libdecaf
Loading...
Searching...
No Matches
ed255.h
Go to the documentation of this file.
1
15#ifndef __DECAF_ED255_H__
16#define __DECAF_ED255_H__ 1
17
18#include <decaf/point_255.h>
19#include <decaf/shake.h>
20#include <decaf/sha512.h>
21
22#ifdef __cplusplus
23extern "C" {
24#endif
25
27#define DECAF_EDDSA_25519_PUBLIC_BYTES 32
28
30#define DECAF_EDDSA_25519_PRIVATE_BYTES DECAF_EDDSA_25519_PUBLIC_BYTES
31
33#define DECAF_EDDSA_25519_SIGNATURE_BYTES (DECAF_EDDSA_25519_PUBLIC_BYTES + DECAF_EDDSA_25519_PRIVATE_BYTES)
34
36#if defined _MSC_VER /* Different syntax for exposing API */
37#define DECAF_EDDSA_25519_SUPPORTS_CONTEXTLESS_SIGS 1
38extern const DECAF_API_VIS uint8_t * const DECAF_ED25519_NO_CONTEXT;
39
40#else
41#define DECAF_EDDSA_25519_SUPPORTS_CONTEXTLESS_SIGS 1
42DECAF_API_VIS extern const uint8_t * const DECAF_ED25519_NO_CONTEXT;
43
44#endif
45
47#define decaf_ed25519_prehash_ctx_s decaf_sha512_ctx_s
48
50#define decaf_ed25519_prehash_ctx_t decaf_sha512_ctx_t
51
53#define decaf_ed25519_prehash_update decaf_sha512_update
54
56#define decaf_ed25519_prehash_destroy decaf_sha512_destroy
57
59#define DECAF_255_EDDSA_ENCODE_RATIO 4
60
62#define DECAF_255_EDDSA_DECODE_RATIO (8 / 4)
63
64#ifndef DECAF_EDDSA_NON_KEYPAIR_API_IS_DEPRECATED
66#define DECAF_EDDSA_NON_KEYPAIR_API_IS_DEPRECATED 1
67#endif
68
71typedef struct decaf_eddsa_25519_keypair_s {
72 uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES];
73 uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES];
74} decaf_eddsa_25519_keypair_s, decaf_eddsa_25519_keypair_t[1];
85 uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES],
86 const uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES]
87) DECAF_NONNULL DECAF_NOINLINE;
88
96void DECAF_API_VIS decaf_ed25519_derive_keypair (
97 decaf_eddsa_25519_keypair_t keypair,
98 const uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES]
99) DECAF_NONNULL DECAF_NOINLINE;
100
108 uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES],
109 const decaf_eddsa_25519_keypair_t keypair
110) DECAF_NONNULL DECAF_NOINLINE;
111
119 uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES],
120 const decaf_eddsa_25519_keypair_t keypair
121) DECAF_NONNULL DECAF_NOINLINE;
122
128 decaf_eddsa_25519_keypair_t keypair
129) DECAF_NONNULL DECAF_NOINLINE;
130
152void DECAF_API_VIS decaf_ed25519_sign (
153 uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES],
154 const uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES],
155 const uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES],
156 const uint8_t *message,
157 size_t message_len,
158 uint8_t prehashed,
159 const uint8_t *context,
160 uint8_t context_len
161) __attribute__((nonnull(1,2,3))) DECAF_NOINLINE
162#if DECAF_EDDSA_NON_KEYPAIR_API_IS_DEPRECATED
163 __attribute__((deprecated("Passing the pubkey and privkey separately is unsafe, use "
164 "decaf_ed25519_keypair_sign")))
165#endif
166;
167
182void DECAF_API_VIS decaf_ed25519_sign_prehash (
183 uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES],
184 const uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES],
185 const uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES],
187 const uint8_t *context,
188 uint8_t context_len
189) __attribute__((nonnull(1,2,3,4))) DECAF_NOINLINE
190#if DECAF_EDDSA_NON_KEYPAIR_API_IS_DEPRECATED
191 __attribute__((deprecated("Passing the pubkey and privkey separately is unsafe, use "
192 "decaf_ed25519_keypair_sign_prehash")))
193#endif
194;
195
207void DECAF_API_VIS decaf_ed25519_keypair_sign (
208 uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES],
209 const decaf_eddsa_25519_keypair_t keypair,
210 const uint8_t *message,
211 size_t message_len,
212 uint8_t prehashed,
213 const uint8_t *context,
214 uint8_t context_len
215) __attribute__((nonnull(1,2,3))) DECAF_NOINLINE;
216
227 uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES],
228 const decaf_eddsa_25519_keypair_t keypair,
230 const uint8_t *context,
231 uint8_t context_len
232) __attribute__((nonnull(1,2,3,4))) DECAF_NOINLINE;
233
239void DECAF_API_VIS decaf_ed25519_prehash_init (
241) __attribute__((nonnull(1))) DECAF_NOINLINE;
242
262 const uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES],
263 const uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES],
264 const uint8_t *message,
265 size_t message_len,
266 uint8_t prehashed,
267 const uint8_t *context,
268 uint8_t context_len
269) __attribute__((nonnull(1,2))) DECAF_NOINLINE;
270
288 const uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES],
289 const uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES],
291 const uint8_t *context,
292 uint8_t context_len
293) __attribute__((nonnull(1,2))) DECAF_NOINLINE;
294
321 const decaf_255_point_t p
322) DECAF_NONNULL DECAF_NOINLINE;
323
335 const uint8_t enc[DECAF_EDDSA_25519_PUBLIC_BYTES]
336) DECAF_NONNULL DECAF_NOINLINE;
337
350 uint8_t x[DECAF_X25519_PUBLIC_BYTES],
351 const uint8_t ed[DECAF_EDDSA_25519_PUBLIC_BYTES]
352) DECAF_NONNULL DECAF_NOINLINE;
353
364 const uint8_t ed[DECAF_EDDSA_25519_PRIVATE_BYTES]
365) DECAF_NONNULL DECAF_NOINLINE;
366
367#ifdef __cplusplus
368} /* extern "C" */
369#endif
370
371#endif /* __DECAF_ED255_H__ */
decaf_error_t
Another boolean type used to indicate success or failure.
Definition common.h:120
void DECAF_API_VIS decaf_ed25519_prehash_init(decaf_ed25519_prehash_ctx_t hash) DECAF_NOINLINE
Prehash initialization, with contexts if supported.
void DECAF_API_VIS decaf_255_point_mul_by_ratio_and_encode_like_eddsa(uint8_t enc[DECAF_EDDSA_25519_PUBLIC_BYTES], const decaf_255_point_t p) DECAF_NONNULL DECAF_NOINLINE
EdDSA point encoding.
void DECAF_API_VIS decaf_ed25519_keypair_sign_prehash(uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES], const decaf_eddsa_25519_keypair_t keypair, const decaf_ed25519_prehash_ctx_t hash, const uint8_t *context, uint8_t context_len) DECAF_NOINLINE
EdDSA signing with prehash.
void DECAF_API_VIS decaf_ed25519_convert_private_key_to_x25519(uint8_t x[DECAF_X25519_PRIVATE_BYTES], const uint8_t ed[DECAF_EDDSA_25519_PRIVATE_BYTES]) DECAF_NONNULL DECAF_NOINLINE
EdDSA to ECDH private key conversion Using the appropriate hash function, hash the EdDSA private key ...
decaf_error_t DECAF_API_VIS decaf_ed25519_verify_prehash(const uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES], const uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES], const decaf_ed25519_prehash_ctx_t hash, const uint8_t *context, uint8_t context_len) DECAF_NOINLINE
EdDSA signature verification.
#define DECAF_EDDSA_25519_PRIVATE_BYTES
Number of bytes in an EdDSA private key.
Definition ed255.h:30
void DECAF_API_VIS decaf_ed25519_keypair_destroy(decaf_eddsa_25519_keypair_t keypair) DECAF_NONNULL DECAF_NOINLINE
EdDSA keypair destructor.
#define decaf_ed25519_prehash_ctx_t
Prehash context, array[1] form.
Definition ed255.h:50
void DECAF_API_VIS decaf_ed25519_derive_public_key(uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES], const uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES]) DECAF_NONNULL DECAF_NOINLINE
EdDSA key generation.
void DECAF_API_VIS decaf_ed25519_convert_public_key_to_x25519(uint8_t x[DECAF_X25519_PUBLIC_BYTES], const uint8_t ed[DECAF_EDDSA_25519_PUBLIC_BYTES]) DECAF_NONNULL DECAF_NOINLINE
EdDSA to ECDH public key conversion Deserialize the point to get y on Edwards curve,...
Definition decaf.c:1335
void DECAF_API_VIS decaf_ed25519_derive_keypair(decaf_eddsa_25519_keypair_t keypair, const uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES]) DECAF_NONNULL DECAF_NOINLINE
EdDSA keypair scheduling.
void DECAF_API_VIS decaf_ed25519_keypair_sign(uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES], const decaf_eddsa_25519_keypair_t keypair, const uint8_t *message, size_t message_len, uint8_t prehashed, const uint8_t *context, uint8_t context_len) DECAF_NOINLINE
EdDSA signing.
decaf_error_t DECAF_API_VIS decaf_255_point_decode_like_eddsa_and_mul_by_ratio(decaf_255_point_t p, const uint8_t enc[DECAF_EDDSA_25519_PUBLIC_BYTES]) DECAF_NONNULL DECAF_NOINLINE
EdDSA point decoding.
void DECAF_API_VIS decaf_ed25519_keypair_extract_private_key(uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES], const decaf_eddsa_25519_keypair_t keypair) DECAF_NONNULL DECAF_NOINLINE
Extract the private key from an EdDSA keypair.
void DECAF_API_VIS decaf_ed25519_sign_prehash(uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES], const uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES], const uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES], const decaf_ed25519_prehash_ctx_t hash, const uint8_t *context, uint8_t context_len) DECAF_NOINLINE
EdDSA signing with prehash.
decaf_error_t DECAF_API_VIS decaf_ed25519_verify(const uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES], const uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES], const uint8_t *message, size_t message_len, uint8_t prehashed, const uint8_t *context, uint8_t context_len) DECAF_NOINLINE
EdDSA signature verification.
void DECAF_API_VIS decaf_ed25519_keypair_extract_public_key(uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES], const decaf_eddsa_25519_keypair_t keypair) DECAF_NONNULL DECAF_NOINLINE
Extract the public key from an EdDSA keypair.
#define DECAF_EDDSA_25519_PUBLIC_BYTES
Number of bytes in an EdDSA public key.
Definition ed255.h:27
#define DECAF_EDDSA_25519_SIGNATURE_BYTES
Number of bytes in an EdDSA private key.
Definition ed255.h:33
void DECAF_API_VIS decaf_ed25519_sign(uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES], const uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES], const uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES], const uint8_t *message, size_t message_len, uint8_t prehashed, const uint8_t *context, uint8_t context_len) DECAF_NOINLINE
EdDSA signing.
A group of prime order p, based on Curve25519.
struct decaf_255_point_s decaf_255_point_t[1]
Representation of a point on the elliptic curve.
#define DECAF_X25519_PRIVATE_BYTES
Number of bytes in an x25519 private key.
Definition point_255.h:65
#define DECAF_X25519_PUBLIC_BYTES
Number of bytes in an x25519 public key.
Definition point_255.h:62
SHA2-512.