Arduino Cryptography Library
Ed25519.h
1 /*
2  * Copyright (C) 2015 Southern Storm Software, Pty Ltd.
3  *
4  * Permission is hereby granted, free of charge, to any person obtaining a
5  * copy of this software and associated documentation files (the "Software"),
6  * to deal in the Software without restriction, including without limitation
7  * the rights to use, copy, modify, merge, publish, distribute, sublicense,
8  * and/or sell copies of the Software, and to permit persons to whom the
9  * Software is furnished to do so, subject to the following conditions:
10  *
11  * The above copyright notice and this permission notice shall be included
12  * in all copies or substantial portions of the Software.
13  *
14  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15  * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
19  * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
20  * DEALINGS IN THE SOFTWARE.
21  */
22 
23 #ifndef CRYPTO_ED25519_h
24 #define CRYPTO_ED25519_h
25 
26 #include "BigNumberUtil.h"
27 #include "SHA512.h"
28 
29 class Ed25519
30 {
31 public:
32  static void sign(uint8_t signature[64], const uint8_t privateKey[32],
33  const uint8_t publicKey[32], const void *message,
34  size_t len);
35  static bool verify(const uint8_t signature[64], const uint8_t publicKey[32],
36  const void *message, size_t len);
37 
38  static void generatePrivateKey(uint8_t privateKey[32]);
39  static void derivePublicKey(uint8_t publicKey[32], const uint8_t privateKey[32]);
40 
41 private:
42  // Constructor and destructor are private - cannot instantiate this class.
43  Ed25519();
44  ~Ed25519();
45 
46  // Curve point represented in extended homogeneous coordinates.
47  struct Point
48  {
49  limb_t x[32 / sizeof(limb_t)];
50  limb_t y[32 / sizeof(limb_t)];
51  limb_t z[32 / sizeof(limb_t)];
52  limb_t t[32 / sizeof(limb_t)];
53  };
54 
55  static void reduceQFromBuffer(limb_t *result, const uint8_t buf[64], limb_t *temp);
56  static void reduceQ(limb_t *result, limb_t *r);
57 
58  static void mul(Point &result, const limb_t *s, Point &p, bool constTime = true);
59  static void mul(Point &result, const limb_t *s, bool constTime = true);
60 
61  static void add(Point &p, const Point &q);
62 
63  static bool equal(const Point &p, const Point &q);
64 
65  static void encodePoint(uint8_t *buf, Point &point);
66  static bool decodePoint(Point &point, const uint8_t *buf);
67 
68  static void deriveKeys(SHA512 *hash, limb_t *a, const uint8_t privateKey[32]);
69 };
70 
71 #endif
Ed25519
Digital signatures based on the elliptic curve modulo 2^255 - 19.
Definition: Ed25519.h:30
Ed25519::sign
static void sign(uint8_t signature[64], const uint8_t privateKey[32], const uint8_t publicKey[32], const void *message, size_t len)
Signs a message using a specific Ed25519 private key.
Definition: Ed25519.cpp:127
Ed25519::derivePublicKey
static void derivePublicKey(uint8_t publicKey[32], const uint8_t privateKey[32])
Derives the public key from a private key.
Definition: Ed25519.cpp:256
Ed25519::generatePrivateKey
static void generatePrivateKey(uint8_t privateKey[32])
Generates a private key for Ed25519 signing operations.
Definition: Ed25519.cpp:243
Ed25519::verify
static bool verify(const uint8_t signature[64], const uint8_t publicKey[32], const void *message, size_t len)
Verifies a signature using a specific Ed25519 public key.
Definition: Ed25519.cpp:189
SHA512
SHA-512 hash algorithm.
Definition: SHA512.h:31
Generated on Sat Apr 1 2023 09:42:59 for Arduino Cryptography Library by doxygen 1.9.1