_prf_u256,
56    gold_prf_u512,
57};
58pub use legendre::{
59    LegendreKey256,
60    LegendreKey512,
61    legendre_prf_u256,
62    legendre_prf_u512,
63};
64pub use params::{
65    GoldPrfParams256,
66    GoldPrfParams512,
67    LegendrePrfParams256,
68    LegendrePrfParams512,
69    P256_BE_HEX,
70    P512_BE_HEX,
71    u256_from_le_bytes,
72    u256_to_le_bytes,
73    u512_from_le_bytes,
74    u512_to_le_bytes,
75};