ed25519

Equal method #

Equal reports whether priv and x have the same value.

func (priv PrivateKey) Equal(x crypto.PrivateKey) bool

Equal method #

Equal reports whether pub and x have the same value.

func (pub PublicKey) Equal(x crypto.PublicKey) bool

GenerateKey function #

GenerateKey generates a public/private key pair using entropy from rand. If rand is nil, [crypto/rand.Reader] will be used. The output of this function is deterministic, and equivalent to reading [SeedSize] bytes from rand, and passing them to [NewKeyFromSeed].

func GenerateKey(rand io.Reader) (PublicKey, PrivateKey, error)

HashFunc method #

HashFunc returns o.Hash.

func (o *Options) HashFunc() crypto.Hash

NewKeyFromSeed function #

NewKeyFromSeed calculates a private key from a seed. It will panic if len(seed) is not [SeedSize]. This function is provided for interoperability with RFC 8032. RFC 8032's private keys correspond to seeds in this package.

func NewKeyFromSeed(seed []byte) PrivateKey

Public method #

Public returns the [PublicKey] corresponding to priv.

func (priv PrivateKey) Public() crypto.PublicKey

Seed method #

Seed returns the private key seed corresponding to priv. It is provided for interoperability with RFC 8032. RFC 8032's private keys correspond to seeds in this package.

func (priv PrivateKey) Seed() []byte

Sign method #

Sign signs the given message with priv. rand is ignored and can be nil. If opts.HashFunc() is [crypto.SHA512], the pre-hashed variant Ed25519ph is used and message is expected to be a SHA-512 hash, otherwise opts.HashFunc() must be [crypto.Hash](0) and the message must not be hashed, as Ed25519 performs two passes over messages to be signed. A value of type [Options] can be used as opts, or crypto.Hash(0) or crypto.SHA512 directly to select plain Ed25519 or Ed25519ph, respectively.

func (priv PrivateKey) Sign(rand io.Reader, message []byte, opts crypto.SignerOpts) (signature []byte, err error)

Sign function #

Sign signs the message with privateKey and returns a signature. It will panic if len(privateKey) is not [PrivateKeySize].

func Sign(privateKey PrivateKey, message []byte) []byte

Verify function #

Verify reports whether sig is a valid signature of message by publicKey. It will panic if len(publicKey) is not [PublicKeySize]. The inputs are not considered confidential, and may leak through timing side channels, or if an attacker has control of part of the inputs.

func Verify(publicKey PublicKey, message []byte, sig []byte) bool

VerifyWithOptions function #

VerifyWithOptions reports whether sig is a valid signature of message by publicKey. A valid signature is indicated by returning a nil error. It will panic if len(publicKey) is not [PublicKeySize]. If opts.Hash is [crypto.SHA512], the pre-hashed variant Ed25519ph is used and message is expected to be a SHA-512 hash, otherwise opts.Hash must be [crypto.Hash](0) and the message must not be hashed, as Ed25519 performs two passes over messages to be signed. The inputs are not considered confidential, and may leak through timing side channels, or if an attacker has control of part of the inputs.

func VerifyWithOptions(publicKey PublicKey, message []byte, sig []byte, opts *Options) error

newKeyFromSeed function #

func newKeyFromSeed(privateKey []byte, seed []byte)

sign function #

func sign(signature []byte, privateKey PrivateKey, message []byte)