diff options
author | Niels Möller <nisse@lysator.liu.se> | 2015-03-19 20:19:58 +0100 |
---|---|---|
committer | Niels Möller <nisse@lysator.liu.se> | 2015-03-19 20:19:58 +0100 |
commit | 5d4859c0b9f9a917d5d01c936654f611bde1d1e0 (patch) | |
tree | 71e03e13a1ceee14942d7f89144f1e2eef5b9893 | |
parent | 491056497db122323b62c9451c9ec14357facdd6 (diff) | |
download | nettle-5d4859c0b9f9a917d5d01c936654f611bde1d1e0.tar.gz |
Updated EdDSA documentation.
-rw-r--r-- | ChangeLog | 2 | ||||
-rw-r--r-- | nettle.texinfo | 30 |
2 files changed, 12 insertions, 20 deletions
@@ -1,5 +1,7 @@ 2015-03-19 Niels Möller <nisse@diamant.hack.org> + * nettle.texinfo: Updated EdDSA documentation. + * Makefile.in (DISTFILES): Added version.h.in, libnettle.map.in, and libhogweed.map.in (latter two patch by Nikos). (version.h): New make target. diff --git a/nettle.texinfo b/nettle.texinfo index 60712281..08812fa3 100644 --- a/nettle.texinfo +++ b/nettle.texinfo @@ -4260,6 +4260,7 @@ This function is intended to be compatible with the function @end deftypefun @subsubsection EdDSA +@cindex eddsa EdDSA is a signature scheme proposed by D.~J.~Bernstein et al. in 2011. It is defined using a ``Twisted Edwards curve'', of the form @math{-x^2 @@ -4278,9 +4279,9 @@ forge signatures. EdDSA also avoids the use of a randomness source by generating the needed signature nonce from a hash of the private key and the message, which means that the message is actually hashed twice when creating a signature. If signing huge messages, it is possible to hash -the message first and pass the short message digest as input to the -signa and verify functions, however, the hash collision resilience is -then lost. +the message first and pass the short message digest as input to the sign +and verify functions, however, the resilience to hash collision is then +lost. @defvr Constant ED25519_KEY_SIZE The size of a private or public Ed25519 key, 32 octets. @@ -4290,27 +4291,16 @@ The size of a private or public Ed25519 key, 32 octets. The size of an Ed25519 signature, 64 octets. @end defvr -@deftp {Context struct} {struct ed25519_private_key} -@deftpx {Context struct} {struct ed25519_public_key} -These structs represent a private and public key, respectively, expanded -into an internal representation. -@end deftp - -@deftypefun void ed25519_sha512_set_private_key (struct ed25519_private_key *@var{priv}, const uint8_t *@var{key}) -Expands a private key (@code{ED25519_KEY_SIZE} octets) into the internal -representation. -@end deftypefun - -@deftypefun void ed25519_sha512_sign (const struct ed25519_private_key *@var{priv}, size_t @var{length}, const uint8_t *@var{msg}, uint8_t *@var{signature}) -Signs a message using the provided private key. +@deftypefun void ed25519_sha512_public_key (uint8_t *@var{pub}, const uint8_t *@var{priv}) +Computes the public key corresponding to the given private key. Both +input and output are of size @code{ED25519_KEY_SIZE}. @end deftypefun -@deftypefun int ed25519_sha512_set_public_key (struct ed25519_public_key *@var{pub}, const uint8_t *@var{key}) -Expands a public key (@code{ED25519_KEY_SIZE} octets) into the internal -representation. Returns 1 on success, 0 on failure. +@deftypefun void ed25519_sha512_sign (const uint8_t *@var{pub}, const uint8_t *@var{priv}, size_t @var{length}, const uint8_t *@var{msg}, uint8_t *@var{signature}) +Signs a message using the provided key pair. @end deftypefun -@deftypefun int ed25519_sha512_verify (const struct ed25519_public_key *@var{pub}, size_t @var{length}, const uint8_t *@var{msg}, const uint8_t *@var{signature}) +@deftypefun int ed25519_sha512_verify (const uint8_t *@var{pub}, size_t @var{length}, const uint8_t *@var{msg}, const uint8_t *@var{signature}) Verifies a message using the provided public key. Returns 1 if the signature is valid, otherwise 0. @end deftypefun |