An Ed25519 key pair.

Fields

public_key: PublicKey,

Public part.

secret_key: SecretKey,

Secret scalar.

Functions

fn create(seed: ?[seed_length]u8) IdentityElementError!KeyPair

Derive a key pair from an optional secret seed.

Derive a key pair from an optional secret seed.

As in RFC 8032, an Ed25519 public key is generated by hashing the secret key using the SHA-512 function, and interpreting the bit-swapped, clamped lower-half of the output as the secret scalar.

For this reason, an EdDSA secret key is commonly called a seed, from which the actual secret is derived.

fn fromSecretKey(secret_key: SecretKey) NonCanonicalError || EncodingError || IdentityElementError!KeyPair

Create a KeyPair from a secret key. Note that with EdDSA, storing the seed, and…

Create a KeyPair from a secret key. Note that with EdDSA, storing the seed, and recovering the key pair from it is recommended over storing the entire secret key. The seed of an exiting key pair can be obtained with key_pair.secret_key.seed().

fn sign(key_pair: KeyPair, msg: []const u8, noise: ?[noise_length]u8) IdentityElementError || NonCanonicalError || KeyMismatchError || WeakPublicKeyError!Signature

Sign a message using the key pair. The noise can be null in order to create det…

Sign a message using the key pair. The noise can be null in order to create deterministic signatures. If deterministic signatures are not required, the noise should be randomly generated instead. This helps defend against fault attacks.

fn signer(key_pair: KeyPair, noise: ?[noise_length]u8) IdentityElementError || KeyMismatchError || NonCanonicalError || WeakPublicKeyError!Signer

Create a Signer, that can be used for incremental signing. Note that the signat…

Create a Signer, that can be used for incremental signing. Note that the signature is not deterministic. The noise parameter, if set, should be something unique for each message, such as a random nonce, or a counter.

Values

seed_length
comptime_int

Length (in bytes) of a seed required to create a key pair.