Documentation ¶
Overview ¶
Package ed448 implements the Ed448 signature algorithm defined in RFC 8032.
These functions are also compatible with the “Ed448” function defined in RFC 8032. However, unlike RFC 8032's formulation, this package's private key representation includes a public key suffix to make multiple signing operations with the same key more efficient. This package refers to the RFC 8032 private key as the “seed”.
Index ¶
- Constants
- func GenerateKey(rand io.Reader) (PublicKey, PrivateKey, error)
- func MarshalPrivateKey(key PrivateKey) ([]byte, error)
- func MarshalPublicKey(key PublicKey) ([]byte, error)
- func Sign(privateKey PrivateKey, message []byte) []byte
- func Verify(publicKey PublicKey, message, sig []byte) bool
- func VerifyWithOptions(publicKey PublicKey, message, sig []byte, opts crypto.SignerOpts) error
- type Options
- type PrivateKey
- type PublicKey
- type SchemeID
Constants ¶
const ( // ContextMaxSize is the maximum length (in bytes) allowed for context. ContextMaxSize = 255 // PublicKeySize is the size, in bytes, of public keys as used in this package. PublicKeySize = 57 // PrivateKeySize is the size, in bytes, of private keys as used in this package. PrivateKeySize = 114 // SignatureSize is the size, in bytes, of signatures generated and verified by this package. SignatureSize = 114 // SeedSize is the size, in bytes, of private key seeds. These are the private key representations used by RFC 8032. SeedSize = 57 )
Variables ¶
This section is empty.
Functions ¶
func GenerateKey ¶
func GenerateKey(rand io.Reader) (PublicKey, PrivateKey, error)
GenerateKey generates a public/private key pair using entropy from rand. If rand is nil, crypto/rand.Reader will be used.
func MarshalPrivateKey ¶
func MarshalPrivateKey(key PrivateKey) ([]byte, error)
Marshal PrivateKey to der
func MarshalPublicKey ¶
Marshal PublicKey to der
func Sign ¶
func Sign(privateKey PrivateKey, message []byte) []byte
Sign signs the message with privateKey and returns a signature. It will panic if len(privateKey) is not PrivateKeySize.
func Verify ¶
Verify reports whether sig is a valid signature of message by publicKey. It will panic if len(publicKey) is not PublicKeySize.
func VerifyWithOptions ¶
func VerifyWithOptions(publicKey PublicKey, message, sig []byte, opts crypto.SignerOpts) error
VerifyWithOptions reports whether sig is a valid signature of message by publicKey. A valid signature is indicated by returning a nil error. It will panic if len(publicKey) is not PublicKeySize.
Types ¶
type Options ¶
type Options struct { // Hash must be crypto.Hash(0) for both Ed448 and Ed448Ph. Hash crypto.Hash // Context is an optional domain separation string for signing. // Its length must be less or equal than 255 bytes. Context string // Scheme is an identifier for choosing a signature scheme. Scheme SchemeID }
Options implements crypto.SignerOpts and augments with parameters that are specific to the Ed448 signature schemes.
type PrivateKey ¶
type PrivateKey []byte
PrivateKey is the type of Ed448 private keys.
func NewKeyFromSeed ¶
func NewKeyFromSeed(seed []byte) PrivateKey
NewKeyFromSeed calculates a private key from a seed. It will panic if len(seed) is not SeedSize. This function is provided for interoperability with RFC 8032. RFC 8032's private keys correspond to seeds in this package.
func ParsePrivateKey ¶
func ParsePrivateKey(derBytes []byte) (PrivateKey, error)
Parse PrivateKey der
func (PrivateKey) Equal ¶
func (priv PrivateKey) Equal(x crypto.PrivateKey) bool
Equal reports whether priv and x have the same value.
func (PrivateKey) Public ¶
func (priv PrivateKey) Public() crypto.PublicKey
Public returns the PublicKey corresponding to priv.
func (PrivateKey) Seed ¶
func (priv PrivateKey) Seed() []byte
Seed returns the private key seed corresponding to priv. It is provided for interoperability with RFC 8032. RFC 8032's private keys correspond to seeds in this package.
func (PrivateKey) Sign ¶
func (priv PrivateKey) Sign(rand io.Reader, message []byte, opts crypto.SignerOpts) (signature []byte, err error)
Sign signs the given message with priv. Ed448 performs two passes over messages to be signed and therefore cannot handle pre-hashed messages. Thus opts.HashFunc() must return zero to indicate the message hasn't been hashed. This can be achieved by passing crypto.Hash(0) as the value for opts.
type PublicKey ¶
type PublicKey []byte
PublicKey is the type of Ed448 public keys.
func ParsePublicKey ¶
Parse PublicKey der