elliptic-curves
elliptic-curves copied to clipboard
RustCrypto
Collection of pure Rust elliptic curve implementations: NIST P-224, P-256, P-384, P-521, secp256k1, SM2
Hi, we have a requirement to use the Poseidon hash function instead of the sha256 hash function in the hash2curve for the curve k256. I'm more than happy to implement...
For both signature generation and verification, `k256` doesn't seem to handle the case where the `y` coordinate of the public key is odd. I guess it is implicitly assuming that...
There have been a couple of pre-releases now, I was wondering what the plan is for a "final" 0.14 of the various crates (mostly concerned with `k256` and `p256` personally)....
Currently field elements are represented internally as [`Uint`](https://docs.rs/crypto-bigint/latest/crypto_bigint/struct.Uint.html), however those `Uint`s are generally constrained to the set of valid field elements for a given modulus represented in Montgomery form, namely...
This imports https://crates.io/crates/x448 in https://github.com/RustCrypto/elliptic-curves/
Decaf x-coordinates are supposed to be serialized as 56-bytes, but we're serializing them as 57-bytes, with a TODO to fix this: https://github.com/RustCrypto/elliptic-curves/blob/c797d60/ed448-goldilocks/src/decaf/affine.rs#L63-L68 This has turned into a blocker for this...
Preliminary update to changes in https://github.com/zkcrypto/ff/pull/137. `elliptic-curve` PR: https://github.com/RustCrypto/traits/pull/1869. `ecdsa`: PR: https://github.com/RustCrypto/signatures/pull/972.
If `ReduceNonZero` implementation are supposed to follow ["ECDSA Key Pair Generation using Extra Random Bits"](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf#[{%22num%22%3A154%2C%22gen%22%3A0}%2C{%22name%22%3A%22XYZ%22}%2C70%2C586%2C0]), then we should make sure we follow the recommended minimum size. This seems to only...
Currently we only support Montgomery form for field elements. #1191 would further solidify that. `p256` contains a handwritten `Scalar` implementation which uses canonical form w\ Barrett reduction as opposed to...
Metadata
Owner
Metadata
Collection of pure Rust elliptic curve implementations: NIST P-224, P-256, P-384, P-521, secp256k1, SM2