1 // Copyright 2019 The Go Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style
3 // license that can be found in the LICENSE file.
4 5 // Package ed25519 implements the Ed25519 signature algorithm.
6 //
7 // These functions are also compatible with the “Ed25519” function defined in
8 // [RFC 8032]. However, unlike RFC 8032's formulation, this package's private key
9 // representation includes a public key suffix to make multiple signing
10 // operations with the same key more efficient. This package refers to the RFC
11 // 8032 private key as the “seed”.
12 //
13 // The ed25519 package is a wrapper for the Ed25519 implementation in the
14 // crypto/ed25519 package. It is [frozen] and is not accepting new features.
15 //
16 // [RFC 8032]: https://datatracker.ietf.org/doc/html/rfc8032
17 // [frozen]: https://go.dev/wiki/Frozen
18 package ed25519
19 20 import (
21 "crypto/ed25519"
22 "io"
23 )
24 25 const (
26 // PublicKeySize is the size, in bytes, of public keys as used in this package.
27 PublicKeySize = 32
28 // PrivateKeySize is the size, in bytes, of private keys as used in this package.
29 PrivateKeySize = 64
30 // SignatureSize is the size, in bytes, of signatures generated and verified by this package.
31 SignatureSize = 64
32 // SeedSize is the size, in bytes, of private key seeds. These are the private key representations used by RFC 8032.
33 SeedSize = 32
34 )
35 36 // PublicKey is the type of Ed25519 public keys.
37 //
38 // This type is an alias for crypto/ed25519's PublicKey type.
39 // See the crypto/ed25519 package for the methods on this type.
40 type PublicKey = ed25519.PublicKey
41 42 // PrivateKey is the type of Ed25519 private keys. It implements crypto.Signer.
43 //
44 // This type is an alias for crypto/ed25519's PrivateKey type.
45 // See the crypto/ed25519 package for the methods on this type.
46 type PrivateKey = ed25519.PrivateKey
47 48 // GenerateKey generates a public/private key pair using entropy from rand.
49 // If rand is nil, crypto/rand.Reader will be used.
50 func GenerateKey(rand io.Reader) (PublicKey, PrivateKey, error) {
51 return ed25519.GenerateKey(rand)
52 }
53 54 // NewKeyFromSeed calculates a private key from a seed. It will panic if
55 // len(seed) is not SeedSize. This function is provided for interoperability
56 // with RFC 8032. RFC 8032's private keys correspond to seeds in this
57 // package.
58 func NewKeyFromSeed(seed []byte) PrivateKey {
59 return ed25519.NewKeyFromSeed(seed)
60 }
61 62 // Sign signs the message with privateKey and returns a signature. It will
63 // panic if len(privateKey) is not PrivateKeySize.
64 func Sign(privateKey PrivateKey, message []byte) []byte {
65 return ed25519.Sign(privateKey, message)
66 }
67 68 // Verify reports whether sig is a valid signature of message by publicKey. It
69 // will panic if len(publicKey) is not PublicKeySize.
70 func Verify(publicKey PublicKey, message, sig []byte) bool {
71 return ed25519.Verify(publicKey, message, sig)
72 }
73