CRYPTO_ED25519_SIGN_INIT_FIRST_PASS(3MONOCYPHER) | 3MONOCYPHER | CRYPTO_ED25519_SIGN_INIT_FIRST_PASS(3MONOCYPHER) |
NAME
incremental public key signatures#include
<monocypher-ed25519.h>
void
crypto_ed25519_sign_init_first_pass
(crypto_ed25519_sign_ctx
*ctx, const uint8_t secret_key[32],
const uint8_t public_key[32]);
void
crypto_ed25519_sign_update
(crypto_ed25519_sign_ctx
*ctx, const uint8_t *message,
size_t message_size);
void
crypto_ed25519_sign_final
(crypto_ed25519_sign_ctx
*ctx, uint8_t signature[64]);
void
crypto_ed25519_sign_init_second_pass
(crypto_ed25519_sign_ctx
*ctx);
void
crypto_ed25519_check_init
(crypto_ed25519_check_ctx
*ctx, const uint8_t signature[64],
const uint8_t public_key[32]);
void
crypto_ed25519_check_update
(crypto_ed25519_check_ctx
*ctx, const uint8_t *message,
size_t message_size);
int
crypto_ed25519_check_final
(crypto_ed25519_check_ctx
*ctx);
DESCRIPTION
These functions are variants of crypto_ed25519_sign() and crypto_ed25519_check(). Prefer those simpler functions if possible.
These functions provide Ed25519 public key signatures and verification with SHA-512 as the underlying hash function. They are interoperable with other Ed25519 implementations. If you have no interoperability requirements, prefer crypto_sign().
The arguments, security considerations, and semantics are the same as those described in crypto_sign_init_first_pass() and crypto_sign().
RETURN VALUES
crypto_ed25519_sign_init_first_pass
(),
crypto_ed25519_sign_init_second_pass
(),
crypto_ed25519_sign_update
(),
crypto_ed25519_sign_final
(),
crypto_ed25519_check_init
(), and
crypto_ed25519_check_update
() return nothing.
crypto_ed25519_check_final
() returns 0 for
legitimate messages and -1 for forgeries.
SEE ALSO
crypto_blake2b(), crypto_x25519(), crypto_lock(), crypto_ed25519_sign(), crypto_sign(), crypto_sign_init_first_pass(), crypto_sha512(), crypto_wipe(), intro()
STANDARDS
These functions implement Ed25519 as described in RFC 8032.
HISTORY
The crypto_ed25519_sign_init_first_pass
(),
crypto_ed25519_sign_update
(),
crypto_ed25519_sign_final
(),
crypto_ed25519_sign_init_second_pass
(),
crypto_ed25519_check_init
(),
crypto_ed25519_check_update
(), and
crypto_ed25519_check_final
() functions first
appeared in Monocypher 3.0.0. They replace recompilation of Monocypher with
the ED25519_SHA512
preprocessor definition.
February 13, 2022 | Debian |