libdecaf
ed255.h
Go to the documentation of this file.
1 
15 #ifndef __DECAF_ED255_H__
16 #define __DECAF_ED255_H__ 1
17 
18 #include <decaf/point_255.h>
19 #include <decaf/shake.h>
20 #include <decaf/sha512.h>
21 
22 #ifdef __cplusplus
23 extern "C" {
24 #endif
25 
27 #define DECAF_EDDSA_25519_PUBLIC_BYTES 32
28 
30 #define DECAF_EDDSA_25519_PRIVATE_BYTES DECAF_EDDSA_25519_PUBLIC_BYTES
31 
33 #define DECAF_EDDSA_25519_SIGNATURE_BYTES (DECAF_EDDSA_25519_PUBLIC_BYTES + DECAF_EDDSA_25519_PRIVATE_BYTES)
34 
36 #if defined _MSC_VER /* Different syntax for exposing API */
37 #define DECAF_EDDSA_25519_SUPPORTS_CONTEXTLESS_SIGS 1
38 extern const DECAF_API_VIS uint8_t * const DECAF_ED25519_NO_CONTEXT;
39 
40 #else
41 #define DECAF_EDDSA_25519_SUPPORTS_CONTEXTLESS_SIGS 1
42 DECAF_API_VIS extern const uint8_t * const DECAF_ED25519_NO_CONTEXT;
43 
44 #endif
45 
47 #define decaf_ed25519_prehash_ctx_s decaf_sha512_ctx_s
48 
50 #define decaf_ed25519_prehash_ctx_t decaf_sha512_ctx_t
51 
53 #define decaf_ed25519_prehash_update decaf_sha512_update
54 
56 #define decaf_ed25519_prehash_destroy decaf_sha512_destroy
57 
59 #define DECAF_255_EDDSA_ENCODE_RATIO 4
60 
62 #define DECAF_255_EDDSA_DECODE_RATIO (8 / 4)
63 
64 #ifndef DECAF_EDDSA_NON_KEYPAIR_API_IS_DEPRECATED
65 
66 #define DECAF_EDDSA_NON_KEYPAIR_API_IS_DEPRECATED 0
67 #endif
68 
71 typedef struct decaf_eddsa_25519_keypair_s {
72  uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES];
73  uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES];
74 } decaf_eddsa_25519_keypair_s, decaf_eddsa_25519_keypair_t[1];
84 void DECAF_API_VIS decaf_ed25519_derive_public_key (
85  uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES],
86  const uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES]
87 ) DECAF_NONNULL DECAF_NOINLINE;
88 
96 void DECAF_API_VIS decaf_ed25519_derive_keypair (
97  decaf_eddsa_25519_keypair_t keypair,
98  const uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES]
99 ) DECAF_NONNULL DECAF_NOINLINE;
100 
107 void DECAF_API_VIS decaf_ed25519_keypair_extract_public_key (
108  uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES],
109  const decaf_eddsa_25519_keypair_t keypair
110 ) DECAF_NONNULL DECAF_NOINLINE;
111 
119  uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES],
120  const decaf_eddsa_25519_keypair_t keypair
121 ) DECAF_NONNULL DECAF_NOINLINE;
122 
127 void DECAF_API_VIS decaf_ed25519_keypair_destroy (
128  decaf_eddsa_25519_keypair_t keypair
129 ) DECAF_NONNULL DECAF_NOINLINE;
130 
152 void DECAF_API_VIS decaf_ed25519_sign (
153  uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES],
154  const uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES],
155  const uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES],
156  const uint8_t *message,
157  size_t message_len,
158  uint8_t prehashed,
159  const uint8_t *context,
160  uint8_t context_len
161 ) __attribute__((nonnull(1,2,3))) DECAF_NOINLINE
162 #if DECAF_EDDSA_NON_KEYPAIR_API_IS_DEPRECATED
163  __attribute__((deprecated("Passing the pubkey and privkey separately is unsafe",
164  "decaf_ed25519_keypair_sign")))
165 #endif
166 ;
167 
182 void DECAF_API_VIS decaf_ed25519_sign_prehash (
183  uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES],
184  const uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES],
185  const uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES],
186  const decaf_ed25519_prehash_ctx_t hash,
187  const uint8_t *context,
188  uint8_t context_len
189 ) __attribute__((nonnull(1,2,3,4))) DECAF_NOINLINE
190 #if DECAF_EDDSA_NON_KEYPAIR_API_IS_DEPRECATED
191  __attribute__((deprecated("Passing the pubkey and privkey separately is unsafe",
192  "decaf_ed25519_keypair_sign_prehash")))
193 #endif
194 ;
195 
207 void DECAF_API_VIS decaf_ed25519_keypair_sign (
208  uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES],
209  const decaf_eddsa_25519_keypair_t keypair,
210  const uint8_t *message,
211  size_t message_len,
212  uint8_t prehashed,
213  const uint8_t *context,
214  uint8_t context_len
215 ) __attribute__((nonnull(1,2,3))) DECAF_NOINLINE;
216 
226 void DECAF_API_VIS decaf_ed25519_keypair_sign_prehash (
227  uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES],
228  const decaf_eddsa_25519_keypair_t keypair,
229  const decaf_ed25519_prehash_ctx_t hash,
230  const uint8_t *context,
231  uint8_t context_len
232 ) __attribute__((nonnull(1,2,3,4))) DECAF_NOINLINE;
233 
239 void DECAF_API_VIS decaf_ed25519_prehash_init (
241 ) __attribute__((nonnull(1))) DECAF_NOINLINE;
242 
261 decaf_error_t DECAF_API_VIS decaf_ed25519_verify (
262  const uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES],
263  const uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES],
264  const uint8_t *message,
265  size_t message_len,
266  uint8_t prehashed,
267  const uint8_t *context,
268  uint8_t context_len
269 ) __attribute__((nonnull(1,2))) DECAF_NOINLINE;
270 
288  const uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES],
289  const uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES],
290  const decaf_ed25519_prehash_ctx_t hash,
291  const uint8_t *context,
292  uint8_t context_len
293 ) __attribute__((nonnull(1,2))) DECAF_NOINLINE;
294 
320  uint8_t enc[DECAF_EDDSA_25519_PUBLIC_BYTES],
321  const decaf_255_point_t p
322 ) DECAF_NONNULL DECAF_NOINLINE;
323 
335  const uint8_t enc[DECAF_EDDSA_25519_PUBLIC_BYTES]
336 ) DECAF_NONNULL DECAF_NOINLINE;
337 
350  uint8_t x[DECAF_X25519_PUBLIC_BYTES],
351  const uint8_t ed[DECAF_EDDSA_25519_PUBLIC_BYTES]
352 ) DECAF_NONNULL DECAF_NOINLINE;
353 
363  uint8_t x[DECAF_X25519_PRIVATE_BYTES],
364  const uint8_t ed[DECAF_EDDSA_25519_PRIVATE_BYTES]
365 ) DECAF_NONNULL DECAF_NOINLINE;
366 
367 #ifdef __cplusplus
368 } /* extern "C" */
369 #endif
370 
371 #endif /* __DECAF_ED255_H__ */
DECAF_EDDSA_25519_SIGNATURE_BYTES
#define DECAF_EDDSA_25519_SIGNATURE_BYTES
Number of bytes in an EdDSA private key.
Definition: ed255.h:33
decaf_ed25519_derive_public_key
void DECAF_API_VIS decaf_ed25519_derive_public_key(uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES], const uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES]) DECAF_NONNULL DECAF_NOINLINE
EdDSA key generation.
shake.h
SHA2-512.
point_255.h
A group of prime order p, based on Curve25519.
decaf_ed25519_keypair_extract_private_key
void DECAF_API_VIS decaf_ed25519_keypair_extract_private_key(uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES], const decaf_eddsa_25519_keypair_t keypair) DECAF_NONNULL DECAF_NOINLINE
Extract the private key from an EdDSA keypair.
DECAF_EDDSA_25519_PUBLIC_BYTES
#define DECAF_EDDSA_25519_PUBLIC_BYTES
Number of bytes in an EdDSA public key.
Definition: ed255.h:27
decaf_ed25519_sign_prehash
void DECAF_API_VIS decaf_ed25519_sign_prehash(uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES], const uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES], const uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES], const decaf_ed25519_prehash_ctx_t hash, const uint8_t *context, uint8_t context_len) DECAF_NOINLINE
EdDSA signing with prehash.
decaf_ed25519_verify_prehash
decaf_error_t DECAF_API_VIS decaf_ed25519_verify_prehash(const uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES], const uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES], const decaf_ed25519_prehash_ctx_t hash, const uint8_t *context, uint8_t context_len) DECAF_NOINLINE
EdDSA signature verification.
decaf_ed25519_keypair_sign_prehash
void DECAF_API_VIS decaf_ed25519_keypair_sign_prehash(uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES], const decaf_eddsa_25519_keypair_t keypair, const decaf_ed25519_prehash_ctx_t hash, const uint8_t *context, uint8_t context_len) DECAF_NOINLINE
EdDSA signing with prehash.
DECAF_EDDSA_25519_PRIVATE_BYTES
#define DECAF_EDDSA_25519_PRIVATE_BYTES
Number of bytes in an EdDSA private key.
Definition: ed255.h:30
decaf_ed25519_prehash_init
void DECAF_API_VIS decaf_ed25519_prehash_init(decaf_ed25519_prehash_ctx_t hash) DECAF_NOINLINE
Prehash initialization, with contexts if supported.
decaf_ed25519_derive_keypair
void DECAF_API_VIS decaf_ed25519_derive_keypair(decaf_eddsa_25519_keypair_t keypair, const uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES]) DECAF_NONNULL DECAF_NOINLINE
EdDSA keypair scheduling.
decaf_255_point_decode_like_eddsa_and_mul_by_ratio
decaf_error_t DECAF_API_VIS decaf_255_point_decode_like_eddsa_and_mul_by_ratio(decaf_255_point_t p, const uint8_t enc[DECAF_EDDSA_25519_PUBLIC_BYTES]) DECAF_NONNULL DECAF_NOINLINE
EdDSA point decoding.
decaf_ed25519_verify
decaf_error_t DECAF_API_VIS decaf_ed25519_verify(const uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES], const uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES], const uint8_t *message, size_t message_len, uint8_t prehashed, const uint8_t *context, uint8_t context_len) DECAF_NOINLINE
EdDSA signature verification.
decaf_ed25519_convert_private_key_to_x25519
void DECAF_API_VIS decaf_ed25519_convert_private_key_to_x25519(uint8_t x[DECAF_X25519_PRIVATE_BYTES], const uint8_t ed[DECAF_EDDSA_25519_PRIVATE_BYTES]) DECAF_NONNULL DECAF_NOINLINE
EdDSA to ECDH private key conversion Using the appropriate hash function, hash the EdDSA private key ...
decaf_error_t
decaf_error_t
Another boolean type used to indicate success or failure.
Definition: common.h:120
decaf_ed25519_keypair_extract_public_key
void DECAF_API_VIS decaf_ed25519_keypair_extract_public_key(uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES], const decaf_eddsa_25519_keypair_t keypair) DECAF_NONNULL DECAF_NOINLINE
Extract the public key from an EdDSA keypair.
decaf_ed25519_convert_public_key_to_x25519
void DECAF_API_VIS decaf_ed25519_convert_public_key_to_x25519(uint8_t x[DECAF_X25519_PUBLIC_BYTES], const uint8_t ed[DECAF_EDDSA_25519_PUBLIC_BYTES]) DECAF_NONNULL DECAF_NOINLINE
EdDSA to ECDH public key conversion Deserialize the point to get y on Edwards curve,...
Definition: decaf.c:1335
DECAF_X25519_PUBLIC_BYTES
#define DECAF_X25519_PUBLIC_BYTES
Number of bytes in an x25519 public key.
Definition: point_255.h:62
decaf_ed25519_prehash_ctx_t
#define decaf_ed25519_prehash_ctx_t
Prehash context, array[1] form.
Definition: ed255.h:50
decaf_255_point_t
struct decaf_255_point_s decaf_255_point_t[1]
Representation of a point on the elliptic curve.
decaf_ed25519_sign
void DECAF_API_VIS decaf_ed25519_sign(uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES], const uint8_t privkey[DECAF_EDDSA_25519_PRIVATE_BYTES], const uint8_t pubkey[DECAF_EDDSA_25519_PUBLIC_BYTES], const uint8_t *message, size_t message_len, uint8_t prehashed, const uint8_t *context, uint8_t context_len) DECAF_NOINLINE
EdDSA signing.
DECAF_X25519_PRIVATE_BYTES
#define DECAF_X25519_PRIVATE_BYTES
Number of bytes in an x25519 private key.
Definition: point_255.h:65
decaf_ed25519_keypair_sign
void DECAF_API_VIS decaf_ed25519_keypair_sign(uint8_t signature[DECAF_EDDSA_25519_SIGNATURE_BYTES], const decaf_eddsa_25519_keypair_t keypair, const uint8_t *message, size_t message_len, uint8_t prehashed, const uint8_t *context, uint8_t context_len) DECAF_NOINLINE
EdDSA signing.
decaf_ed25519_keypair_destroy
void DECAF_API_VIS decaf_ed25519_keypair_destroy(decaf_eddsa_25519_keypair_t keypair) DECAF_NONNULL DECAF_NOINLINE
EdDSA keypair destructor.
decaf_255_point_mul_by_ratio_and_encode_like_eddsa
void DECAF_API_VIS decaf_255_point_mul_by_ratio_and_encode_like_eddsa(uint8_t enc[DECAF_EDDSA_25519_PUBLIC_BYTES], const decaf_255_point_t p) DECAF_NONNULL DECAF_NOINLINE
EdDSA point encoding.