Class Elligator2


  • class Elligator2
    extends Object
    Elligator2 for X25519 keys. Ported from the Jan. 13, 2016 C version at https://github.com/Kleshni/Elligator-2 Note: That code was completely rewritten May 8, 2017 and is now much more complex. No apparent license.
    Since:
    0.9.44
    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      static PublicKey decode​(byte[] representative)
      From javascript version documentation: Returns an array with the point and the second argument of the corresponding call to the `encode` function.
      static PublicKey decode​(AtomicBoolean alternative, byte[] representative)
      From javascript version documentation: Returns an array with the point and the second argument of the corresponding call to the `encode` function.
      byte[] encode​(PublicKey point)
      From javascript version documentation: The algorithm can return two different values for a single x coordinate if it's not 0.
      static byte[] encode​(PublicKey point, boolean alternative)
      From javascript version documentation: The algorithm can return two different values for a single x coordinate if it's not 0.
    • Method Detail

      • encode

        public byte[] encode​(PublicKey point)
        From javascript version documentation: The algorithm can return two different values for a single x coordinate if it's not 0. Which one to return is determined by y coordinate. Since Curve25519 doesn't use y due to optimizations, you should specify a Boolean value as the second argument of the function. It should be unpredictable, because it's recoverable from the representative.
        Returns:
        "representative", little endian or null on failure
      • encode

        public static byte[] encode​(PublicKey point,
                                    boolean alternative)
        From javascript version documentation: The algorithm can return two different values for a single x coordinate if it's not 0. Which one to return is determined by y coordinate. Since Curve25519 doesn't use y due to optimizations, you should specify a Boolean value as the second argument of the function. It should be unpredictable, because it's recoverable from the representative.
        Returns:
        "representative", little endian or null on failure
      • decode

        public static PublicKey decode​(byte[] representative)
        From javascript version documentation: Returns an array with the point and the second argument of the corresponding call to the `encode` function. It's also able to return null if the representative is invalid (there are only 10 invalid representatives).
        Parameters:
        representative - the encoded data, 32 bytes
        Returns:
        x or null on failure
      • decode

        public static PublicKey decode​(AtomicBoolean alternative,
                                       byte[] representative)
        From javascript version documentation: Returns an array with the point and the second argument of the corresponding call to the `encode` function. It's also able to return null if the representative is invalid (there are only 10 invalid representatives).
        Parameters:
        alternative - out parameter, or null if you don't care
        representative - the encoded data, 32 bytes
        Returns:
        x or null on failure