Ed25519 private key. More...
Inheritance diagram for ed25519PrivateKey:
Public Member Functions | |
| bool | Validate (RandomNumberGenerator &rng, unsigned int level) const |
| Check this object for errors. More... | |
| bool | GetVoidValue (const char *name, const std::type_info &valueType, void *pValue) const |
| Get a named value. More... | |
| void | AssignFrom (const NameValuePairs &source) |
| Assign values to this object. More... | |
| OID | GetAlgorithmID () const |
| Retrieves the OID of the algorithm. More... | |
| void | Save (BufferedTransformation &bt) const |
| DER encode ASN.1 object. More... | |
| void | Save (BufferedTransformation &bt, bool v1) const |
| DER encode ASN.1 object. More... | |
| void | Load (BufferedTransformation &bt) |
| BER decode ASN.1 object. More... | |
| void | MakePublicKey (PublicKey &pub) const |
| Initializes a public key from this key. More... | |
| void | BERDecode (BufferedTransformation &bt) |
| Decode this object from a BufferedTransformation. More... | |
| void | DEREncode (BufferedTransformation &bt) const |
| Encode this object into a BufferedTransformation. More... | |
| void | BERDecodePrivateKey (BufferedTransformation &bt, bool parametersPresent, size_t size) |
| Decode privateKey part of privateKeyInfo. More... | |
| void | DEREncodePrivateKey (BufferedTransformation &bt) const |
| Encode privateKey part of privateKeyInfo. More... | |
| void | DEREncode (BufferedTransformation &bt, int version) const |
| DER encode ASN.1 object. More... | |
| void | BERDecodeAndCheckAlgorithmID (BufferedTransformation &bt) |
| Determine if OID is valid for this object. More... | |
| void | GenerateRandom (RandomNumberGenerator &rng, const NameValuePairs ¶ms) |
| Generate a random key or crypto parameters. More... | |
| void | SetPrivateExponent (const byte x[SECRET_KEYLENGTH]) |
| void | SetPrivateExponent (const Integer &x) |
| const Integer & | GetPrivateExponent () const |
| bool | IsSmallOrder (const byte y[PUBLIC_KEYLENGTH]) const |
| Test if a key has small order. More... | |
| const byte * | GetPrivateKeyBytePtr () const |
| Retrieve private key byte array. More... | |
| const byte * | GetPublicKeyBytePtr () const |
| Retrieve public key byte array. More... | |
| Public Member Functions inherited from PKCS8PrivateKey | |
| virtual bool | BERDecodeAlgorithmParameters (BufferedTransformation &bt) |
| Decode optional parameters. More... | |
| virtual bool | DEREncodeAlgorithmParameters (BufferedTransformation &bt) const |
| Encode optional parameters. More... | |
| virtual void | BERDecodeOptionalAttributes (BufferedTransformation &bt) |
| Decode optional attributes. More... | |
| virtual void | DEREncodeOptionalAttributes (BufferedTransformation &bt) const |
| Encode optional attributes. More... | |
| Public Member Functions inherited from ASN1CryptoMaterial< PrivateKey > | |
| void | Save (BufferedTransformation &bt) const |
| DER encode ASN.1 object. More... | |
| void | Load (BufferedTransformation &bt) |
| BER decode ASN.1 object. More... | |
| Public Member Functions inherited from ASN1Object | |
| virtual void | BEREncode (BufferedTransformation &bt) const |
| Encode this object into a BufferedTransformation. More... | |
| Public Member Functions inherited from GeneratableCryptoMaterial | |
| void | GenerateRandomWithKeySize (RandomNumberGenerator &rng, unsigned int keySize) |
| Generate a random key or crypto parameters. More... | |
| Public Member Functions inherited from CryptoMaterial | |
| virtual void | ThrowIfInvalid (RandomNumberGenerator &rng, unsigned int level) const |
| Check this object for errors. More... | |
| virtual bool | SupportsPrecomputation () const |
| Determines whether the object supports precomputation. More... | |
| virtual void | Precompute (unsigned int precomputationStorage) |
| Perform precomputation. More... | |
| virtual void | LoadPrecomputation (BufferedTransformation &storedPrecomputation) |
| Retrieve previously saved precomputation. More... | |
| virtual void | SavePrecomputation (BufferedTransformation &storedPrecomputation) const |
| Save precomputation for later use. More... | |
| void | DoQuickSanityCheck () const |
| Perform a quick sanity check. More... | |
| Public Member Functions inherited from NameValuePairs | |
| template<class T > | |
| bool | GetThisObject (T &object) const |
| Get a copy of this object or subobject. More... | |
| template<class T > | |
| bool | GetThisPointer (T *&ptr) const |
| Get a pointer to this object. More... | |
| template<class T > | |
| bool | GetValue (const char *name, T &value) const |
| Get a named value. More... | |
| template<class T > | |
| T | GetValueWithDefault (const char *name, T defaultValue) const |
| Get a named value. More... | |
| CRYPTOPP_DLL std::string | GetValueNames () const |
| Get a list of value names that can be retrieved. More... | |
| CRYPTOPP_DLL bool | GetIntValue (const char *name, int &value) const |
| Get a named value with type int. More... | |
| CRYPTOPP_DLL int | GetIntValueWithDefault (const char *name, int defaultValue) const |
| Get a named value with type int, with default. More... | |
| CRYPTOPP_DLL bool | GetWord64Value (const char *name, word64 &value) const |
| Get a named value with type word64. More... | |
| CRYPTOPP_DLL word64 | GetWord64ValueWithDefault (const char *name, word64 defaultValue) const |
| Get a named value with type word64, with default. More... | |
| template<class T > | |
| void | GetRequiredParameter (const char *className, const char *name, T &value) const |
| Retrieves a required name/value pair. More... | |
| CRYPTOPP_DLL void | GetRequiredIntParameter (const char *className, const char *name, int &value) const |
| Retrieves a required name/value pair. More... | |
Static Public Attributes | |
| static const int | SECRET_KEYLENGTH = 32 |
| Size of the private key. More... | |
| static const int | PUBLIC_KEYLENGTH = 32 |
| Size of the public key. More... | |
| static const int | SIGNATURE_LENGTH = 64 |
| Size of the signature. More... | |
Additional Inherited Members | |
| Static Public Member Functions inherited from NameValuePairs | |
| static CRYPTOPP_DLL void | ThrowIfTypeMismatch (const char *name, const std::type_info &stored, const std::type_info &retrieving) |
| Ensures an expected name and type is present. More... | |
Detailed Description
Ed25519 private key.
ed25519PrivateKey is somewhat of a hack. It needed to provide DL_PrivateKey interface to fit into the existing framework, but it lacks a lot of the internals of a true DL_PrivateKey. The missing pieces include GroupParameters and Point, which provide the low level field operations found in traditional implementations like NIST curves over prime and binary fields.
ed25519PrivateKey is also unusual because the class members of interest are byte arrays and not Integers. In addition, the byte arrays are little-endian meaning LSB is at element 0 and the MSB is at element 31. If you call GetPrivateExponent() then the little-endian byte array is converted to a big-endian Integer() so it can be returned the way a caller expects. And calling SetPrivateExponent performs a similar internal conversion.
- Since
- Crypto++ 8.0
Definition at line 355 of file xed25519.h.
Member Function Documentation
◆ Validate()
|
virtual |
Check this object for errors.
- Parameters
-
rng a RandomNumberGenerator for objects which use randomized testing level the level of thoroughness
- Returns
- true if the tests succeed, false otherwise
There are four levels of thoroughness:
- 0 - using this object won't cause a crash or exception
- 1 - this object will probably function, and encrypt, sign, other operations correctly
- 2 - ensure this object will function correctly, and perform reasonable security checks
- 3 - perform reasonable security checks, and do checks that may take a long time
Level 0 does not require a RandomNumberGenerator. A NullRNG() can be used for level 0. Level 1 may not check for weak keys and such. Levels 2 and 3 are recommended.
- See also
- ThrowIfInvalid()
Implements CryptoMaterial.
Definition at line 390 of file xed25519.cpp.
◆ GetVoidValue()
|
virtual |
Get a named value.
- Parameters
-
name the name of the object or value to retrieve valueType reference to a variable that receives the value pValue void pointer to a variable that receives the value
- Returns
- true if the value was retrieved, false otherwise
GetVoidValue() retrieves the value of name if it exists.
- Note
- GetVoidValue() is an internal function and should be implemented by derived classes. Users should use one of the other functions instead.
- See also
- GetValue(), GetValueWithDefault(), GetIntValue(), GetIntValueWithDefault(), GetRequiredParameter() and GetRequiredIntParameter()
Implements NameValuePairs.
Definition at line 410 of file xed25519.cpp.
◆ AssignFrom()
|
virtual |
Assign values to this object.
This function can be used to create a public key from a private key.
Implements CryptoMaterial.
Definition at line 439 of file xed25519.cpp.
◆ GetAlgorithmID()
|
inlinevirtual |
Retrieves the OID of the algorithm.
- Returns
- OID of the algorithm
Implements PKCS8PrivateKey.
Definition at line 377 of file xed25519.h.
◆ Save() [1/2]
|
inlinevirtual |
DER encode ASN.1 object.
- Parameters
-
bt BufferedTransformation object
Save() will write the OID associated with algorithm or scheme. In the case of public and private keys, this function writes the subjectPublicKeyInfo parts.
The default OID is from RFC 8410 using id-Ed25519. The default private key format is RFC 5208, which is the old format. The old format provides the best interop, and keys will work with OpenSSL.
Reimplemented from CryptoMaterial.
Definition at line 392 of file xed25519.h.
◆ Save() [2/2]
|
inline |
DER encode ASN.1 object.
- Parameters
-
bt BufferedTransformation object v1 flag indicating v1
Save() will write the OID associated with algorithm or scheme. In the case of public and private keys, this function writes the subjectPublicKeyInfo parts.
The default OID is from RFC 8410 using id-Ed25519. The default private key format is RFC 5208.
v1 means INTEGER 0 is written. INTEGER 0 means RFC 5208 format, which is the old format. The old format provides the best interop, and keys will work with OpenSSL. The other option uses INTEGER 1. INTEGER 1 means RFC 5958 format, which is the new format.
Definition at line 411 of file xed25519.h.
◆ Load()
|
inlinevirtual |
BER decode ASN.1 object.
- Parameters
-
bt BufferedTransformation object
Reimplemented from CryptoMaterial.
Definition at line 419 of file xed25519.h.
◆ MakePublicKey()
| void ed25519PrivateKey::MakePublicKey | ( | PublicKey & | pub | ) | const |
Initializes a public key from this key.
- Parameters
-
pub reference to a public key
Definition at line 477 of file xed25519.cpp.
◆ BERDecode()
|
virtual |
Decode this object from a BufferedTransformation.
- Parameters
-
bt BufferedTransformation object
Uses Basic Encoding Rules (BER)
Reimplemented from PKCS8PrivateKey.
Definition at line 499 of file xed25519.cpp.
◆ DEREncode() [1/2]
|
inlinevirtual |
Encode this object into a BufferedTransformation.
- Parameters
-
bt BufferedTransformation object
Uses Distinguished Encoding Rules (DER)
Reimplemented from PKCS8PrivateKey.
Definition at line 429 of file xed25519.h.
◆ BERDecodePrivateKey()
|
virtual |
Decode privateKey part of privateKeyInfo.
- Parameters
-
bt BufferedTransformation object parametersPresent flag indicating if algorithm parameters are present size number of octets to read for the parameters, in bytes
BERDecodePrivateKey() the decodes privateKey part of privateKeyInfo, without the OCTET STRING header.
When parametersPresent = true then BERDecodePrivateKey() calls BERDecodeAlgorithmParameters() to parse algorithm parameters.
- See also
- BERDecodeAlgorithmParameters
Implements PKCS8PrivateKey.
Definition at line 570 of file xed25519.cpp.
◆ DEREncodePrivateKey()
|
virtual |
Encode privateKey part of privateKeyInfo.
- Parameters
-
bt BufferedTransformation object
DEREncodePrivateKey() encodes the privateKey part of privateKeyInfo, without the OCTET STRING header.
- See also
- DEREncodeAlgorithmParameters
Implements PKCS8PrivateKey.
Definition at line 591 of file xed25519.cpp.
◆ DEREncode() [2/2]
| void ed25519PrivateKey::DEREncode | ( | BufferedTransformation & | bt, |
| int | version | ||
| ) | const |
DER encode ASN.1 object.
- Parameters
-
bt BufferedTransformation object version indicates version
DEREncode() will write the OID associated with algorithm or scheme. In the case of public and private keys, this function writes the subjectPublicKeyInfo parts.
The default OID is from RFC 8410 using id-X25519. The default private key format is RFC 5208.
The value of version is written as the INTEGER. INTEGER 0 means RFC 5208 format, which is the old format. The old format provides the best interop, and keys will work with OpenSSL. The INTEGER 1 means RFC 5958 format, which is the new format.
Definition at line 543 of file xed25519.cpp.
◆ BERDecodeAndCheckAlgorithmID()
| void ed25519PrivateKey::BERDecodeAndCheckAlgorithmID | ( | BufferedTransformation & | bt | ) |
Determine if OID is valid for this object.
BERDecodeAndCheckAlgorithmID() parses the OID from bt and determines if it valid for this object. The problem in practice is there are multiple OIDs available to denote curve25519 operations. The OIDs include an old GNU OID used by SSH, OIDs specified in draft-josefsson-pkix-newcurves, and OIDs specified in draft-ietf-curdle-pkix.
By default BERDecodeAndCheckAlgorithmID() accepts an OID set by the user, ASN1::curve25519() and ASN1::Ed25519(). ASN1::curve25519() is generic and says "this key is valid for
curve25519 operations". ASN1::Ed25519() is specific and says "this key is valid for ed25519 signing."
Definition at line 484 of file xed25519.cpp.
◆ GenerateRandom()
|
virtual |
Generate a random key or crypto parameters.
- Parameters
-
rng a RandomNumberGenerator to produce keying material params additional initialization parameters
- Exceptions
-
KeyingErr if a key can't be generated or algorithm parameters are invalid
If a derived class does not override GenerateRandom(), then the base class throws NotImplemented.
Reimplemented from GeneratableCryptoMaterial.
Definition at line 466 of file xed25519.cpp.
◆ IsSmallOrder()
| bool ed25519PrivateKey::IsSmallOrder | ( | const byte | y[PUBLIC_KEYLENGTH] | ) | const |
◆ GetPrivateKeyBytePtr()
|
inline |
Retrieve private key byte array.
- Returns
- the private key byte array
GetPrivateKeyBytePtr() is used by signing code to call ed25519_sign.
Definition at line 474 of file xed25519.h.
◆ GetPublicKeyBytePtr()
|
inline |
Retrieve public key byte array.
- Returns
- the public key byte array
GetPublicKeyBytePtr() is used by signing code to call ed25519_sign.
Definition at line 481 of file xed25519.h.
Member Data Documentation
◆ SECRET_KEYLENGTH
|
static |
Size of the private key.
SECRET_KEYLENGTH is the size of the private key, in bytes.
Definition at line 359 of file xed25519.h.
◆ PUBLIC_KEYLENGTH
|
static |
Size of the public key.
PUBLIC_KEYLENGTH is the size of the public key, in bytes.
Definition at line 362 of file xed25519.h.
◆ SIGNATURE_LENGTH
|
static |
Size of the signature.
SIGNATURE_LENGTH is the size of the signature, in bytes. ed25519 is a DL-based signature scheme. The signature is the concatenation of r || s.
Definition at line 367 of file xed25519.h.
The documentation for this struct was generated from the following files:
