[−][src]Struct secp256kfun::Scalar
A secp256k1 scalar (an integer mod the curve order)
The term scalar comes from interpreting the secp256k1 elliptic curve group
as a vector space with a point as a notional single element vector
and the field of integers modulo the curve order as its
scalars. Specifically, a Scalar
represents an integer modulo the curve
order q
where
q = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141
The thing that makes secp256k1 and other elliptic curves useful for cryptography is that scalar multiplication can be done efficiently:
use secp256kfun::{g, Scalar, G}; let x = Scalar::random(&mut rand::thread_rng()); let X = g!(x * G);
But finding x
from (X,G)
is hard because there is no known efficient
algorithm to divide X
by G
to get x
. This is known as the elliptic
curve discrete logarithm problem. Because of this, scalars are often
used as a secret keys with the points obtained by multiplying them by G
as
their corresponding public keys.
Markers
A Scalar<S,Z>
has two markers:
S
: ASecrecy
to determine whether operations on this scalar should be done in constant time or not. By default scalars areSecret
so operations run in constant-time.Z
: AZeroChoice
to keep track of whether the point might be zero or is guaranteed to non-zero.
Implementations
impl<Z, S> Scalar<S, Z>
[src]
pub fn to_bytes(&self) -> [u8; 32]
[src]
Serializes the scalar to its 32-byte big-endian representation
pub fn conditional_negate(&mut self, cond: bool)
[src]
Negates the scalar in-place if cond
is true.
pub fn is_high(&self) -> bool
[src]
Returns whether the scalar is greater than the curve_order
/2.
pub fn is_zero(&self) -> bool
[src]
Returns true if the scalar is equal to zero
pub fn set_secrecy<SNew>(self) -> Scalar<SNew, Z>
[src]
impl<S> Scalar<S, NonZero>
[src]
pub fn invert(&self) -> Self
[src]
Returns the multiplicative inverse of the scalar modulo the curve order.
Example
use secp256kfun::{s, Scalar}; let a = Scalar::random(&mut rand::thread_rng()); let a_inverse = a.invert(); assert_eq!(s!(a * a_inverse), Scalar::one());
impl Scalar<Secret, NonZero>
[src]
pub fn random<R: RngCore + CryptoRng>(rng: &mut R) -> Self
[src]
Generates a random scalar from randomness taken from a caller provided cryptographically secure random number generator.
Example
use secp256kfun::{g, Scalar, G}; let secret_scalar = Scalar::random(&mut rand::thread_rng()); let public_point = g!(secret_scalar * G);
pub fn from_hash(hash: impl Digest<OutputSize = U32>) -> Self
[src]
Converts the output of a 32-byte hash into a scalar by reducing it modulo the curve order.
Example
use digest::Digest; use secp256kfun::Scalar; let mut hash = sha2::Sha256::default(); hash.input(b"Chancellor on brink of second bailout for banks".as_ref()); let scalar = Scalar::from_hash(hash);
pub fn from_non_zero_u32(int: NonZeroU32) -> Self
[src]
Converts a NonZeroU32
into a Scalar<Secret,NonZero>
.
Note: this can be done at compile time with the nzscalar
macro.
pub fn one() -> Self
[src]
Returns the integer 1
as a Scalar<Secret, NonZero>
.
pub fn minus_one() -> Self
[src]
Returns the integer -1 (modulo the curve order) as a Scalar<Secret, NonZero>
.
impl Scalar<Secret, Zero>
[src]
pub fn from_bytes_mod_order(bytes: [u8; 32]) -> Self
[src]
Converts 32 bytes into a scalar by reducing it modulo the curve order q
.
Example
use secp256kfun::Scalar; let scalar = Scalar::from_bytes_mod_order(*b"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"); assert_eq!(scalar.to_bytes(), *b"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"); let scalar_overflowed = Scalar::from_bytes_mod_order(hex_literal::hex!( "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364142" )); assert_eq!(scalar_overflowed, Scalar::one())
pub fn from_slice_mod_order(slice: &[u8]) -> Option<Self>
[src]
Exactly like from_bytes_mod_order
except
it operates on a 32-byte slice rather than an array. If the slice is
not 32 bytes long then the function returns None
.
Example
let bytes = b"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; assert!(Scalar::from_slice_mod_order(&bytes[..31]).is_none()); assert_eq!( Scalar::from_slice_mod_order(&bytes[..]).unwrap(), Scalar::from_bytes_mod_order(*bytes) );
pub fn from_bytes(bytes: [u8; 32]) -> Option<Self>
[src]
Creates a scalar from 32 big-endian encoded bytes. If the bytes
represent an integer greater than or equal to the curve order then it returns None
.
Example
use secp256kfun::{marker::*, Scalar}; assert!(Scalar::from_bytes([0u8; 32]).is_some()); assert!(Scalar::from_bytes([255u8; 32]).is_none());
pub fn from_slice(slice: &[u8]) -> Option<Self>
[src]
Creates a scalar from 32 big-endian encoded bytes in a slice. If the
length of the slice is not 32 or the bytes represent an integer greater
than or equal to the curve order then it returns None
.
pub fn zero() -> Self
[src]
Returns the zero scalar.
Example
let x = Scalar::random(&mut rand::thread_rng()); let zero = Scalar::zero(); assert_eq!(s!(zero * x), zero); assert_eq!(s!(x + zero), x);
Trait Implementations
impl<Z, S> ChangeMark<Scalar<S, Z>> for NonZero
[src]
type Out = Option<Scalar<S, NonZero>>
The result type of marking T
with Self
fn change_mark(scalar: Scalar<S, Z>) -> Self::Out
[src]
impl<Z, S> ChangeMark<Scalar<S, Z>> for Zero
[src]
type Out = Scalar<S, Zero>
The result type of marking T
with Self
fn change_mark(scalar: Scalar<S, Z>) -> Self::Out
[src]
impl<Z, S, SNew: Secrecy> ChangeMark<Scalar<S, Z>> for SNew
[src]
type Out = Scalar<SNew, Z>
The result type of marking T
with Self
fn change_mark(scalar: Scalar<S, Z>) -> Self::Out
[src]
impl<S: Clone, Z: Clone> Clone for Scalar<S, Z>
[src]
impl<Z, S> Debug for Scalar<S, Z>
[src]
impl<'de, S> Deserialize<'de> for Scalar<S, NonZero>
[src]
fn deserialize<Deser: Deserializer<'de>>(
deserializer: Deser
) -> Result<Scalar<S, NonZero>, Deser::Error>
[src]
deserializer: Deser
) -> Result<Scalar<S, NonZero>, Deser::Error>
impl<'de, S> Deserialize<'de> for Scalar<S, Zero>
[src]
fn deserialize<Deser: Deserializer<'de>>(
deserializer: Deser
) -> Result<Scalar<S, Zero>, Deser::Error>
[src]
deserializer: Deser
) -> Result<Scalar<S, Zero>, Deser::Error>
impl<Z, S> Display for Scalar<S, Z>
[src]
impl<H: Digest<OutputSize = U32>> From<NonceDerivation<H>> for Scalar
[src]
fn from(nd: NonceDerivation<H>) -> Self
[src]
impl From<u32> for Scalar<Secret, Zero>
[src]
impl<S> FromStr for Scalar<S, NonZero>
[src]
type Err = HexError
The associated error which can be returned from parsing.
fn from_str(hex: &str) -> Result<Scalar<S, NonZero>, HexError>
[src]
Parses the string as hex and interprets tries to convert the resulting byte array into the desired value.
impl<S> FromStr for Scalar<S, Zero>
[src]
type Err = HexError
The associated error which can be returned from parsing.
fn from_str(hex: &str) -> Result<Scalar<S, Zero>, HexError>
[src]
Parses the string as hex and interprets tries to convert the resulting byte array into the desired value.
impl HashInto for Scalar
[src]
impl<S, Z> Neg for Scalar<S, Z>
[src]
type Output = Scalar<S, Z>
The resulting type after applying the -
operator.
fn neg(self) -> Self::Output
[src]
impl<S, Z, '_> Neg for &'_ Scalar<S, Z>
[src]
type Output = Scalar<S, Z>
The resulting type after applying the -
operator.
fn neg(self) -> Self::Output
[src]
impl<Z1, Z2, S1, S2> PartialEq<Scalar<S2, Z2>> for Scalar<S1, Z1>
[src]
fn eq(&self, rhs: &Scalar<S2, Z2>) -> bool
[src]
#[must_use]fn ne(&self, other: &Rhs) -> bool
1.0.0[src]
impl<Z, S> Serialize for Scalar<S, Z>
[src]
Auto Trait Implementations
impl<S, Z> RefUnwindSafe for Scalar<S, Z> where
S: RefUnwindSafe,
Z: RefUnwindSafe,
S: RefUnwindSafe,
Z: RefUnwindSafe,
impl<S, Z> Send for Scalar<S, Z> where
S: Send,
Z: Send,
S: Send,
Z: Send,
impl<S, Z> Sync for Scalar<S, Z> where
S: Sync,
Z: Sync,
S: Sync,
Z: Sync,
impl<S, Z> Unpin for Scalar<S, Z> where
S: Unpin,
Z: Unpin,
S: Unpin,
Z: Unpin,
impl<S, Z> UnwindSafe for Scalar<S, Z> where
S: UnwindSafe,
Z: UnwindSafe,
S: UnwindSafe,
Z: UnwindSafe,
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
fn borrow_mut(&mut self) -> &mut T
[src]
impl<Z, S, SNew> ChangeMark<Scalar<S, Z>> for SNew where
SNew: Secrecy,
[src]
SNew: Secrecy,
type Out = Scalar<SNew, Z>
The result type of marking T
with Self
fn change_mark(Scalar<S, Z>) -> <SNew as ChangeMark<Scalar<S, Z>>>::Out
[src]
impl<Z, S, SNew> ChangeMark<Scalar<S, Z>> for SNew where
SNew: Secrecy,
[src]
SNew: Secrecy,
type Out = Scalar<SNew, Z>
The result type of marking T
with Self
fn change_mark(Scalar<S, Z>) -> <SNew as ChangeMark<Scalar<S, Z>>>::Out
[src]
impl<Z, S, SNew> ChangeMark<Scalar<S, Z>> for SNew where
SNew: Secrecy,
[src]
SNew: Secrecy,
type Out = Scalar<SNew, Z>
The result type of marking T
with Self
fn change_mark(Scalar<S, Z>) -> <SNew as ChangeMark<Scalar<S, Z>>>::Out
[src]
impl<Z, S, SNew> ChangeMark<Scalar<S, Z>> for SNew where
SNew: Secrecy,
[src]
SNew: Secrecy,
type Out = Scalar<SNew, Z>
The result type of marking T
with Self
fn change_mark(Scalar<S, Z>) -> <SNew as ChangeMark<Scalar<S, Z>>>::Out
[src]
impl<T> DeserializeOwned for T where
T: for<'de> Deserialize<'de>,
[src]
T: for<'de> Deserialize<'de>,
impl<T> From<T> for T
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T> Mark for T
[src]
#[must_use]fn mark<M>(Self) -> <M as ChangeMark<T>>::Out where
M: ChangeMark<T>,
[src]
M: ChangeMark<T>,
impl<T> Same<T> for T
type Output = T
Should always be Self
impl<T> ToOwned for T where
T: Clone,
[src]
T: Clone,
type Owned = T
The resulting type after obtaining ownership.
fn to_owned(&self) -> T
[src]
fn clone_into(&self, target: &mut T)
[src]
impl<T> ToString for T where
T: Display + ?Sized,
[src]
T: Display + ?Sized,
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,