Package sign signs small messages using public-key cryptography.

    Sign uses Ed25519 to sign messages. The length of messages is not hidden. Messages should be small because: 1. The whole message needs to be held in memory to be processed. 2. Using large messages pressures implementations on small machines to process plaintext without verifying the signature. This is very dangerous, and this API discourages it, but a protocol that uses excessive message sizes might present some implementations with no other choice. 3. Performance may be improved by working with messages that fit into data caches. Thus large amounts of data should be chunked so that each message is small.

    This package is not interoperable with the current release of NaCl (, which does not support Ed25519 yet. However, it is compatible with the NaCl fork libsodium (, as well as TweetNaCl (



    View Source
    const Overhead = 64

      Overhead is the number of bytes of overhead when signing a message.


      This section is empty.


      func GenerateKey

      func GenerateKey(rand io.Reader) (publicKey *[32]byte, privateKey *[64]byte, err error)

        GenerateKey generates a new public/private key pair suitable for use with Sign and Open.

        func Open

        func Open(out, signedMessage []byte, publicKey *[32]byte) ([]byte, bool)

          Open verifies a signed message produced by Sign and appends the message to out, which must not overlap the signed message. The output will be Overhead bytes smaller than the signed message.

          func Sign

          func Sign(out, message []byte, privateKey *[64]byte) []byte

            Sign appends a signed copy of message to out, which will be Overhead bytes longer than the original and must not overlap it.


            This section is empty.

            Source Files