tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

Hacl_Ed25519.h (4430B)

      1 /* MIT License
      2 *
      3 * Copyright (c) 2016-2022 INRIA, CMU and Microsoft Corporation
      4 * Copyright (c) 2022-2023 HACL* Contributors
      5 *
      6 * Permission is hereby granted, free of charge, to any person obtaining a copy
      7 * of this software and associated documentation files (the "Software"), to deal
      8 * in the Software without restriction, including without limitation the rights
      9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
     10 * copies of the Software, and to permit persons to whom the Software is
     11 * furnished to do so, subject to the following conditions:
     12 *
     13 * The above copyright notice and this permission notice shall be included in all
     14 * copies or substantial portions of the Software.
     15 *
     16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
     17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
     18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
     19 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
     20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
     21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
     22 * SOFTWARE.
     23 */
     24 
     25 #ifndef __Hacl_Ed25519_H
     26 #define __Hacl_Ed25519_H
     27 
     28 #if defined(__cplusplus)
     29 extern "C" {
     30 #endif
     31 
     32 #include <string.h>
     33 #include "krml/internal/types.h"
     34 #include "krml/lowstar_endianness.h"
     35 #include "krml/internal/target.h"
     36 
     37 #include "Hacl_Streaming_Types.h"
     38 #include "Hacl_Krmllib.h"
     39 
     40 /********************************************************************************
     41  Verified C library for EdDSA signing and verification on the edwards25519 curve.
     42 ********************************************************************************/
     43 
     44 /**
     45 Compute the public key from the private key.
     46 
     47  The outparam `public_key`  points to 32 bytes of valid memory, i.e., uint8_t[32].
     48  The argument `private_key` points to 32 bytes of valid memory, i.e., uint8_t[32].
     49 */
     50 void Hacl_Ed25519_secret_to_public(uint8_t *public_key, uint8_t *private_key);
     51 
     52 /**
     53 Compute the expanded keys for an Ed25519 signature.
     54 
     55  The outparam `expanded_keys` points to 96 bytes of valid memory, i.e., uint8_t[96].
     56  The argument `private_key`   points to 32 bytes of valid memory, i.e., uint8_t[32].
     57 
     58  If one needs to sign several messages under the same private key, it is more efficient
     59  to call `expand_keys` only once and `sign_expanded` multiple times, for each message.
     60 */
     61 void Hacl_Ed25519_expand_keys(uint8_t *expanded_keys, uint8_t *private_key);
     62 
     63 /**
     64 Create an Ed25519 signature with the (precomputed) expanded keys.
     65 
     66  The outparam `signature`     points to 64 bytes of valid memory, i.e., uint8_t[64].
     67  The argument `expanded_keys` points to 96 bytes of valid memory, i.e., uint8_t[96].
     68  The argument `msg`    points to `msg_len` bytes of valid memory, i.e., uint8_t[msg_len].
     69 
     70  The argument `expanded_keys` is obtained through `expand_keys`.
     71 
     72  If one needs to sign several messages under the same private key, it is more efficient
     73  to call `expand_keys` only once and `sign_expanded` multiple times, for each message.
     74 */
     75 void
     76 Hacl_Ed25519_sign_expanded(
     77    uint8_t *signature,
     78    uint8_t *expanded_keys,
     79    uint32_t msg_len,
     80    uint8_t *msg);
     81 
     82 /**
     83 Create an Ed25519 signature.
     84 
     85  The outparam `signature`   points to 64 bytes of valid memory, i.e., uint8_t[64].
     86  The argument `private_key` points to 32 bytes of valid memory, i.e., uint8_t[32].
     87  The argument `msg`  points to `msg_len` bytes of valid memory, i.e., uint8_t[msg_len].
     88 
     89  The function first calls `expand_keys` and then invokes `sign_expanded`.
     90 
     91  If one needs to sign several messages under the same private key, it is more efficient
     92  to call `expand_keys` only once and `sign_expanded` multiple times, for each message.
     93 */
     94 void
     95 Hacl_Ed25519_sign(uint8_t *signature, uint8_t *private_key, uint32_t msg_len, uint8_t *msg);
     96 
     97 /**
     98 Verify an Ed25519 signature.
     99 
    100  The function returns `true` if the signature is valid and `false` otherwise.
    101 
    102  The argument `public_key` points to 32 bytes of valid memory, i.e., uint8_t[32].
    103  The argument `msg` points to `msg_len` bytes of valid memory, i.e., uint8_t[msg_len].
    104  The argument `signature`  points to 64 bytes of valid memory, i.e., uint8_t[64].
    105 */
    106 bool
    107 Hacl_Ed25519_verify(uint8_t *public_key, uint32_t msg_len, uint8_t *msg, uint8_t *signature);
    108 
    109 #if defined(__cplusplus)
    110 }
    111 #endif
    112 
    113 #define __Hacl_Ed25519_H_DEFINED
    114 #endif