diff options
Diffstat (limited to 'src/lib/libcrypto/curve25519/curve25519.h')
| -rw-r--r-- | src/lib/libcrypto/curve25519/curve25519.h | 28 |
1 files changed, 12 insertions, 16 deletions
diff --git a/src/lib/libcrypto/curve25519/curve25519.h b/src/lib/libcrypto/curve25519/curve25519.h index 164f2e9e7f..8b84c889cd 100644 --- a/src/lib/libcrypto/curve25519/curve25519.h +++ b/src/lib/libcrypto/curve25519/curve25519.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: curve25519.h,v 1.4 2022/11/06 16:31:19 jsing Exp $ */ | 1 | /* $OpenBSD: curve25519.h,v 1.5 2022/11/09 17:39:29 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2015, Google Inc. | 3 | * Copyright (c) 2015, Google Inc. |
| 4 | * | 4 | * |
| @@ -67,31 +67,27 @@ int X25519(uint8_t out_shared_key[X25519_KEY_LENGTH], | |||
| 67 | * | 67 | * |
| 68 | * Ed25519 is a signature scheme using a twisted Edwards curve that is | 68 | * Ed25519 is a signature scheme using a twisted Edwards curve that is |
| 69 | * birationally equivalent to curve25519. | 69 | * birationally equivalent to curve25519. |
| 70 | * | ||
| 71 | * Note that, unlike RFC 8032's formulation, our private key representation | ||
| 72 | * includes a public key suffix to make multiple key signing operations with the | ||
| 73 | * same key more efficient. The RFC 8032 private key is referred to in this | ||
| 74 | * implementation as the "seed" and is the first 32 bytes of our private key. | ||
| 75 | */ | 70 | */ |
| 76 | 71 | ||
| 77 | #define ED25519_PRIVATE_KEY_LEN 64 | 72 | #define ED25519_PRIVATE_KEY_LENGTH 32 |
| 78 | #define ED25519_PUBLIC_KEY_LEN 32 | 73 | #define ED25519_PUBLIC_KEY_LENGTH 32 |
| 79 | #define ED25519_SIGNATURE_LEN 64 | 74 | #define ED25519_SIGNATURE_LENGTH 64 |
| 80 | 75 | ||
| 81 | /* | 76 | /* |
| 82 | * ED25519_keypair sets |out_public_key| and |out_private_key| to a freshly | 77 | * ED25519_keypair sets |out_public_key| and |out_private_key| to a freshly |
| 83 | * generated, public/private key pair. | 78 | * generated, public/private key pair. |
| 84 | */ | 79 | */ |
| 85 | void ED25519_keypair(uint8_t out_public_key[ED25519_PUBLIC_KEY_LEN], | 80 | void ED25519_keypair(uint8_t out_public_key[ED25519_PUBLIC_KEY_LENGTH], |
| 86 | uint8_t out_private_key[ED25519_PRIVATE_KEY_LEN]); | 81 | uint8_t out_private_key[ED25519_PRIVATE_KEY_LENGTH]); |
| 87 | 82 | ||
| 88 | /* | 83 | /* |
| 89 | * ED25519_sign sets |out_sig| to be a signature of |message_len| bytes from | 84 | * ED25519_sign sets |out_sig| to be a signature of |message_len| bytes from |
| 90 | * |message| using |private_key|. It returns one on success or zero on | 85 | * |message| using |public_key| and |private_key|. It returns one on success |
| 91 | * allocation failure. | 86 | * or zero on allocation failure. |
| 92 | */ | 87 | */ |
| 93 | int ED25519_sign(uint8_t *out_sig, const uint8_t *message, size_t message_len, | 88 | int ED25519_sign(uint8_t *out_sig, const uint8_t *message, size_t message_len, |
| 94 | const uint8_t private_key[ED25519_PRIVATE_KEY_LEN]); | 89 | const uint8_t public_key[ED25519_PUBLIC_KEY_LENGTH], |
| 90 | const uint8_t private_key_seed[ED25519_PRIVATE_KEY_LENGTH]); | ||
| 95 | 91 | ||
| 96 | /* | 92 | /* |
| 97 | * ED25519_verify returns one iff |signature| is a valid signature by | 93 | * ED25519_verify returns one iff |signature| is a valid signature by |
| @@ -99,8 +95,8 @@ int ED25519_sign(uint8_t *out_sig, const uint8_t *message, size_t message_len, | |||
| 99 | * otherwise. | 95 | * otherwise. |
| 100 | */ | 96 | */ |
| 101 | int ED25519_verify(const uint8_t *message, size_t message_len, | 97 | int ED25519_verify(const uint8_t *message, size_t message_len, |
| 102 | const uint8_t signature[ED25519_SIGNATURE_LEN], | 98 | const uint8_t signature[ED25519_SIGNATURE_LENGTH], |
| 103 | const uint8_t public_key[ED25519_PUBLIC_KEY_LEN]); | 99 | const uint8_t public_key[ED25519_PUBLIC_KEY_LENGTH]); |
| 104 | #endif | 100 | #endif |
| 105 | 101 | ||
| 106 | #if defined(__cplusplus) | 102 | #if defined(__cplusplus) |