ed25519.h File Reference
Ed25519 elliptic curve (constant-time implementation) More...
Go to the source code of this file.
Data Structures | |
| struct | Ed25519Point |
| Extended point representation. More... | |
| struct | Ed25519State |
| Ed25519 working state. More... | |
Macros | |
| #define | ED25519_PRIVATE_KEY_LEN 32 |
| #define | ED25519_PUBLIC_KEY_LEN 32 |
| #define | ED25519_SIGNATURE_LEN 64 |
| #define | ED25519_PH_FLAG 1 |
| #define | ED25519_PH_SIZE 64 |
Functions | |
| error_t | ed25519GenerateKeyPair (const PrngAlgo *prngAlgo, void *prngContext, uint8_t *privateKey, uint8_t *publicKey) |
| EdDSA key pair generation. More... | |
| error_t | ed25519GeneratePrivateKey (const PrngAlgo *prngAlgo, void *prngContext, uint8_t *privateKey) |
| EdDSA private key generation. More... | |
| error_t | ed25519GeneratePublicKey (const uint8_t *privateKey, uint8_t *publicKey) |
| Derive the public key from an EdDSA private key. More... | |
| error_t | ed25519GenerateSignature (const uint8_t *privateKey, const uint8_t *publicKey, const void *message, size_t messageLen, const void *context, uint8_t contextLen, uint8_t flag, uint8_t *signature) |
| EdDSA signature generation. More... | |
| error_t | ed25519GenerateSignatureEx (const uint8_t *privateKey, const uint8_t *publicKey, const EddsaMessageChunk *messageChunks, const void *context, uint8_t contextLen, uint8_t flag, uint8_t *signature) |
| EdDSA signature generation. More... | |
| error_t | ed25519VerifySignature (const uint8_t *publicKey, const void *message, size_t messageLen, const void *context, uint8_t contextLen, uint8_t flag, const uint8_t *signature) |
| EdDSA signature verification. More... | |
| error_t | ed25519VerifySignatureEx (const uint8_t *publicKey, const EddsaMessageChunk *messageChunks, const void *context, uint8_t contextLen, uint8_t flag, const uint8_t *signature) |
| EdDSA signature verification. More... | |
| void | ed25519Mul (Ed25519State *state, Ed25519Point *r, const uint8_t *k, const Ed25519Point *p) |
| Scalar multiplication on Ed25519 curve. More... | |
| void | ed25519Add (Ed25519State *state, Ed25519Point *r, const Ed25519Point *p, const Ed25519Point *q) |
| Point addition. More... | |
| void | ed25519Double (Ed25519State *state, Ed25519Point *r, const Ed25519Point *p) |
| Point doubling. More... | |
| void | ed25519Encode (Ed25519Point *p, uint8_t *data) |
| Point encoding. More... | |
| uint32_t | ed25519Decode (Ed25519Point *p, const uint8_t *data) |
| Point decoding. More... | |
| void | ed25519RedInt (uint8_t *r, const uint8_t *a) |
| Reduce an integer modulo L. More... | |
| void | ed25519AddInt (uint8_t *r, const uint8_t *a, const uint8_t *b, uint_t n) |
| Addition of two integers. More... | |
| uint8_t | ed25519SubInt (uint8_t *r, const uint8_t *a, const uint8_t *b, uint_t n) |
| Subtraction of two integers. More... | |
| void | ed25519MulInt (uint8_t *rl, uint8_t *rh, const uint8_t *a, const uint8_t *b, uint_t n) |
| Multiplication of two integers. More... | |
| void | ed25519CopyInt (uint8_t *a, const uint8_t *b, uint_t n) |
| Copy an integer. More... | |
| void | ed25519SelectInt (uint8_t *r, const uint8_t *a, const uint8_t *b, uint8_t c, uint_t n) |
| Select an integer. More... | |
| uint8_t | ed25519CompInt (const uint8_t *a, const uint8_t *b, uint_t n) |
| Compare integers. More... | |
Detailed Description
Ed25519 elliptic curve (constant-time implementation)
License
SPDX-License-Identifier: GPL-2.0-or-later
Copyright (C) 2010-2024 Oryx Embedded SARL. All rights reserved.
This file is part of CycloneCRYPTO Open.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- Version
- 2.4.0
Definition in file ed25519.h.
Macro Definition Documentation
◆ ED25519_PH_FLAG
◆ ED25519_PH_SIZE
◆ ED25519_PRIVATE_KEY_LEN
◆ ED25519_PUBLIC_KEY_LEN
◆ ED25519_SIGNATURE_LEN
Function Documentation
◆ ed25519Add()
| void ed25519Add | ( | Ed25519State * | state, |
| Ed25519Point * | r, | ||
| const Ed25519Point * | p, | ||
| const Ed25519Point * | q | ||
| ) |
◆ ed25519AddInt()
| void ed25519AddInt | ( | uint8_t * | r, |
| const uint8_t * | a, | ||
| const uint8_t * | b, | ||
| uint_t | n | ||
| ) |
◆ ed25519CompInt()
| uint8_t ed25519CompInt | ( | const uint8_t * | a, |
| const uint8_t * | b, | ||
| uint_t | n | ||
| ) |
◆ ed25519CopyInt()
| void ed25519CopyInt | ( | uint8_t * | a, |
| const uint8_t * | b, | ||
| uint_t | n | ||
| ) |
◆ ed25519Decode()
| uint32_t ed25519Decode | ( | Ed25519Point * | p, |
| const uint8_t * | data | ||
| ) |
◆ ed25519Double()
| void ed25519Double | ( | Ed25519State * | state, |
| Ed25519Point * | r, | ||
| const Ed25519Point * | p | ||
| ) |
◆ ed25519Encode()
| void ed25519Encode | ( | Ed25519Point * | p, |
| uint8_t * | data | ||
| ) |
◆ ed25519GenerateKeyPair()
◆ ed25519GeneratePrivateKey()
◆ ed25519GeneratePublicKey()
| error_t ed25519GeneratePublicKey | ( | const uint8_t * | privateKey, |
| uint8_t * | publicKey | ||
| ) |
◆ ed25519GenerateSignature()
| error_t ed25519GenerateSignature | ( | const uint8_t * | privateKey, |
| const uint8_t * | publicKey, | ||
| const void * | message, | ||
| size_t | messageLen, | ||
| const void * | context, | ||
| uint8_t | contextLen, | ||
| uint8_t | flag, | ||
| uint8_t * | signature | ||
| ) |
EdDSA signature generation.
- Parameters
-
[in] privateKey Signer's EdDSA private key (32 bytes) [in] publicKey Signer's EdDSA public key (32 bytes) [in] message Pointer to the message to be signed [in] messageLen Length of the message, in bytes [in] context Constant string specified by the protocol using it [in] contextLen Length of the context, in bytes [in] flag Prehash flag for Ed25519ph scheme [out] signature EdDSA signature (64 bytes)
- Returns
- Error code
◆ ed25519GenerateSignatureEx()
| error_t ed25519GenerateSignatureEx | ( | const uint8_t * | privateKey, |
| const uint8_t * | publicKey, | ||
| const EddsaMessageChunk * | messageChunks, | ||
| const void * | context, | ||
| uint8_t | contextLen, | ||
| uint8_t | flag, | ||
| uint8_t * | signature | ||
| ) |
EdDSA signature generation.
- Parameters
-
[in] privateKey Signer's EdDSA private key (32 bytes) [in] publicKey Signer's EdDSA public key (32 bytes) [in] messageChunks Collection of chunks representing the message to be signed [in] context Constant string specified by the protocol using it [in] contextLen Length of the context, in bytes [in] flag Prehash flag for Ed25519ph scheme [out] signature EdDSA signature (64 bytes)
- Returns
- Error code
◆ ed25519Mul()
| void ed25519Mul | ( | Ed25519State * | state, |
| Ed25519Point * | r, | ||
| const uint8_t * | k, | ||
| const Ed25519Point * | p | ||
| ) |
◆ ed25519MulInt()
| void ed25519MulInt | ( | uint8_t * | rl, |
| uint8_t * | rh, | ||
| const uint8_t * | a, | ||
| const uint8_t * | b, | ||
| uint_t | n | ||
| ) |
Multiplication of two integers.
- Parameters
-
[out] rl Low part of the result R = (A + B) mod (2^8)^n [out] rh High part of the result R = (A + B) / (2^8)^n [in] a An integer such as 0 <= A < (2^8)^n [in] b An integer such as 0 <= B < (2^8)^n [in] n Size of the operands, in bytes
◆ ed25519RedInt()
| void ed25519RedInt | ( | uint8_t * | r, |
| const uint8_t * | a | ||
| ) |
Reduce an integer modulo L.
This function implements Barrett reduction with b = 2^8 and k = 32. The algorithm requires the precomputation of the quantity mu = b^(2 * k) / L
- Parameters
-
[out] r Resulting integer R = A mod L [in] a An integer such as 0 <= A < b^(2 * k)
◆ ed25519SelectInt()
| void ed25519SelectInt | ( | uint8_t * | r, |
| const uint8_t * | a, | ||
| const uint8_t * | b, | ||
| uint8_t | c, | ||
| uint_t | n | ||
| ) |
◆ ed25519SubInt()
| uint8_t ed25519SubInt | ( | uint8_t * | r, |
| const uint8_t * | a, | ||
| const uint8_t * | b, | ||
| uint_t | n | ||
| ) |
◆ ed25519VerifySignature()
| error_t ed25519VerifySignature | ( | const uint8_t * | publicKey, |
| const void * | message, | ||
| size_t | messageLen, | ||
| const void * | context, | ||
| uint8_t | contextLen, | ||
| uint8_t | flag, | ||
| const uint8_t * | signature | ||
| ) |
EdDSA signature verification.
- Parameters
-
[in] publicKey Signer's EdDSA public key (32 bytes) [in] message Message whose signature is to be verified [in] messageLen Length of the message, in bytes [in] context Constant string specified by the protocol using it [in] contextLen Length of the context, in bytes [in] flag Prehash flag for Ed25519ph scheme [in] signature EdDSA signature (64 bytes)
- Returns
- Error code
◆ ed25519VerifySignatureEx()
| error_t ed25519VerifySignatureEx | ( | const uint8_t * | publicKey, |
| const EddsaMessageChunk * | messageChunks, | ||
| const void * | context, | ||
| uint8_t | contextLen, | ||
| uint8_t | flag, | ||
| const uint8_t * | signature | ||
| ) |
EdDSA signature verification.
- Parameters
-
[in] publicKey Signer's EdDSA public key (32 bytes) [in] messageChunks Collection of chunks representing the message whose signature is to be verified [in] context Constant string specified by the protocol using it [in] contextLen Length of the context, in bytes [in] flag Prehash flag for Ed25519ph scheme [in] signature EdDSA signature (64 bytes)
- Returns
- Error code