SIGNING

ED25519 signature functions. More...

Functions

byte * pcp_ed_sign (byte *message, size_t messagesize, pcp_key_t *s)
 Sign a raw message. More...
 
byte * pcp_ed_sign_key (byte *message, size_t messagesize, pcp_key_t *s)
 Sign a raw message using s->mastersecret. More...
 
byte * pcp_ed_verify (PCPCTX *ptx, byte *signature, size_t siglen, pcp_pubkey_t *p)
 Verify a signature. More...
 
byte * pcp_ed_verify_key (PCPCTX *ptx, byte *signature, size_t siglen, pcp_pubkey_t *p)
 Verify a signature using the mastersecret. More...
 
size_t pcp_ed_sign_buffered (PCPCTX *ptx, Pcpstream *in, Pcpstream *out, pcp_key_t *s, int z85)
 Sign a stream in 32k block mode. More...
 
pcp_pubkey_tpcp_ed_verify_buffered (PCPCTX *ptx, Pcpstream *in, pcp_pubkey_t *p)
 Verify a signature from a stream in 32k block mode. More...
 
size_t pcp_ed_detachsign_buffered (Pcpstream *in, Pcpstream *out, pcp_key_t *s)
 Generate a detached signature from a stream in 32k block mode. More...
 
pcp_pubkey_tpcp_ed_detachverify_buffered (PCPCTX *ptx, Pcpstream *in, Pcpstream *sigfd, pcp_pubkey_t *p)
 Verify a detached signature from a stream in 32k block mode. More...
 

Detailed Description

ED25519 signature functions.

Function Documentation

size_t pcp_ed_detachsign_buffered ( Pcpstream in,
Pcpstream out,
pcp_key_t s 
)

Generate a detached signature from a stream in 32k block mode.

This function reads blockwise from the stream in and generates a hash of the contents of the stream. It then signs that hash and writes the hash and the signature to the output stream out.

Parameters
[in]inStream to read from.
[out]outStream to write to.
[in]sPointer to secret key.
Returns
Returns the size of the detached signature written or 0 in case of errors. Check fatals_if_any().
pcp_pubkey_t* pcp_ed_detachverify_buffered ( PCPCTX ptx,
Pcpstream in,
Pcpstream sigfd,
pcp_pubkey_t p 
)

Verify a detached signature from a stream in 32k block mode.

This function reads blockwise from the stream in and generates a hash of the contents of the stream. It then reads the signature from the stream sigfd and verifies the signature from it using p->edpub and compares the signature hash with the hash it calculated from the signed content.

Parameters
[in]ptxpcp context.
[in]inStream to read from.
[in]sigfdStream containing the detached signature.
[in]pPointer to public key structure.
Returns
Returns a pointer to a public key which were used to verify the signature or NULL if an error occurred. Check fatals_if_any().
byte* pcp_ed_sign ( byte *  message,
size_t  messagesize,
pcp_key_t s 
)

Sign a raw message.

Sign a message of messagesize using s->edsecret. This is just a convenience wrapper around crypto_sign().

Parameters
[in]messageThe message to sign.
[in]messagesizeSize of the message.
[in]sPointer to secret key structure.
Returns
Returns message+signature with size of messagesize + crypto_sign_BYTES, or NULL in case of an error.
size_t pcp_ed_sign_buffered ( PCPCTX ptx,
Pcpstream in,
Pcpstream out,
pcp_key_t s,
int  z85 
)

Sign a stream in 32k block mode.

This function reads blockwise from the stream in and generates a hash of the contents of the stream. It outputs the stream to out, also blockwise and appends the signature afterwards, which consists of the hash+nacl-signature.

Parameters
[in]ptxpcp context.
[in]inStream to read from.
[out]outStream to write to.
[in]sPointer to secret key.
[in]z85Flag which indicates if to create an armored signature or not. 1=armored, 0=raw.
Returns
Returns the number of bytes written to the output stream.
byte* pcp_ed_sign_key ( byte *  message,
size_t  messagesize,
pcp_key_t s 
)

Sign a raw message using s->mastersecret.

The same as pcp_ed_sign() but uses the mastersecret for signing. Usually used for key signing only.

Parameters
[in]messageThe message to sign.
[in]messagesizeSize of the message.
[in]sPointer to secret key structure.
Returns
Returns message+signature with size of messagesize + crypto_sign_BYTES, or NULL in case of an error.
byte* pcp_ed_verify ( PCPCTX ptx,
byte *  signature,
size_t  siglen,
pcp_pubkey_t p 
)

Verify a signature.

Verify a signature of size siglen using p->edpub.

The signature must contain the message+nacl signature (with size crypto_sign_BYTES).

Parameters
[in]ptxpcp context.
[in]signatureMessage+signature.
[in]siglenSize of message+signature.
[in]pPointer to public key structure.
Returns
If the signature verifies return the raw message with the signature removed (size: siglen - crypto_sign_BYTES), returns NULL in case of errors. Check fatals_if_any().
pcp_pubkey_t* pcp_ed_verify_buffered ( PCPCTX ptx,
Pcpstream in,
pcp_pubkey_t p 
)

Verify a signature from a stream in 32k block mode.

This function reads blockwise from the stream in and generates a hash of the contents of the stream. While reading from the stream it extracts the appended signature (hash+sig). It then verifies the signature using p->edpub and compares the signature hash with the hash it calculated from the signed content.

The parameter p can be NULL. In this case the function loops through the global public key hash pcppubkey_hash to find a public key which is able to verify the signature.

Parameters
[in]ptxpcp context.
[in]inStream to read from.
[in]pPointer to public key structure.
Returns
Returns a pointer to a public key which were used to verify the signature or NULL if an error occurred. Check fatals_if_any().
byte* pcp_ed_verify_key ( PCPCTX ptx,
byte *  signature,
size_t  siglen,
pcp_pubkey_t p 
)

Verify a signature using the mastersecret.

Verify a signature of size siglen using p->masterpub.

The signature must contain the message+nacl signature (with size crypto_sign_BYTES).

Parameters
[in]ptxpcp context.
[in]signatureMessage+signature.
[in]siglenSize of message+signature.
[in]pPointer to public key structure.
Returns
If the signature verifies return the raw message with the signature removed (size: siglen - crypto_sign_BYTES), returns NULL in case of errors. Check fatals_if_any().