FiloSottile / edwards25519

filippo.io/edwards25519 — A safer, faster, and more powerful low-level edwards25519 Go implementation.
https://filippo.io/edwards25519
BSD 3-Clause "New" or "Revised" License
139 stars 30 forks source link

filippo.io/edwards25519

import "filippo.io/edwards25519"

This library implements the edwards25519 elliptic curve, exposing the necessary APIs to build a wide array of higher-level primitives. Read the docs at pkg.go.dev/filippo.io/edwards25519.

The code is originally derived from Adam Langley's internal implementation in the Go standard library, and includes George Tankersley's performance improvements. It was then further developed by Henry de Valence for use in ristretto255, and was finally merged back into the Go standard library as of Go 1.17. It now tracks the upstream codebase and extends it with additional functionality.

Most users don't need this package, and should instead use crypto/ed25519 for signatures, golang.org/x/crypto/curve25519 for Diffie-Hellman, or github.com/gtank/ristretto255 for prime order group logic. However, for anyone currently using a fork of crypto/internal/edwards25519/crypto/ed25519/internal/edwards25519 or github.com/agl/edwards25519, this package should be a safer, faster, and more powerful alternative.

Since this package is meant to curb proliferation of edwards25519 implementations in the Go ecosystem, it welcomes requests for new APIs or reviewable performance improvements.