Ed25519

dcrypt_sign::eddsa

Struct Ed25519

pub struct Ed25519;

Expand description

Ed25519 signature scheme

§Security Considerations

Always use a cryptographically secure RNG for key generation
Protect secret keys using platform security features when available
Verify public key authenticity through secure channels
Never reuse seeds across different applications or purposes
Clear sensitive data from memory after use (automatic for secret keys)

Implementations§

impl Ed25519

pub fn derive_public_from_secret( secret_key: &Ed25519SecretKey, ) -> ApiResult<Ed25519PublicKey>

Derive the public key from an existing secret key

This is useful when you have a secret key loaded from storage and need to reconstruct the corresponding public key.

§Example

use dcrypt_sign::eddsa::Ed25519;
use dcrypt_api::Signature;
use rand::rngs::OsRng;

let mut rng = OsRng;
let (original_public, secret) = Ed25519::keypair(&mut rng)?;
 
// Later, derive public key from secret
let derived_public = Ed25519::derive_public_from_secret(&secret)?;
 
assert_eq!(original_public.0, derived_public.0);

Trait Implementations§

impl Signature for Ed25519

fn keypair<R: CryptoRng + RngCore>(rng: &mut R) -> ApiResult<Self::KeyPair>

Generate an Ed25519 key pair

This follows the key generation process from RFC 8032:

Generate a 32-byte random seed
Hash the seed with SHA-512 to get 64 bytes
Clear/set specific bits in the first 32 bytes (scalar clamping)
Use the clamped scalar to derive the public key

fn sign( message: &[u8], secret_key: &Self::SecretKey, ) -> ApiResult<Self::SignatureData>

Sign a message using Ed25519

The signing process follows RFC 8032:

r = SHA-512(prefix || message) mod L
R = [r]B
k = SHA-512(R || A || message) mod L
s = (r + k*a) mod L
Return (R, s)

fn verify( message: &[u8], signature: &Self::SignatureData, public_key: &Self::PublicKey, ) -> ApiResult<()>

Verify an Ed25519 signature

The verification process checks that: [s]B = R + [k]A where k = SHA-512(R || A || message) mod L

type PublicKey = Ed25519PublicKey

Public key type for this algorithm

type SecretKey = Ed25519SecretKey

Secret key type - must be zeroizable but not byte-accessible Read more

type SignatureData = Ed25519Signature

Signature data type

type KeyPair = (<Ed25519 as Signature>::PublicKey, <Ed25519 as Signature>::SecretKey)

Key pair type (typically a tuple of public and secret keys)

fn name() -> &'static str

Returns the name of this signature algorithm

fn public_key(keypair: &Self::KeyPair) -> Self::PublicKey

Extract the public key from a key pair

fn secret_key(keypair: &Self::KeyPair) -> Self::SecretKey

Extract the secret key from a key pair

Auto Trait Implementations§

impl Freeze for Ed25519

impl RefUnwindSafe for Ed25519

impl Send for Ed25519

impl Sync for Ed25519

impl Unpin for Ed25519

impl UnwindSafe for Ed25519

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

fn vzip(self) -> V