An Ed25519 public key.
bytes: [encoded_length]u8Length (in bytes) of a raw public key.
pub const encoded_length = 32pub fn fromBytes(bytes: [encoded_length]u8) NonCanonicalError!PublicKeyCreate a public key from raw bytes.
bytes: [encoded_length]u8pub fn fromBytes(bytes: [encoded_length]u8) NonCanonicalError!PublicKey {
try Curve.rejectNonCanonical(bytes);
return PublicKey{ .bytes = bytes };
}pub fn toBytes(pk: PublicKey) [encoded_length]u8Convert a public key to raw bytes.
pk: PublicKeypub fn toBytes(pk: PublicKey) [encoded_length]u8 {
return pk.bytes;
}pub const PublicKey = struct {
/// Length (in bytes) of a raw public key.
pub const encoded_length = 32;
bytes: [encoded_length]u8,
/// Create a public key from raw bytes.
pub fn fromBytes(bytes: [encoded_length]u8) NonCanonicalError!PublicKey {
try Curve.rejectNonCanonical(bytes);
return PublicKey{ .bytes = bytes };
}
/// Convert a public key to raw bytes.
pub fn toBytes(pk: PublicKey) [encoded_length]u8 {
return pk.bytes;
}
fn signWithNonce(public_key: PublicKey, msg: []const u8, scalar: CompressedScalar, nonce: CompressedScalar) (IdentityElementError || NonCanonicalError || KeyMismatchError || WeakPublicKeyError)!Signature {
var st = try Signer.init(scalar, nonce, public_key);
st.update(msg);
return st.finalize();
}
fn computeNonceAndSign(public_key: PublicKey, msg: []const u8, noise: ?[noise_length]u8, scalar: CompressedScalar, prefix: []const u8) (IdentityElementError || NonCanonicalError || KeyMismatchError || WeakPublicKeyError)!Signature {
var h = Sha512.init(.{});
if (noise) |*z| {
h.update(z);
}
h.update(prefix);
h.update(msg);
var nonce64: [64]u8 = undefined;
h.final(&nonce64);
const nonce = Curve.scalar.reduce64(nonce64);
return public_key.signWithNonce(msg, scalar, nonce);
}
}