Boring crypto that simply works

public key signatures

#include <monocypher-ed25519.h>

crypto_ed25519_public_key(uint8_t public_key[32], const uint8_t secret_key[32]);

crypto_ed25519_sign(uint8_t signature[64], const uint8_t secret_key[32], const uint8_t public_key[32], const uint8_t *message, size_t message_size);

crypto_ed25519_check(const uint8_t signature[64], const uint8_t public_key[32], const uint8_t *message, size_t message_size);

The () and () functions provide Ed25519 public key signatures and verification with SHA-512 as the underlying hash function. They are interoperable with other Ed25519 implementations. If you have no interoperability requirements, prefer crypto_sign().

The arguments and security considerations are the same as those described in crypto_sign().

For an incremental interface, see crypto_ed25519_sign_init_first_pass().

crypto_ed25519_public_key() and crypto_ed25519_sign() return nothing.

crypto_ed25519_check() returns 0 for legitimate messages and -1 for forgeries.

crypto_check(), crypto_x25519(), crypto_lock(), crypto_sha512(), intro()

These functions implement Ed25519 as described in RFC 8032.

The crypto_ed25519_sign(), crypto_ed25519_check(), and crypto_ed25519_public_key() functions appeared in Monocypher 3.0.0. They replace recompilation of Monocypher with the ED25519_SHA512 preprocessor definition.

February 13, 2022 Debian