Module dryoc::classic::crypto_sign

Public-key signatures

This module implements libsodium’s public-key signatures, based on Ed25519.

Classic API example

use dryoc::classic::crypto_sign::*;
use dryoc::constants::CRYPTO_SIGN_BYTES;

// Generate a random signing keypair
let (public_key, secret_key) = crypto_sign_keypair();
let message = b"These violent delights have violent ends...";

// Signed message buffer needs to be correct length
let mut signed_message = vec![0u8; message.len() + CRYPTO_SIGN_BYTES];

// Sign the message, placing the result into `signed_message`
crypto_sign(&mut signed_message, message, &secret_key).expect("sign failed");

// Allocate a new buffer for opening the message
let mut opened_message = vec![0u8; message.len()];

// Open the signed message, verifying the signature
crypto_sign_open(&mut opened_message, &signed_message, &public_key).expect("verify failed");

assert_eq!(&opened_message, message);

// Create an invalid message
let mut invalid_signed_message = signed_message.clone();
invalid_signed_message[5] = !invalid_signed_message[5];

// An invalid message can't be verified
crypto_sign_open(&mut opened_message, &invalid_signed_message, &public_key)
    .expect_err("open should not succeed");

Classic API example, detached mode

use dryoc::classic::crypto_sign::*;
use dryoc::constants::CRYPTO_SIGN_BYTES;

// Generate a random signing keypair
let (public_key, secret_key) = crypto_sign_keypair();
let message = b"Brevity is the soul of wit.";
let mut signature = [0u8; CRYPTO_SIGN_BYTES];

// Sign our message
crypto_sign_detached(&mut signature, message, &secret_key).expect("sign failed");

// Verify the signature
crypto_sign_verify_detached(&signature, message, &public_key).expect("verify failed");

Re-exports

• pub use super::crypto_sign_ed25519::PublicKey;
• pub use super::crypto_sign_ed25519::SecretKey;

Structs

• SignerState
  State for incremental signing interface.

Functions

• crypto_sign
  Signs message, placing the result into signed_message. The length of signed_message should be the length of the message plus CRYPTO_SIGN_BYTES.
• crypto_sign_detached
  Signs message, placing the signature into signature upon success. Detached variant of crypto_sign_open.
• crypto_sign_final_create
  Finalizes the incremental signature for state, using secret_key, copying the result into signature upon success, and consuming the state.
• crypto_sign_final_verify
  Verifies the computed signature for state and public_key matches signature, consuming the state.
• crypto_sign_init
  Initializes the incremental signing interface.
• crypto_sign_keypair
  Randomly generates a new Ed25519 (PublicKey, SecretKey) keypair that can be used for message signing.
• crypto_sign_keypair_inplace
  In-place variant of crypto_sign_keypair.
• crypto_sign_open
  Verifies the signature of signed_message, placing the result into message. The length of message should be the length of the signed message minus CRYPTO_SIGN_BYTES.
• crypto_sign_seed_keypair
  Returns a keypair derived from seed, which can be used for message signing.
• crypto_sign_seed_keypair_inplace
  In-place variant of crypto_sign_seed_keypair.
• crypto_sign_update
  Updates the signature for state with message.
• crypto_sign_verify_detached
  Verifies that signature is a valid signature for message using the given public_key.