package ed25519
Import Path
crypto/ed25519 (on go.dev)
Dependency Relation
imports 9 packages, and imported by 2 packages
Involved Source Files
Package ed25519 implements the Ed25519 signature algorithm. See
https://ed25519.cr.yp.to/.
These functions are also compatible with the “Ed25519” function defined in
RFC 8032. However, unlike RFC 8032's formulation, this package's private key
representation includes a public key suffix to make multiple signing
operations with the same key more efficient. This package refers to the RFC
8032 private key as the “seed”.
Operations involving private keys are implemented using constant-time
algorithms.
Package-Level Type Names (total 3)
Options can be used with [PrivateKey.Sign] or [VerifyWithOptions]
to select Ed25519 variants.
Context, if not empty, selects Ed25519ctx or provides the context string
for Ed25519ph. It can be at most 255 bytes in length.
Hash can be zero for regular Ed25519, or crypto.SHA512 for Ed25519ph.
HashFunc returns o.Hash.
*Options : crypto.SignerOpts
func VerifyWithOptions(publicKey PublicKey, message, sig []byte, opts *Options) error
PrivateKey is the type of Ed25519 private keys. It implements [crypto.Signer].
Equal reports whether priv and x have the same value.
Public returns the [PublicKey] corresponding to priv.
Seed returns the private key seed corresponding to priv. It is provided for
interoperability with RFC 8032. RFC 8032's private keys correspond to seeds
in this package.
Sign signs the given message with priv. rand is ignored and can be nil.
If opts.HashFunc() is [crypto.SHA512], the pre-hashed variant Ed25519ph is used
and message is expected to be a SHA-512 hash, otherwise opts.HashFunc() must
be [crypto.Hash](0) and the message must not be hashed, as Ed25519 performs two
passes over messages to be signed.
A value of type [Options] can be used as opts, or crypto.Hash(0) or
crypto.SHA512 directly to select plain Ed25519 or Ed25519ph, respectively.
PrivateKey : crypto.Signer
func GenerateKey(rand io.Reader) (PublicKey, PrivateKey, error)
func NewKeyFromSeed(seed []byte) PrivateKey
func Sign(privateKey PrivateKey, message []byte) []byte
PublicKey is the type of Ed25519 public keys.
Equal reports whether pub and x have the same value.
func GenerateKey(rand io.Reader) (PublicKey, PrivateKey, error)
func Verify(publicKey PublicKey, message, sig []byte) bool
func VerifyWithOptions(publicKey PublicKey, message, sig []byte, opts *Options) error
Package-Level Functions (total 5)
GenerateKey generates a public/private key pair using entropy from rand.
If rand is nil, [crypto/rand.Reader] will be used.
The output of this function is deterministic, and equivalent to reading
[SeedSize] bytes from rand, and passing them to [NewKeyFromSeed].
NewKeyFromSeed calculates a private key from a seed. It will panic if
len(seed) is not [SeedSize]. This function is provided for interoperability
with RFC 8032. RFC 8032's private keys correspond to seeds in this
package.
Sign signs the message with privateKey and returns a signature. It will
panic if len(privateKey) is not [PrivateKeySize].
Verify reports whether sig is a valid signature of message by publicKey. It
will panic if len(publicKey) is not [PublicKeySize].
The inputs are not considered confidential, and may leak through timing side
channels, or if an attacker has control of part of the inputs.
VerifyWithOptions reports whether sig is a valid signature of message by
publicKey. A valid signature is indicated by returning a nil error. It will
panic if len(publicKey) is not [PublicKeySize].
If opts.Hash is [crypto.SHA512], the pre-hashed variant Ed25519ph is used and
message is expected to be a SHA-512 hash, otherwise opts.Hash must be
[crypto.Hash](0) and the message must not be hashed, as Ed25519 performs two
passes over messages to be signed.
The inputs are not considered confidential, and may leak through timing side
channels, or if an attacker has control of part of the inputs.
Package-Level Constants (total 4)
PrivateKeySize is the size, in bytes, of private keys as used in this package.
PublicKeySize is the size, in bytes, of public keys as used in this package.
SeedSize is the size, in bytes, of private key seeds. These are the private key representations used by RFC 8032.
SignatureSize is the size, in bytes, of signatures generated and verified by this package.
The pages are generated with Golds v0.7.0-preview. (GOOS=linux GOARCH=amd64) Golds is a Go 101 project developed by Tapir Liu. PR and bug reports are welcome and can be submitted to the issue list. Please follow @zigo_101 (reachable from the left QR code) to get the latest news of Golds. |