Module dryoc::classic::crypto_sign

Expand description

Public-key signatures

This module implements libsodium’s public-key signatures, based on Ed25519.

Classic API example

use dryoc::classic::crypto_sign::*;
use dryoc::constants::CRYPTO_SIGN_BYTES;

// Generate a random signing keypair
let (public_key, secret_key) = crypto_sign_keypair();
let message = b"These violent delights have violent ends...";

// Signed message buffer needs to be correct length
let mut signed_message = vec![0u8; message.len() + CRYPTO_SIGN_BYTES];

// Sign the message, placing the result into `signed_message`
crypto_sign(&mut signed_message, message, &secret_key).expect("sign failed");

// Allocate a new buffer for opening the message
let mut opened_message = vec![0u8; message.len()];

// Open the signed message, verifying the signature
crypto_sign_open(&mut opened_message, &signed_message, &public_key).expect("verify failed");

assert_eq!(&opened_message, message);

// Create an invalid message
let mut invalid_signed_message = signed_message.clone();
invalid_signed_message[5] = !invalid_signed_message[5];

// An invalid message can't be verified
crypto_sign_open(&mut opened_message, &invalid_signed_message, &public_key)
    .expect_err("open should not succeed");

Classic API example, detached mode

use dryoc::classic::crypto_sign::*;
use dryoc::constants::CRYPTO_SIGN_BYTES;

// Generate a random signing keypair
let (public_key, secret_key) = crypto_sign_keypair();
let message = b"Brevity is the soul of wit.";
let mut signature = [0u8; CRYPTO_SIGN_BYTES];

// Sign our message
crypto_sign_detached(&mut signature, message, &secret_key).expect("sign failed");

// Verify the signature
crypto_sign_verify_detached(&signature, message, &public_key).expect("verify failed");

Re-exports

pub use super::crypto_sign_ed25519::PublicKey;

pub use super::crypto_sign_ed25519::SecretKey;

Structs

SignerState

State for incremental signing interface.

Functions

crypto_sign

Signs message, placing the result into signed_message. The length of signed_message should be the length of the message plus CRYPTO_SIGN_BYTES.

crypto_sign_detached

Signs message, placing the signature into signature upon success. Detached variant of crypto_sign_open.

crypto_sign_final_create

Finalizes the incremental signature for state, using secret_key, copying the result into signature upon success, and consuming the state.

crypto_sign_final_verify

Verifies the computed signature for state and public_key matches signature, consuming the state.

crypto_sign_init

Initializes the incremental signing interface.

crypto_sign_keypair

Randomly generates a new Ed25519 (PublicKey, SecretKey) keypair that can be used for message signing.

crypto_sign_keypair_inplace

In-place variant of crypto_sign_keypair.

crypto_sign_open

Verifies the signature of signed_message, placing the result into message. The length of message should be the length of the signed message minus CRYPTO_SIGN_BYTES.

crypto_sign_seed_keypair

Returns a keypair derived from seed, which can be used for message signing.

crypto_sign_seed_keypair_inplace

In-place variant of crypto_sign_seed_keypair.

crypto_sign_update

Updates the signature for state with message.

crypto_sign_verify_detached

Verifies that signature is a valid signature for message using the given public_key.