crypto::ed25519
ed25519: ed25519 cryptographic signature support
This module implements the ed25519 signature algorithm, as defined by RFC 8032.
Do not use the same secret key for both key exchanges and signatures. The public keys are different and revealing both may leak information.
This is a low-level module which implements cryptographic primitives. Direct use of cryptographic primitives is not recommended for non-experts, as incorrect use of these primitives can easily lead to the introduction of security vulnerabilities. Non-experts are advised to use the high-level operations available in the top-level crypto:: module.
Be advised that Hare's cryptography implementations have not been audited.
Index
Types
type elem = [FIELDSZ]i64;
type hash = struct {
h: sha512::digest,
pub: []u8,
point: point,
sig: []u8,
};
type point = struct {
x: elem,
y: elem,
z: elem,
t: elem,
};
type privkey = [PRIVKEYSZ]u8;
type pubkey = [PUBKEYSZ]u8;
type seed = [SEEDSZ]u8;
Errors
type error = !(invalidsig | invalidkey);
type invalidkey = !void;
type invalidsig = !void;
Constants
def PRIVKEYSZ: size = 64;
def PUBKEYSZ: size = 32;
def SEEDSZ: size = 32;
def SIGNATURESZ: size = 64;
Functions
fn privkey_getpubkey(priv: []u8) pubkey;
fn privkey_init(priv: []u8, seed: []u8) void;
fn sign(priv: []u8, msg: []u8) [SIGNATURESZ]u8;
fn strerror(e: error) str;
fn verifier(pub: []u8, sig: []u8) (hash | invalidkey | invalidsig);
fn verify(h: *hash) (void | invalidsig);
fn verify_buf(pub: []u8, msg: []u8, sig: []u8) (void | error);
Types
type elem
Show undocumented member
type elem = [FIELDSZ]i64;
type hash
Show undocumented member
type hash = struct {
h: sha512::digest,
pub: []u8,
point: point,
sig: []u8,
};
type point
Show undocumented member
type point = struct {
x: elem,
y: elem,
z: elem,
t: elem,
};
type privkey
Show undocumented member
type privkey = [PRIVKEYSZ]u8;
type pubkey
Show undocumented member
type pubkey = [PUBKEYSZ]u8;
type seed
Show undocumented member
type seed = [SEEDSZ]u8;
Errors
type error
type error = !(invalidsig | invalidkey);
Possible errors returned by this module.
type invalidkey
type invalidkey = !void;
Invalid key
type invalidsig
type invalidsig = !void;
Invalid signature
Constants
def PRIVKEYSZ
def PRIVKEYSZ: size = 64;
The size of an Ed25519 private key.
def PUBKEYSZ
def PUBKEYSZ: size = 32;
The size of an Ed25519 public key.
def SEEDSZ
def SEEDSZ: size = 32;
The size of an Ed25519 seed.
def SIGNATURESZ
def SIGNATURESZ: size = 64;
The size of an Ed25519 signature.
Functions
fn privkey_getpubkey
fn privkey_getpubkey(priv: []u8) pubkey;
Derive the public key for a given private key. '
fn privkey_init
fn privkey_init(priv: []u8, seed: []u8) void;
Derives a new Ed25519 private key from a given seed. The seed must be initialized to cryptographically random data; crypto::random:: is recommended for this purpose.
fn sign
fn sign(priv: []u8, msg: []u8) [SIGNATURESZ]u8;
Signs a message with a private key, returning the signature.
fn strerror
fn strerror(e: error) str;
String representation of error 'e'.
fn verifier
fn verifier(pub: []u8, sig: []u8) (hash | invalidkey | invalidsig);
Creates a hash::hash function in that the message to be verified can be written into. verify needs to be called afterwards, to verify if the signature is valid for the given message.
fn verify
fn verify(h: *hash) (void | invalidsig);
Checks if the given hash 'h' is valid.
fn verify_buf
fn verify_buf(pub: []u8, msg: []u8, sig: []u8) (void | error);
Given a public key, verifies a signature produced with the corresponding private key for a given message, returning true if the signature is valid and false otherwise.