Module ed25519_dalek::hazmat

source ·
Available on crate feature hazmat only.
Expand description

Low-level interfaces to ed25519 functions

§⚠️ Warning: Hazmat

These primitives are easy-to-misuse low-level interfaces.

If you are an end user / non-expert in cryptography, do not use any of these functions. Failure to use them correctly can lead to catastrophic failures including full private key recovery.

Structs§

  • ExpandedSecretKey
    Contains the secret scalar and domain separator used for generating signatures.

Functions§

  • raw_sign
    Compute an ordinary Ed25519 signature over the given message. CtxDigest is the digest used to calculate the pseudorandomness needed for signing. According to the Ed25519 spec, CtxDigest = Sha512.
  • raw_sign_prehasheddigest
    Compute a signature over the given prehashed message, the Ed25519ph algorithm defined in RFC8032 §5.1. MsgDigest is the digest function used to hash the signed message. CtxDigest is the digest function used to calculate the pseudorandomness needed for signing. According to the Ed25519 spec, MsgDigest = CtxDigest = Sha512.
  • raw_verify
    The ordinary non-batched Ed25519 verification check, rejecting non-canonical R values.CtxDigest is the digest used to calculate the pseudorandomness needed for signing. According to the Ed25519 spec, CtxDigest = Sha512.
  • raw_verify_prehasheddigest
    The batched Ed25519 verification check, rejecting non-canonical R values. MsgDigest is the digest used to hash the signed message. CtxDigest is the digest used to calculate the pseudorandomness needed for signing. According to the Ed25519 spec, MsgDigest = CtxDigest = Sha512.