Ed25519 signature verification algorithm. More...

Inheritance diagram for ed25519Verifier:

Public Types
typedef Integer	Element

Public Member Functions
	ed25519Verifier ()
	Create an ed25519Verifier object.

	ed25519Verifier (const byte y[PUBLIC_KEYLENGTH])
	Create an ed25519Verifier object. More...

	ed25519Verifier (const Integer &y)
	Create an ed25519Verifier object. More...

	ed25519Verifier (const X509PublicKey &key)
	Create an ed25519Verifier object. More...

	ed25519Verifier (BufferedTransformation &params)
	Create an ed25519Verifier object. More...

	ed25519Verifier (const ed25519Signer &signer)
	Create an ed25519Verifier object. More...

PublicKey &	AccessKey ()
	Retrieves a reference to a Public Key. More...

PublicKey &	AccessPublicKey ()
	Retrieves a reference to a Public Key. More...

const PublicKey &	GetKey () const
	Retrieves a reference to a Public Key. More...

const PublicKey &	GetPublicKey () const
	Retrieves a reference to a Public Key. More...

size_t	SignatureLength () const
	Provides the signature length if it only depends on the key. More...

size_t	MaxRecoverableLength () const
	Provides the length of longest message that can be recovered. More...

size_t	MaxRecoverableLengthFromSignatureLength (size_t signatureLength) const
	Provides the length of longest message that can be recovered from a signature of given length. More...

bool	IsProbabilistic () const
	Determines whether a signature scheme requires a random number generator. More...

bool	AllowNonrecoverablePart () const
	Determines whether the non-recoverable message part can be signed. More...

bool	RecoverablePartFirst () const
	Determines whether the recoverable part must be input before the non-recoverable part. More...

ed25519_MessageAccumulator *	NewVerificationAccumulator () const
	Create a new HashTransformation to accumulate the message to be verified. More...

void	InputSignature (PK_MessageAccumulator &messageAccumulator, const byte *signature, size_t signatureLength) const
	Input signature into a message accumulator. More...

bool	VerifyAndRestart (PK_MessageAccumulator &messageAccumulator) const
	Check whether messageAccumulator contains a valid signature and message, and restart messageAccumulator. More...

bool	VerifyStream (std::istream &stream, const byte *signature, size_t signatureLen) const
	Check whether input signature is a valid signature for input message. More...

DecodingResult	RecoverAndRestart (byte *recoveredMessage, PK_MessageAccumulator &messageAccumulator) const
	Recover a message from its signature. More...

Public Member Functions inherited from PK_Verifier
virtual bool	Verify (PK_MessageAccumulator *messageAccumulator) const
	Check whether messageAccumulator contains a valid signature and message. More...

virtual bool	VerifyMessage (const byte message, size_t messageLen, const byte signature, size_t signatureLen) const
	Check whether input signature is a valid signature for input message. More...

virtual DecodingResult	Recover (byte recoveredMessage, PK_MessageAccumulator messageAccumulator) const
	Recover a message from its signature. More...

virtual DecodingResult	RecoverMessage (byte recoveredMessage, const byte nonrecoverableMessage, size_t nonrecoverableMessageLength, const byte *signature, size_t signatureLength) const
	Recover a message from its signature. More...

Public Member Functions inherited from PK_SignatureScheme
virtual size_t	MaxSignatureLength (size_t recoverablePartLength=0) const
	Provides the maximum signature length produced given the length of the recoverable message part. More...

virtual bool	SignatureUpfront () const
	Determines whether the signature must be input before the message. More...

Public Member Functions inherited from PublicKeyAlgorithm
CryptoMaterial &	AccessMaterial ()
	Retrieves a reference to a Public Key. More...

const CryptoMaterial &	GetMaterial () const
	Retrieves a reference to a Public Key. More...

Public Member Functions inherited from Algorithm
	Algorithm (bool checkSelfTestStatus=true)
	Interface for all crypto algorithms. More...

virtual std::string	AlgorithmName () const
	Provides the name of this algorithm. More...

virtual std::string	AlgorithmProvider () const
	Retrieve the provider of this algorithm. More...

Public Member Functions inherited from Clonable
virtual Clonable *	Clone () const
	Copies this object. More...

Static Public Attributes
static const int	PUBLIC_KEYLENGTH = 32

static const int	SIGNATURE_LENGTH = 64

Detailed Description

Ed25519 signature verification algorithm.

Since: Crypto++ 8.0

Definition at line 712 of file xed25519.h.

Constructor & Destructor Documentation

◆ ed25519Verifier() [1/5]

ed25519Verifier::ed25519Verifier ( const byte y[PUBLIC_KEYLENGTH] )

Create an ed25519Verifier object.

Parameters

y	public key

This constructor creates an ed25519Verifier object using existing parameters.

Note: The public key is not validated.

Definition at line 843 of file xed25519.cpp.

◆ ed25519Verifier() [2/5]

ed25519Verifier::ed25519Verifier ( const Integer & y )

Create an ed25519Verifier object.

Parameters

y	public key

This constructor creates an ed25519Verifier object using existing parameters.

Note: The public key is not validated.

Definition at line 849 of file xed25519.cpp.

◆ ed25519Verifier() [3/5]

ed25519Verifier::ed25519Verifier ( const X509PublicKey & key )

Create an ed25519Verifier object.

Parameters

key	X509 public key

This constructor creates an ed25519Verifier object using an existing public key.

Note: The public key is not validated.

Since: Crypto++ 8.6

Definition at line 860 of file xed25519.cpp.

◆ ed25519Verifier() [4/5]

ed25519Verifier::ed25519Verifier ( BufferedTransformation & params )

Create an ed25519Verifier object.

Parameters

params public and private key

This constructor creates an ed25519Verifier object using existing parameters. The params can be created with Save.

Note: The public key is not validated.

Definition at line 868 of file xed25519.cpp.

◆ ed25519Verifier() [5/5]

ed25519Verifier::ed25519Verifier ( const ed25519Signer & signer )

Create an ed25519Verifier object.

Parameters

signer ed25519 signer object

This constructor creates an ed25519Verifier object using existing parameters. The params can be created with Save.

Note: The public key is not validated.

Definition at line 873 of file xed25519.cpp.

Member Function Documentation

◆ AccessKey()

PublicKey& ed25519Verifier::AccessKey ( )

inline

Retrieves a reference to a Public Key.

AccessKey() retrieves a non-const reference to a public key.

Definition at line 759 of file xed25519.h.

◆ AccessPublicKey()

PublicKey& ed25519Verifier::AccessPublicKey ( )

inlinevirtual

Retrieves a reference to a Public Key.

Returns: a reference to the public key

Implements PublicKeyAlgorithm.

Definition at line 760 of file xed25519.h.

◆ GetKey()

const PublicKey& ed25519Verifier::GetKey ( ) const

inline

Retrieves a reference to a Public Key.

GetKey() retrieves a const reference to a public key.

Definition at line 764 of file xed25519.h.

◆ GetPublicKey()

const PublicKey& ed25519Verifier::GetPublicKey ( ) const

inlinevirtual

Retrieves a reference to a Public Key.

Returns: a const reference the public key

Reimplemented from PublicKeyAlgorithm.

Definition at line 765 of file xed25519.h.

◆ SignatureLength()

size_t ed25519Verifier::SignatureLength ( ) const

inlinevirtual

Provides the signature length if it only depends on the key.

Returns: the signature length if it only depends on the key, in bytes

SignatureLength() returns the signature length if it only depends on the key, otherwise 0.

Implements PK_SignatureScheme.

Definition at line 768 of file xed25519.h.

◆ MaxRecoverableLength()

size_t ed25519Verifier::MaxRecoverableLength ( ) const

inlinevirtual

Provides the length of longest message that can be recovered.

Returns: the length of longest message that can be recovered, in bytes

MaxRecoverableLength() returns the length of longest message that can be recovered, or 0 if this signature scheme does not support message recovery.

Implements PK_SignatureScheme.

Definition at line 769 of file xed25519.h.

◆ MaxRecoverableLengthFromSignatureLength()

size_t ed25519Verifier::MaxRecoverableLengthFromSignatureLength ( size_t signatureLength ) const

inlinevirtual

Provides the length of longest message that can be recovered from a signature of given length.

Parameters

signatureLength the length of the signature, in bytes

Returns: the length of longest message that can be recovered from a signature of given length, in bytes

MaxRecoverableLengthFromSignatureLength() returns the length of longest message that can be recovered from a signature of given length, or 0 if this signature scheme does not support message recovery.

Implements PK_SignatureScheme.

Definition at line 770 of file xed25519.h.

◆ IsProbabilistic()

bool ed25519Verifier::IsProbabilistic ( ) const

inlinevirtual

Determines whether a signature scheme requires a random number generator.

Returns: true if the signature scheme requires a RandomNumberGenerator() to sign

if IsProbabilistic() returns false, then NullRNG() can be passed to functions that take RandomNumberGenerator().

Implements PK_SignatureScheme.

Definition at line 774 of file xed25519.h.

◆ AllowNonrecoverablePart()

bool ed25519Verifier::AllowNonrecoverablePart ( ) const

inlinevirtual

Determines whether the non-recoverable message part can be signed.

Returns: true if the non-recoverable message part can be signed

Implements PK_SignatureScheme.

Definition at line 775 of file xed25519.h.

◆ RecoverablePartFirst()

bool ed25519Verifier::RecoverablePartFirst ( ) const

inlinevirtual

Determines whether the recoverable part must be input before the non-recoverable part.

Returns: true if the recoverable part must be input before the non-recoverable part during signing

RecoverablePartFirst() determines whether you must input the recoverable part before the non-recoverable part during signing

Implements PK_SignatureScheme.

Definition at line 776 of file xed25519.h.

◆ NewVerificationAccumulator()

ed25519_MessageAccumulator* ed25519Verifier::NewVerificationAccumulator ( ) const

inlinevirtual

Create a new HashTransformation to accumulate the message to be verified.

Returns: a pointer to a PK_MessageAccumulator

NewVerificationAccumulator() can be used with all verification methods. Verify() will automatically delete the accumulator pointer. The caller is responsible for deletion if a method is called that takes a reference.

Implements PK_Verifier.

Definition at line 778 of file xed25519.h.

◆ InputSignature()

void ed25519Verifier::InputSignature	(	PK_MessageAccumulator &	messageAccumulator,
		const byte *	signature,
		size_t	signatureLength
	)		const

inlinevirtual

Input signature into a message accumulator.

Parameters

messageAccumulator	a pointer to a PK_MessageAccumulator derived class
signature	the signature on the message
signatureLength	the size of the signature

Implements PK_Verifier.

Definition at line 782 of file xed25519.h.

◆ VerifyAndRestart()

bool ed25519Verifier::VerifyAndRestart ( PK_MessageAccumulator & messageAccumulator ) const

virtual

Check whether messageAccumulator contains a valid signature and message, and restart messageAccumulator.

Parameters

messageAccumulator a reference to a PK_MessageAccumulator derived class

Returns: true if the signature is valid, false otherwise

VerifyAndRestart() restarts the messageAccumulator

Implements PK_Verifier.

Definition at line 879 of file xed25519.cpp.

◆ VerifyStream()

bool ed25519Verifier::VerifyStream	(	std::istream &	stream,
		const byte *	signature,
		size_t	signatureLen
	)		const

Check whether input signature is a valid signature for input message.

Parameters

stream	an std::istream derived class
signature	a pointer to the signature over the message
signatureLen	the size of the signature

Returns: true if the signature is valid, false otherwise

VerifyStream() handles large streams. The Stream functions were added to ed25519 for signing and verifying files that are too large for a memory allocation. The functions are not present in other library signers and verifiers.

Since: Crypto++ 8.1

Definition at line 889 of file xed25519.cpp.

◆ RecoverAndRestart()

DecodingResult ed25519Verifier::RecoverAndRestart	(	byte *	recoveredMessage,
		PK_MessageAccumulator &	messageAccumulator
	)		const

inlinevirtual

Recover a message from its signature.

Parameters

recoveredMessage	a pointer to the recoverable message part to be verified
messageAccumulator	a pointer to a PK_MessageAccumulator derived class

Returns: the result of the verification operation

RecoverAndRestart() restarts the messageAccumulator

Precondition: COUNTOF(recoveredMessage) == MaxRecoverableLengthFromSignatureLength(signatureLength)

Implements PK_Verifier.

Definition at line 803 of file xed25519.h.

The documentation for this struct was generated from the following files:

Public Types

Public Member Functions

Static Public Attributes

Detailed Description

Constructor & Destructor Documentation

◆ ed25519Verifier() [1/5]

◆ ed25519Verifier() [2/5]

◆ ed25519Verifier() [3/5]

◆ ed25519Verifier() [4/5]

◆ ed25519Verifier() [5/5]

Member Function Documentation

◆ AccessKey()

◆ AccessPublicKey()

◆ GetKey()

◆ GetPublicKey()

◆ SignatureLength()

◆ MaxRecoverableLength()

◆ MaxRecoverableLengthFromSignatureLength()

◆ IsProbabilistic()

◆ AllowNonrecoverablePart()

◆ RecoverablePartFirst()

◆ NewVerificationAccumulator()

◆ InputSignature()

◆ VerifyAndRestart()

◆ VerifyStream()

◆ RecoverAndRestart()