Documentation ¶
Overview ¶
Package eddsa provides EdDSA signature scheme on bw6-756's twisted edwards curve.
See also ¶
https://en.wikipedia.org/wiki/EdDSA
Example ¶
// instantiate hash function hFunc := hash.MIMC_BW6_756.New() // create a eddsa key pair privateKey, _ := GenerateKey(crand.Reader) publicKey := privateKey.PublicKey // generate a message (the size must be a multiple of the size of Fr) var _msg fr.Element _msg.SetRandom() msg := _msg.Marshal() // sign the message signature, _ := privateKey.Sign(msg, hFunc) // verifies signature isValid, _ := publicKey.Verify(signature, msg, hFunc) if !isValid { fmt.Println("1. invalid signature") } else { fmt.Println("1. valid signature") }
Output: 1. valid signature
Index ¶
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type PrivateKey ¶
type PrivateKey struct { PublicKey PublicKey // copy of the associated public key // contains filtered or unexported fields }
PrivateKey private key of an eddsa instance
func GenerateKey ¶
func GenerateKey(r io.Reader) (*PrivateKey, error)
GenerateKey generates a public and private key pair.
func (*PrivateKey) Bytes ¶
func (privKey *PrivateKey) Bytes() []byte
Bytes returns the binary representation of pk, as byte array publicKey||scalar||randSrc where publicKey is as publicKey.Bytes(), and scalar is in big endian, of size sizeFr.
func (*PrivateKey) Public ¶
func (privKey *PrivateKey) Public() signature.PublicKey
Public returns the public key associated to the private key.
func (*PrivateKey) SetBytes ¶
func (privKey *PrivateKey) SetBytes(buf []byte) (int, error)
SetBytes sets pk from buf, where buf is interpreted as publicKey||scalar||randSrc where publicKey is as publicKey.Bytes(), and scalar is in big endian, of size sizeFr. It returns the number byte read.
func (*PrivateKey) Sign ¶
Sign sign a sequence of field elements For arbitrary strings use fr.Hash first Pure Eddsa version (see https://tools.ietf.org/html/rfc8032#page-8)
type PublicKey ¶
type PublicKey struct {
A twistededwards.PointAffine
}
PublicKey eddsa signature object cf https://en.wikipedia.org/wiki/EdDSA for notation
func (*PublicKey) Bytes ¶
Bytes returns the binary representation of the public key follows https://tools.ietf.org/html/rfc8032#section-3.1 and returns a compressed representation of the point (x,y)
x, y are the coordinates of the point on the twisted Edwards as big endian integers. compressed representation store x with a parity bit to recompute y
type Signature ¶
type Signature struct { R twistededwards.PointAffine S [sizeFr]byte }
Signature represents an eddsa signature cf https://en.wikipedia.org/wiki/EdDSA for notation
func (*Signature) Bytes ¶
Bytes returns the binary representation of sig as a byte array of size 3*sizeFr x||y||s where
- x, y are the coordinates of a point on the twisted Edwards represented in big endian
- s=r+h(r,a,m) mod l, the Hasse bound guarantees that s is smaller than sizeFr (in particular it is supposed s is NOT blinded)
func (*Signature) SetBytes ¶
SetBytes sets sig from a buffer in binary. buf is read interpreted as x||y||s where
- x,y are the coordinates of a point on the twisted Edwards represented in big endian
- s=r+h(r,a,m) mod l, the Hasse bound guarantees that s is smaller than sizeFr (in particular it is supposed s is NOT blinded)
It returns the number of bytes read from buf.