1 stable release
4.0.0 | Dec 29, 2022 |
---|
#2488 in Cryptography
138 downloads per month
Used in 4 crates
(3 directly)
105KB
1.5K
SLoC
A fork of ed25519-dalek in Noah
This crate is a fork of ed25519-dalek with some dependencies updates.
Please refer to the original repository for more information. We plan to switch to ed25519-dalek 4.0 when it is ready.
lib.rs
:
A Rust implementation of ed25519 key generation, signing, and verification.
Example
Creating an ed25519 signature on a message is simple.
First, we need to generate a Keypair
, which includes both public and
secret halves of an asymmetric key. To do so, we need a cryptographically
secure pseudorandom number generator (CSPRNG). For this example, we'll use
the operating system's builtin PRNG:
extern crate rand;
extern crate noah_ed25519_dalek;
use rand::rngs::OsRng;
use noah_ed25519_dalek::Keypair;
use noah_ed25519_dalek::Signature;
let mut csprng = OsRng{};
let keypair: Keypair = Keypair::generate(&mut csprng);
#
We can now use this keypair
to sign a message:
use noah_ed25519_dalek::{Signature, Signer};
let message: &[u8] = b"This is a test of the tsunami alert system.";
let signature: Signature = keypair.sign(message);
As well as to verify that this is, indeed, a valid signature on
that message
:
use noah_ed25519_dalek::Verifier;
assert!(keypair.verify(message, &signature).is_ok());
Anyone else, given the public
half of the keypair
can also easily
verify this signature:
use noah_ed25519_dalek::{PublicKey, Verifier};
let public_key: PublicKey = keypair.public_key();
assert!(public_key.verify(message, &signature).is_ok());
Serialisation
PublicKey
s, SecretKey
s, Keypair
s, and Signature
s can be serialised
into byte-arrays by calling .to_bytes()
. It's perfectly acceptible and
safe to transfer and/or store those bytes. (Of course, never transfer your
secret key to anyone else, since they will only need the public key to
verify your signatures!)
use noah_ed25519_dalek::{PUBLIC_KEY_LENGTH, SECRET_KEY_LENGTH, KEYPAIR_LENGTH, SIGNATURE_LENGTH};
let public_key_bytes: [u8; PUBLIC_KEY_LENGTH] = keypair.public_key().to_bytes();
let secret_key_bytes: [u8; SECRET_KEY_LENGTH] = keypair.secret_key().to_bytes();
let keypair_bytes: [u8; KEYPAIR_LENGTH] = keypair.to_bytes();
let signature_bytes: [u8; SIGNATURE_LENGTH] = signature.to_bytes();
And similarly, decoded from bytes with ::from_bytes()
:
#
let public_key: PublicKey = PublicKey::from_bytes(&public_key_bytes)?;
let secret_key: SecretKey = SecretKey::from_bytes(&secret_key_bytes)?;
let keypair: Keypair = Keypair::from_bytes(&keypair_bytes)?;
let signature: Signature = Signature::try_from(&signature_bytes[..])?;
#
Using Serde
If you prefer the bytes to be wrapped in another serialisation format, all
types additionally come with built-in serde support by
building ed25519-dalek
via:
$ cargo build --features="serde"
They can be then serialised into any of the wire formats which serde supports. For example, using bincode:
use bincode::serialize;
let encoded_public_key: Vec<u8> = serialize(&public_key).unwrap();
let encoded_signature: Vec<u8> = serialize(&signature).unwrap();
After sending the encoded_public_key
and encoded_signature
, the
recipient may deserialise them and verify:
#
use bincode::deserialize;
let message: &[u8] = b"This is a test of the tsunami alert system.";
let decoded_public_key: PublicKey = deserialize(&encoded_public_key).unwrap();
let decoded_signature: Signature = deserialize(&encoded_signature).unwrap();
#
let verified: bool = decoded_public_key.verify(&message, &decoded_signature).is_ok();
assert!(verified);
Dependencies
~5MB
~106K SLoC