summaryrefslogtreecommitdiff
path: root/libs/libaxolotl/src/curve25519/ed25519/additions/curve_sigs.h
diff options
context:
space:
mode:
Diffstat (limited to 'libs/libaxolotl/src/curve25519/ed25519/additions/curve_sigs.h')
-rw-r--r--libs/libaxolotl/src/curve25519/ed25519/additions/curve_sigs.h35
1 files changed, 2 insertions, 33 deletions
diff --git a/libs/libaxolotl/src/curve25519/ed25519/additions/curve_sigs.h b/libs/libaxolotl/src/curve25519/ed25519/additions/curve_sigs.h
index b3dbad0155..a2d819aef0 100644
--- a/libs/libaxolotl/src/curve25519/ed25519/additions/curve_sigs.h
+++ b/libs/libaxolotl/src/curve25519/ed25519/additions/curve_sigs.h
@@ -2,47 +2,16 @@
#ifndef __CURVE_SIGS_H__
#define __CURVE_SIGS_H__
-void curve25519_keygen(unsigned char* curve25519_pubkey_out, /* 32 bytes */
- const unsigned char* curve25519_privkey_in); /* 32 bytes */
-
/* returns 0 on success */
int curve25519_sign(unsigned char* signature_out, /* 64 bytes */
const unsigned char* curve25519_privkey, /* 32 bytes */
- const unsigned char* msg, const unsigned long msg_len,
+ const unsigned char* msg, const unsigned long msg_len, /* <= 256 bytes */
const unsigned char* random); /* 64 bytes */
/* returns 0 on success */
int curve25519_verify(const unsigned char* signature, /* 64 bytes */
const unsigned char* curve25519_pubkey, /* 32 bytes */
- const unsigned char* msg, const unsigned long msg_len);
-
-/* helper function - modified version of crypto_sign() to use
- explicit private key. In particular:
-
- sk : private key
- pk : public key
- msg : message
- prefix : 0xFE || [0xFF]*31
- random : 64 bytes random
- q : main subgroup order
-
- The prefix is chosen to distinguish the two SHA512 uses below, since
- prefix is an invalid encoding for R (it would encode a "field element"
- of 2^255 - 2). 0xFF*32 is set aside for use in ECDH protocols, which
- is why the first byte here ix 0xFE.
+ const unsigned char* msg, const unsigned long msg_len); /* <= 256 bytes */
- sig_nonce = SHA512(prefix || sk || msg || random) % q
- R = g^sig_nonce
- M = SHA512(R || pk || m)
- S = sig_nonce + (m * sk)
- signature = (R || S)
- */
-int crypto_sign_modified(
- unsigned char *sm,
- const unsigned char *m,unsigned long long mlen,
- const unsigned char *sk, /* Curve/Ed25519 private key */
- const unsigned char *pk, /* Ed25519 public key */
- const unsigned char *random /* 64 bytes random to hash into nonce */
- );
#endif
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-26 20:51:05 +0000