Documentation ¶
Overview ¶
Package ed25519 implements the Ed25519 signature algorithm. See https://ed25519.cr.yp.to/.
These functions are also compatible with the “Ed25519” function defined in RFC 8032.
Index ¶
- Constants
- Variables
- func ECP2OS(P *edwards25519.ExtendedGroupElement) []byte
- func ECP2OSProj(P *edwards25519.ProjectiveGroupElement) []byte
- func ECVRFDecodeProof(pi []byte) (r *edwards25519.ExtendedGroupElement, c *[N2]byte, s *[N2]byte, err error)
- func ECVRFHashPoints(ps ...[]byte) *big.Int
- func ECVRFHashToCurve(m []byte, pk PublicKey) *edwards25519.ExtendedGroupElement
- func ECVRFProof2hash(pi VRFProve) []byte
- func ECVRFVerify(pk PublicKey, pi VRFProve, m []byte) (bool, error)
- func F2IP(f *[32]byte) *big.Int
- func G() *edwards25519.ExtendedGroupElement
- func GeAdd(p, qe *edwards25519.ExtendedGroupElement) *edwards25519.ExtendedGroupElement
- func GeDouble(p *edwards25519.ExtendedGroupElement) *edwards25519.ExtendedGroupElement
- func GeScalarMult(h *edwards25519.ExtendedGroupElement, a *[32]byte) *edwards25519.ExtendedGroupElement
- func GenerateKey(rand io.Reader) (publicKey PublicKey, privateKey PrivateKey, err error)
- func I2OSP(b *big.Int, n int) []byte
- func OS2ECP(os []byte, sign byte) *edwards25519.ExtendedGroupElement
- func OS2IP(os []byte) *big.Int
- func S2OS(s []byte) []byte
- func Sign(privateKey PrivateKey, message []byte) []byte
- func ToCached(r *CachedGroupElement, p *edwards25519.ExtendedGroupElement)
- func Verify(publicKey PublicKey, message, sig []byte) bool
- type CachedGroupElement
- type PrivateKey
- type PublicKey
- type VRFProve
- type VRFRandomValue
Constants ¶
const ( // PublicKeySize is the size, in bytes, of public keys as used in this package. PublicKeySize = 32 // PrivateKeySize is the size, in bytes, of private keys as used in this package. PrivateKeySize = 64 // SignatureSize is the size, in bytes, of signatures generated and verified by this package. SignatureSize = 64 )
const ( N2 = 32 // ceil(log2(q) / 8) N = N2 / 2 NOSIGN = 3 )
const ( // RandomValueSize is the size, in bytes, of VRF random value as used in this package. RandomValueSize = 32 // ProveSize is the size, in bytes, of VRF prove as used in this package. ProveSize = 81 )
Variables ¶
Functions ¶
func ECP2OS ¶
func ECP2OS(P *edwards25519.ExtendedGroupElement) []byte
func ECP2OSProj ¶
func ECP2OSProj(P *edwards25519.ProjectiveGroupElement) []byte
func ECVRFDecodeProof ¶
func ECVRFDecodeProof(pi []byte) (r *edwards25519.ExtendedGroupElement, c *[N2]byte, s *[N2]byte, err error)
func ECVRFHashPoints ¶
func ECVRFHashToCurve ¶
func ECVRFHashToCurve(m []byte, pk PublicKey) *edwards25519.ExtendedGroupElement
func ECVRFProof2hash ¶
ECVRFProof2hash obtains the VRF hash value from the prove
func ECVRFVerify ¶
ECVRFVerify reports whether pi is a valid VRF prove of m by publickey pk
func G ¶
func G() *edwards25519.ExtendedGroupElement
func GeAdd ¶
func GeAdd(p, qe *edwards25519.ExtendedGroupElement) *edwards25519.ExtendedGroupElement
func GeDouble ¶
func GeDouble(p *edwards25519.ExtendedGroupElement) *edwards25519.ExtendedGroupElement
func GeScalarMult ¶
func GeScalarMult(h *edwards25519.ExtendedGroupElement, a *[32]byte) *edwards25519.ExtendedGroupElement
func GenerateKey ¶
func GenerateKey(rand io.Reader) (publicKey PublicKey, privateKey PrivateKey, err error)
GenerateKey generates a public/private key pair using entropy from rand. If rand is nil, crypto/rand.Reader will be used.
func OS2ECP ¶
func OS2ECP(os []byte, sign byte) *edwards25519.ExtendedGroupElement
func Sign ¶
func Sign(privateKey PrivateKey, message []byte) []byte
Sign signs the message with privateKey and returns a signature. It will panic if len(privateKey) is not PrivateKeySize.
func ToCached ¶
func ToCached(r *CachedGroupElement, p *edwards25519.ExtendedGroupElement)
Types ¶
type CachedGroupElement ¶
type CachedGroupElement struct {
Z, T2d edwards25519.FieldElement
// contains filtered or unexported fields
}
copied from edwards25519.go and const.go in golang.org/x/crypto/ed25519/internal/edwards25519
type PrivateKey ¶
type PrivateKey []byte
PrivateKey is the type of Ed25519 private keys. It implements crypto.Signer.
func (PrivateKey) Public ¶
func (priv PrivateKey) Public() crypto.PublicKey
Public returns the PublicKey corresponding to priv.
func (PrivateKey) Sign ¶
func (priv PrivateKey) Sign(rand io.Reader, message []byte, opts crypto.SignerOpts) (signature []byte, err error)
Sign signs the given message with priv. Ed25519 performs two passes over messages to be signed and therefore cannot handle pre-hashed messages. Thus opts.HashFunc() must return zero to indicate the message hasn't been hashed. This can be achieved by passing crypto.Hash(0) as the value for opts.
type VRFProve ¶
type VRFProve []byte //ProveSize = 81 in bytes
VRFProve is the output prove of VRF_Ed25519.
func ECVRFProve ¶
func ECVRFProve(pk PublicKey, sk PrivateKey, m []byte) (pi VRFProve, err error)
ECVRFProve generates the VRF prove, assume <pk, sk> were generated by ed25519.GenerateKey()
type VRFRandomValue ¶
type VRFRandomValue []byte //RandomValueSize = 32 in bytes
VRFRandomValue is the output random value of VRF_Ed25519.