• source navigation  • diff markup  • identifier search  • freetext search  • 

Sources/usign/edsign.h

  1 /* Edwards curve signature system
  2  * Daniel Beer <dlbeer@gmail.com>, 22 Apr 2014
  3  *
  4  * This file is in the public domain.
  5  */
  6 
  7 #ifndef EDSIGN_H_
  8 #define EDSIGN_H_
  9 
 10 #include <stdint.h>
 11 #include <stdbool.h>
 12 #include "sha512.h"
 13 
 14 /* This is the Ed25519 signature system, as described in:
 15  *
 16  *     Daniel J. Bernstein, Niels Duif, Tanja Lange, Peter Schwabe, Bo-Yin
 17  *     Yang. High-speed high-security signatures. Journal of Cryptographic
 18  *     Engineering 2 (2012), 77–89. Document ID:
 19  *     a1a62a2f76d23f65d622484ddd09caf8. URL:
 20  *     http://cr.yp.to/papers.html#ed25519. Date: 2011.09.26. 
 21  *
 22  * The format and calculation of signatures is compatible with the
 23  * Ed25519 implementation in SUPERCOP. Note, however, that our secret
 24  * keys are half the size: we don't store a copy of the public key in
 25  * the secret key (we generate it on demand).
 26  */
 27 
 28 /* Any string of 32 random bytes is a valid secret key. There is no
 29  * clamping of bits, because we don't use the key directly as an
 30  * exponent (the exponent is derived from part of a key expansion).
 31  */
 32 #define EDSIGN_SECRET_KEY_SIZE          32
 33 
 34 /* Given a secret key, produce the public key (a packed Edwards-curve
 35  * point).
 36  */
 37 #define EDSIGN_PUBLIC_KEY_SIZE          32
 38 
 39 void edsign_sec_to_pub(void *pub, const void *secret);
 40 
 41 /* Produce a signature for a message. */
 42 #define EDSIGN_SIGNATURE_SIZE           64
 43 
 44 void edsign_sign(uint8_t *signature, const uint8_t *pub,
 45                  const uint8_t *secret,
 46                  const uint8_t *message, size_t len);
 47 
 48 struct edsign_verify_state {
 49         struct sha512_state sha;
 50 };
 51 
 52 void edsign_verify_init(struct edsign_verify_state *st, const void *sig,
 53                         const void *pub);
 54 
 55 static inline void
 56 edsign_verify_add(struct edsign_verify_state *st, const void *data, int len)
 57 {
 58         sha512_add(&st->sha, data, len);
 59 }
 60 
 61 /* Verify a message signature. Returns non-zero if ok. */
 62 bool edsign_verify(struct edsign_verify_state *st, const void *sig, const void *pub);
 63 
 64 #endif
 65

This page was automatically generated by LXR 0.3.1.  •  OpenWrt