Module dryoc::sign

Expand description

Public-key signatures

This module implements libsodium’s public-key signature functions. The signatures are based on Ed25519 (EdDSA). It provides both a single-part and multi-part interface.

The single-part interface is convenient for short messages, such as those small enough to fit in memory. The multi-part interface may be more appropriate for lengthy messages, those which don’t fit in memory, or those for which the entire message isn’t known at once (i.e., during network communication, or reading a large file).

The single-part and multi-part variants use slightly different algorithms, and thus they are not compatible with each other.

You should use a this module when you want to:

share a message with other parties, and provide a proof that the message is authentic
verify that the message from another party was signed using their secret key, without having knowledge of the original secret

The public key of the signer must be known to the verifier.

One should take note that keys used for signing and encryption should remain separate. While it’s possible to convert Ed25519 keys to X25519 keys (or derive them from the same seed), one is cautioned against doing so.

Rustaceous API example, single-part

use dryoc::sign::*;

// Generate a random keypair, using default types
let keypair = SigningKeyPair::gen_with_defaults();
let message = b"Fair is foul, and foul is fair: Hover through the fog and filthy air.";

// Sign the message, using default types (stack-allocated byte array, Vec<u8>)
let signed_message = keypair.sign_with_defaults(message).expect("signing failed");

// Verify the message signature
signed_message
    .verify(&keypair.public_key)
    .expect("verification failed");

Incremental (multi-part) interface

use dryoc::sign::*;

// Generate a random keypair, using default types
let keypair = SigningKeyPair::gen_with_defaults();

// Initialize the incremental signer interface
let mut signer = IncrementalSigner::new();
signer.update(b"This above all: to thine ownself be true.");
signer.update(b"And it must follow, as the night the day,");
signer.update(b"Thou canst not then be false to any man.");

let signature: Signature = signer
    .finalize(&keypair.secret_key)
    .expect("signing failed");

Additional resources

See https://libsodium.gitbook.io/doc/public-key_cryptography/public-key_signatures for additional details on public-key signatures
For secret-key based encryption, see DryocSecretBox
For stream encryption, see DryocStream
See the protected mod for an example using the protected memory features

Modules

protectednightly
Protected memory for SigningKeyPair and SignedMessage.

Structs

IncrementalSigner
Multi-part (incremental) interface for SigningKeyPair.
SignedMessage
A signed message, for use with SigningKeyPair.
SigningKeyPair
An Ed25519 keypair for public-key signatures

Type Definitions

Message
Heap-allocated message for message signing.
PublicKey
Stack-allocated public key for message signing.
SecretKey
Stack-allocated secret key for message signing.
Signature
Stack-allocated signature for message signing.
VecSignedMessage
Vec-based signed message.