Crypto++ 8.7
Free C++ class library of cryptographic schemes
Public Types | Public Member Functions | Static Public Attributes | List of all members
ed25519Signer Struct Reference

Ed25519 signature algorithm. More...

#include <xed25519.h>

+ Inheritance diagram for ed25519Signer:

Public Types

typedef Integer Element
 

Public Member Functions

 ed25519Signer ()
 Create an ed25519Signer object. More...
 
 ed25519Signer (const byte y[PUBLIC_KEYLENGTH], const byte x[SECRET_KEYLENGTH])
 Create an ed25519Signer object. More...
 
 ed25519Signer (const byte x[SECRET_KEYLENGTH])
 Create an ed25519Signer object. More...
 
 ed25519Signer (const Integer &y, const Integer &x)
 Create an ed25519Signer object. More...
 
 ed25519Signer (const Integer &x)
 Create an ed25519Signer object. More...
 
 ed25519Signer (const PKCS8PrivateKey &key)
 Create an ed25519Signer object. More...
 
 ed25519Signer (RandomNumberGenerator &rng)
 Create an ed25519Signer object. More...
 
 ed25519Signer (BufferedTransformation &params)
 Create an ed25519Signer object. More...
 
PrivateKeyAccessKey ()
 Retrieves a reference to a Private Key. More...
 
PrivateKeyAccessPrivateKey ()
 Retrieves a reference to a Private Key. More...
 
const PrivateKeyGetKey () const
 Retrieves a reference to a Private Key. More...
 
const PrivateKeyGetPrivateKey () const
 Retrieves a reference to a Private Key. More...
 
size_t SignatureLength () const
 Provides the signature length if it only depends on the key. More...
 
size_t MaxRecoverableLength () const
 Provides the length of longest message that can be recovered. More...
 
size_t MaxRecoverableLengthFromSignatureLength (size_t signatureLength) const
 Provides the length of longest message that can be recovered from a signature of given length. More...
 
bool IsProbabilistic () const
 Determines whether a signature scheme requires a random number generator. More...
 
bool AllowNonrecoverablePart () const
 Determines whether the non-recoverable message part can be signed. More...
 
bool RecoverablePartFirst () const
 Determines whether the recoverable part must be input before the non-recoverable part. More...
 
PK_MessageAccumulatorNewSignatureAccumulator (RandomNumberGenerator &rng) const
 Create a new HashTransformation to accumulate the message to be signed. More...
 
void InputRecoverableMessage (PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, size_t recoverableMessageLength) const
 Input a recoverable message to an accumulator. More...
 
size_t SignAndRestart (RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart) const
 Sign and restart messageAccumulator. More...
 
size_t SignStream (RandomNumberGenerator &rng, std::istream &stream, byte *signature) const
 Sign a stream. More...
 
- Public Member Functions inherited from PK_Signer
virtual PK_MessageAccumulatorNewSignatureAccumulator (RandomNumberGenerator &rng) const =0
 Create a new HashTransformation to accumulate the message to be signed. More...
 
virtual void InputRecoverableMessage (PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, size_t recoverableMessageLength) const =0
 Input a recoverable message to an accumulator. More...
 
virtual size_t Sign (RandomNumberGenerator &rng, PK_MessageAccumulator *messageAccumulator, byte *signature) const
 Sign and delete the messageAccumulator. More...
 
virtual size_t SignAndRestart (RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart=true) const =0
 Sign and restart messageAccumulator. More...
 
virtual size_t SignMessage (RandomNumberGenerator &rng, const byte *message, size_t messageLen, byte *signature) const
 Sign a message. More...
 
virtual size_t SignMessageWithRecovery (RandomNumberGenerator &rng, const byte *recoverableMessage, size_t recoverableMessageLength, const byte *nonrecoverableMessage, size_t nonrecoverableMessageLength, byte *signature) const
 Sign a recoverable message. More...
 
- Public Member Functions inherited from PK_SignatureScheme
virtual size_t SignatureLength () const =0
 Provides the signature length if it only depends on the key. More...
 
virtual size_t MaxSignatureLength (size_t recoverablePartLength=0) const
 Provides the maximum signature length produced given the length of the recoverable message part. More...
 
virtual size_t MaxRecoverableLength () const =0
 Provides the length of longest message that can be recovered. More...
 
virtual size_t MaxRecoverableLengthFromSignatureLength (size_t signatureLength) const =0
 Provides the length of longest message that can be recovered from a signature of given length. More...
 
virtual bool IsProbabilistic () const =0
 Determines whether a signature scheme requires a random number generator. More...
 
virtual bool AllowNonrecoverablePart () const =0
 Determines whether the non-recoverable message part can be signed. More...
 
virtual bool SignatureUpfront () const
 Determines whether the signature must be input before the message. More...
 
virtual bool RecoverablePartFirst () const =0
 Determines whether the recoverable part must be input before the non-recoverable part. More...
 
- Public Member Functions inherited from PrivateKeyAlgorithm
CryptoMaterialAccessMaterial ()
 Retrieves a reference to a Private Key. More...
 
const CryptoMaterialGetMaterial () const
 Retrieves a reference to a Private Key. More...
 
virtual PrivateKeyAccessPrivateKey ()=0
 Retrieves a reference to a Private Key. More...
 
virtual const PrivateKeyGetPrivateKey () const
 Retrieves a reference to a Private Key. More...
 
virtual CryptoMaterialAccessMaterial ()=0
 Retrieves a reference to CryptoMaterial. More...
 
virtual const CryptoMaterialGetMaterial () const =0
 Retrieves a reference to CryptoMaterial. More...
 
- Public Member Functions inherited from Algorithm
 Algorithm (bool checkSelfTestStatus=true)
 Interface for all crypto algorithms. More...
 
virtual std::string AlgorithmName () const
 Provides the name of this algorithm. More...
 
virtual std::string AlgorithmProvider () const
 Retrieve the provider of this algorithm. More...
 
- Public Member Functions inherited from Clonable
virtual ClonableClone () const
 Copies this object. More...
 

Static Public Attributes

static const int SECRET_KEYLENGTH = 32
 Size of the private key. More...
 
static const int PUBLIC_KEYLENGTH = 32
 Size of the public key. More...
 
static const int SIGNATURE_LENGTH = 64
 Size of the signature. More...
 

Detailed Description

Ed25519 signature algorithm.

Since
Crypto++ 8.0

Definition at line 498 of file xed25519.h.

Member Typedef Documentation

◆ Element

Definition at line 511 of file xed25519.h.

Constructor & Destructor Documentation

◆ ~ed25519Signer()

virtual ed25519Signer::~ed25519Signer ( )
inlinevirtual

Definition at line 513 of file xed25519.h.

◆ ed25519Signer() [1/8]

ed25519Signer::ed25519Signer ( )
inline

Create an ed25519Signer object.

Definition at line 516 of file xed25519.h.

◆ ed25519Signer() [2/8]

ed25519Signer::ed25519Signer ( const byte  y[PUBLIC_KEYLENGTH],
const byte  x[SECRET_KEYLENGTH] 
)

Create an ed25519Signer object.

Parameters
ypublic key
xprivate key

This constructor creates an ed25519Signer object using existing parameters.

Note
The public key is not validated.

Definition at line 626 of file xed25519.cpp.

◆ ed25519Signer() [3/8]

ed25519Signer::ed25519Signer ( const byte  x[SECRET_KEYLENGTH])

Create an ed25519Signer object.

Parameters
xprivate key

This constructor creates an ed25519Signer object using existing parameters. The public key is calculated from the private key.

Definition at line 633 of file xed25519.cpp.

◆ ed25519Signer() [4/8]

ed25519Signer::ed25519Signer ( const Integer y,
const Integer x 
)

Create an ed25519Signer object.

Parameters
ypublic key
xprivate key

This constructor creates an ed25519Signer object using existing parameters.

Note
The public key is not validated.

Definition at line 640 of file xed25519.cpp.

◆ ed25519Signer() [5/8]

ed25519Signer::ed25519Signer ( const Integer x)

Create an ed25519Signer object.

Parameters
xprivate key

This constructor creates an ed25519Signer object using existing parameters. The public key is calculated from the private key.

Definition at line 654 of file xed25519.cpp.

◆ ed25519Signer() [6/8]

ed25519Signer::ed25519Signer ( const PKCS8PrivateKey key)

Create an ed25519Signer object.

Parameters
keyPKCS8 private key

This constructor creates an ed25519Signer object using existing private key.

Note
The keys are not validated.
Since
Crypto++ 8.6

Definition at line 666 of file xed25519.cpp.

◆ ed25519Signer() [7/8]

ed25519Signer::ed25519Signer ( RandomNumberGenerator rng)

Create an ed25519Signer object.

Parameters
rngRandomNumberGenerator derived class

This constructor creates a new ed25519Signer using the random number generator.

Definition at line 674 of file xed25519.cpp.

◆ ed25519Signer() [8/8]

ed25519Signer::ed25519Signer ( BufferedTransformation params)

Create an ed25519Signer object.

Parameters
paramspublic and private key

This constructor creates an ed25519Signer object using existing parameters. The params can be created with Save.

Note
The public key is not validated.

Definition at line 679 of file xed25519.cpp.

Member Function Documentation

◆ AccessKey()

PrivateKey & ed25519Signer::AccessKey ( )
inline

Retrieves a reference to a Private Key.

AccessKey() retrieves a non-const reference to a private key.

Definition at line 566 of file xed25519.h.

◆ AccessPrivateKey()

PrivateKey & ed25519Signer::AccessPrivateKey ( )
inlinevirtual

Retrieves a reference to a Private Key.

Returns
a reference the private key

Implements PrivateKeyAlgorithm.

Definition at line 567 of file xed25519.h.

◆ GetKey()

const PrivateKey & ed25519Signer::GetKey ( ) const
inline

Retrieves a reference to a Private Key.

AccessKey() retrieves a const reference to a private key.

Definition at line 571 of file xed25519.h.

◆ GetPrivateKey()

const PrivateKey & ed25519Signer::GetPrivateKey ( ) const
inlinevirtual

Retrieves a reference to a Private Key.

Returns
a const reference the private key

Reimplemented from PrivateKeyAlgorithm.

Definition at line 572 of file xed25519.h.

◆ SignatureLength()

size_t ed25519Signer::SignatureLength ( ) const
inlinevirtual

Provides the signature length if it only depends on the key.

Returns
the signature length if it only depends on the key, in bytes

SignatureLength() returns the signature length if it only depends on the key, otherwise 0.

Implements PK_SignatureScheme.

Definition at line 575 of file xed25519.h.

◆ MaxRecoverableLength()

size_t ed25519Signer::MaxRecoverableLength ( ) const
inlinevirtual

Provides the length of longest message that can be recovered.

Returns
the length of longest message that can be recovered, in bytes

MaxRecoverableLength() returns the length of longest message that can be recovered, or 0 if this signature scheme does not support message recovery.

Implements PK_SignatureScheme.

Definition at line 576 of file xed25519.h.

◆ MaxRecoverableLengthFromSignatureLength()

size_t ed25519Signer::MaxRecoverableLengthFromSignatureLength ( size_t  signatureLength) const
inlinevirtual

Provides the length of longest message that can be recovered from a signature of given length.

Parameters
signatureLengththe length of the signature, in bytes
Returns
the length of longest message that can be recovered from a signature of given length, in bytes

MaxRecoverableLengthFromSignatureLength() returns the length of longest message that can be recovered from a signature of given length, or 0 if this signature scheme does not support message recovery.

Implements PK_SignatureScheme.

Definition at line 577 of file xed25519.h.

◆ IsProbabilistic()

bool ed25519Signer::IsProbabilistic ( ) const
inlinevirtual

Determines whether a signature scheme requires a random number generator.

Returns
true if the signature scheme requires a RandomNumberGenerator() to sign

if IsProbabilistic() returns false, then NullRNG() can be passed to functions that take RandomNumberGenerator().

Implements PK_SignatureScheme.

Definition at line 581 of file xed25519.h.

◆ AllowNonrecoverablePart()

bool ed25519Signer::AllowNonrecoverablePart ( ) const
inlinevirtual

Determines whether the non-recoverable message part can be signed.

Returns
true if the non-recoverable message part can be signed

Implements PK_SignatureScheme.

Definition at line 582 of file xed25519.h.

◆ RecoverablePartFirst()

bool ed25519Signer::RecoverablePartFirst ( ) const
inlinevirtual

Determines whether the recoverable part must be input before the non-recoverable part.

Returns
true if the recoverable part must be input before the non-recoverable part during signing

RecoverablePartFirst() determines whether you must input the recoverable part before the non-recoverable part during signing

Implements PK_SignatureScheme.

Definition at line 583 of file xed25519.h.

◆ NewSignatureAccumulator()

PK_MessageAccumulator * ed25519Signer::NewSignatureAccumulator ( RandomNumberGenerator rng) const
inlinevirtual

Create a new HashTransformation to accumulate the message to be signed.

Parameters
rnga RandomNumberGenerator derived class
Returns
a pointer to a PK_MessageAccumulator

NewSignatureAccumulator() can be used with all signing methods. Sign() will automatically delete the accumulator pointer. The caller is responsible for deletion if a method is called that takes a reference.

Implements PK_Signer.

Definition at line 585 of file xed25519.h.

◆ InputRecoverableMessage()

void ed25519Signer::InputRecoverableMessage ( PK_MessageAccumulator messageAccumulator,
const byte recoverableMessage,
size_t  recoverableMessageLength 
) const
inlinevirtual

Input a recoverable message to an accumulator.

Parameters
messageAccumulatora reference to a PK_MessageAccumulator
recoverableMessagea pointer to the recoverable message part to be signed
recoverableMessageLengththe size of the recoverable message part

Implements PK_Signer.

Definition at line 589 of file xed25519.h.

◆ SignAndRestart()

size_t ed25519Signer::SignAndRestart ( RandomNumberGenerator rng,
PK_MessageAccumulator messageAccumulator,
byte signature,
bool  restart 
) const
virtual

Sign and restart messageAccumulator.

Parameters
rnga RandomNumberGenerator derived class
messageAccumulatora pointer to a PK_MessageAccumulator derived class
signaturea block of bytes for the signature
restartflag indicating whether the messageAccumulator should be restarted
Returns
actual signature length
Precondition
COUNTOF(signature) == MaxSignatureLength()

Implements PK_Signer.

Definition at line 684 of file xed25519.cpp.

◆ SignStream()

size_t ed25519Signer::SignStream ( RandomNumberGenerator rng,
std::istream &  stream,
byte signature 
) const

Sign a stream.

Parameters
rnga RandomNumberGenerator derived class
streaman std::istream derived class
signaturea block of bytes for the signature
Returns
actual signature length

SignStream() handles large streams. The Stream functions were added to ed25519 for signing and verifying files that are too large for a memory allocation. The functions are not present in other library signers and verifiers.

ed25519 is a deterministic signature scheme. IsProbabilistic() returns false and the random number generator can be NullRNG().

Precondition
COUNTOF(signature) == MaxSignatureLength()
Since
Crypto++ 8.1

Definition at line 699 of file xed25519.cpp.

Member Data Documentation

◆ SECRET_KEYLENGTH

const int ed25519Signer::SECRET_KEYLENGTH = 32
static

Size of the private key.

SECRET_KEYLENGTH is the size of the private key, in bytes.

Definition at line 502 of file xed25519.h.

◆ PUBLIC_KEYLENGTH

const int ed25519Signer::PUBLIC_KEYLENGTH = 32
static

Size of the public key.

PUBLIC_KEYLENGTH is the size of the public key, in bytes.

Definition at line 505 of file xed25519.h.

◆ SIGNATURE_LENGTH

const int ed25519Signer::SIGNATURE_LENGTH = 64
static

Size of the signature.

SIGNATURE_LENGTH is the size of the signature, in bytes. ed25519 is a DL-based signature scheme. The signature is the concatenation of r || s.

Definition at line 510 of file xed25519.h.


The documentation for this struct was generated from the following files: