15 #ifndef __DECAF_ED448_H__ 16 #define __DECAF_ED448_H__ 1 20 #include <decaf/sha512.h> 27 #define DECAF_EDDSA_448_PUBLIC_BYTES 57 30 #define DECAF_EDDSA_448_PRIVATE_BYTES DECAF_EDDSA_448_PUBLIC_BYTES 33 #define DECAF_EDDSA_448_SIGNATURE_BYTES (DECAF_EDDSA_448_PUBLIC_BYTES + DECAF_EDDSA_448_PRIVATE_BYTES) 37 #define DECAF_EDDSA_448_SUPPORTS_CONTEXTLESS_SIGS 0 40 #define DECAF_EDDSA_448_SUPPORTS_CONTEXTLESS_SIGS 0 45 #define decaf_ed448_prehash_ctx_s decaf_shake256_ctx_s 48 #define decaf_ed448_prehash_ctx_t decaf_shake256_ctx_t 51 #define decaf_ed448_prehash_update decaf_shake256_update 54 #define decaf_ed448_prehash_destroy decaf_shake256_destroy 57 #define DECAF_448_EDDSA_ENCODE_RATIO 4 60 #define DECAF_448_EDDSA_DECODE_RATIO (4 / 4) 62 #ifndef DECAF_EDDSA_NON_KEYPAIR_API_IS_DEPRECATED 64 #define DECAF_EDDSA_NON_KEYPAIR_API_IS_DEPRECATED 0 69 typedef struct decaf_eddsa_448_keypair_s {
72 } decaf_eddsa_448_keypair_s, decaf_eddsa_448_keypair_t[1];
85 ) DECAF_NONNULL DECAF_NOINLINE;
95 decaf_eddsa_448_keypair_t keypair,
96 const uint8_t privkey[DECAF_EDDSA_448_PRIVATE_BYTES]
97 ) DECAF_NONNULL DECAF_NOINLINE;
106 uint8_t pubkey[DECAF_EDDSA_448_PUBLIC_BYTES],
107 const decaf_eddsa_448_keypair_t keypair
108 ) DECAF_NONNULL DECAF_NOINLINE;
117 uint8_t privkey[DECAF_EDDSA_448_PRIVATE_BYTES],
118 const decaf_eddsa_448_keypair_t keypair
119 ) DECAF_NONNULL DECAF_NOINLINE;
126 decaf_eddsa_448_keypair_t keypair
127 ) DECAF_NONNULL DECAF_NOINLINE;
152 const uint8_t privkey[DECAF_EDDSA_448_PRIVATE_BYTES],
153 const uint8_t pubkey[DECAF_EDDSA_448_PUBLIC_BYTES],
154 const uint8_t *message,
157 const uint8_t *context,
159 ) __attribute__((nonnull(1,2,3))) DECAF_NOINLINE
160 #if DECAF_EDDSA_NON_KEYPAIR_API_IS_DEPRECATED 161 __attribute__((deprecated(
"Passing the pubkey and privkey separately is unsafe",
162 "decaf_ed448_keypair_sign")))
181 uint8_t signature[DECAF_EDDSA_448_SIGNATURE_BYTES],
182 const uint8_t privkey[DECAF_EDDSA_448_PRIVATE_BYTES],
183 const uint8_t pubkey[DECAF_EDDSA_448_PUBLIC_BYTES],
185 const uint8_t *context,
187 ) __attribute__((nonnull(1,2,3,4))) DECAF_NOINLINE
188 #if DECAF_EDDSA_NON_KEYPAIR_API_IS_DEPRECATED 189 __attribute__((deprecated(
"Passing the pubkey and privkey separately is unsafe",
190 "decaf_ed448_keypair_sign_prehash")))
206 uint8_t signature[DECAF_EDDSA_448_SIGNATURE_BYTES],
207 const decaf_eddsa_448_keypair_t keypair,
208 const uint8_t *message,
211 const uint8_t *context,
213 ) __attribute__((nonnull(1,2,3))) DECAF_NOINLINE;
225 uint8_t signature[DECAF_EDDSA_448_SIGNATURE_BYTES],
226 const decaf_eddsa_448_keypair_t keypair,
228 const uint8_t *context,
230 ) __attribute__((nonnull(1,2,3,4))) DECAF_NOINLINE;
239 ) __attribute__((nonnull(1))) DECAF_NOINLINE;
260 const uint8_t signature[DECAF_EDDSA_448_SIGNATURE_BYTES],
261 const uint8_t pubkey[DECAF_EDDSA_448_PUBLIC_BYTES],
262 const uint8_t *message,
265 const uint8_t *context,
267 ) __attribute__((nonnull(1,2))) DECAF_NOINLINE;
286 const uint8_t signature[DECAF_EDDSA_448_SIGNATURE_BYTES],
287 const uint8_t pubkey[DECAF_EDDSA_448_PUBLIC_BYTES],
289 const uint8_t *context,
291 ) __attribute__((nonnull(1,2))) DECAF_NOINLINE;
318 uint8_t enc[DECAF_EDDSA_448_PUBLIC_BYTES],
320 ) DECAF_NONNULL DECAF_NOINLINE;
333 const uint8_t enc[DECAF_EDDSA_448_PUBLIC_BYTES]
334 ) DECAF_NONNULL DECAF_NOINLINE;
349 const uint8_t ed[DECAF_EDDSA_448_PUBLIC_BYTES]
350 ) DECAF_NONNULL DECAF_NOINLINE;
362 const uint8_t ed[DECAF_EDDSA_448_PRIVATE_BYTES]
363 ) DECAF_NONNULL DECAF_NOINLINE;
void DECAF_API_VIS decaf_ed448_derive_public_key(uint8_t pubkey[DECAF_EDDSA_448_PUBLIC_BYTES], const uint8_t privkey[DECAF_EDDSA_448_PRIVATE_BYTES]) DECAF_NONNULL DECAF_NOINLINE
EdDSA key generation.
void DECAF_API_VIS decaf_ed448_derive_keypair(decaf_eddsa_448_keypair_t keypair, const uint8_t privkey[DECAF_EDDSA_448_PRIVATE_BYTES]) DECAF_NONNULL DECAF_NOINLINE
EdDSA keypair scheduling.
decaf_error_t DECAF_API_VIS decaf_448_point_decode_like_eddsa_and_mul_by_ratio(decaf_448_point_t p, const uint8_t enc[DECAF_EDDSA_448_PUBLIC_BYTES]) DECAF_NONNULL DECAF_NOINLINE
EdDSA point decoding.
A group of prime order p, based on Ed448-Goldilocks.
void DECAF_API_VIS decaf_ed448_convert_public_key_to_x448(uint8_t x[DECAF_X448_PUBLIC_BYTES], const uint8_t ed[DECAF_EDDSA_448_PUBLIC_BYTES]) DECAF_NONNULL DECAF_NOINLINE
EdDSA to ECDH public key conversion Deserialize the point to get y on Edwards curve, Convert it to u coordinate on Montgomery curve.
Definition: decaf.c:1335
#define DECAF_X448_PUBLIC_BYTES
Number of bytes in an x448 public key.
Definition: point_448.h:62
#define DECAF_EDDSA_448_PUBLIC_BYTES
Number of bytes in an EdDSA public key.
Definition: ed448.h:27
decaf_error_t
Another boolean type used to indicate success or failure.
Definition: common.h:120
void DECAF_API_VIS decaf_ed448_prehash_init(decaf_ed448_prehash_ctx_t hash) DECAF_NOINLINE
Prehash initialization, with contexts if supported.
void DECAF_API_VIS decaf_ed448_keypair_sign_prehash(uint8_t signature[DECAF_EDDSA_448_SIGNATURE_BYTES], const decaf_eddsa_448_keypair_t keypair, const decaf_ed448_prehash_ctx_t hash, const uint8_t *context, uint8_t context_len) DECAF_NOINLINE
EdDSA signing with prehash.
decaf_error_t DECAF_API_VIS decaf_ed448_verify_prehash(const uint8_t signature[DECAF_EDDSA_448_SIGNATURE_BYTES], const uint8_t pubkey[DECAF_EDDSA_448_PUBLIC_BYTES], const decaf_ed448_prehash_ctx_t hash, const uint8_t *context, uint8_t context_len) DECAF_NOINLINE
EdDSA signature verification.
struct decaf_448_point_s decaf_448_point_t[1]
Representation of a point on the elliptic curve.
#define decaf_ed448_prehash_ctx_t
Prehash context, array[1] form.
Definition: ed448.h:48
void DECAF_API_VIS decaf_ed448_keypair_extract_public_key(uint8_t pubkey[DECAF_EDDSA_448_PUBLIC_BYTES], const decaf_eddsa_448_keypair_t keypair) DECAF_NONNULL DECAF_NOINLINE
Extract the public key from an EdDSA keypair.
#define DECAF_X448_PRIVATE_BYTES
Number of bytes in an x448 private key.
Definition: point_448.h:65
void DECAF_API_VIS decaf_ed448_convert_private_key_to_x448(uint8_t x[DECAF_X448_PRIVATE_BYTES], const uint8_t ed[DECAF_EDDSA_448_PRIVATE_BYTES]) DECAF_NONNULL DECAF_NOINLINE
EdDSA to ECDH private key conversion Using the appropriate hash function, hash the EdDSA private key ...
void DECAF_API_VIS decaf_ed448_keypair_extract_private_key(uint8_t privkey[DECAF_EDDSA_448_PRIVATE_BYTES], const decaf_eddsa_448_keypair_t keypair) DECAF_NONNULL DECAF_NOINLINE
Extract the private key from an EdDSA keypair.
void DECAF_API_VIS decaf_ed448_sign_prehash(uint8_t signature[DECAF_EDDSA_448_SIGNATURE_BYTES], const uint8_t privkey[DECAF_EDDSA_448_PRIVATE_BYTES], const uint8_t pubkey[DECAF_EDDSA_448_PUBLIC_BYTES], const decaf_ed448_prehash_ctx_t hash, const uint8_t *context, uint8_t context_len) DECAF_NOINLINE
EdDSA signing with prehash.
void DECAF_API_VIS decaf_ed448_keypair_destroy(decaf_eddsa_448_keypair_t keypair) DECAF_NONNULL DECAF_NOINLINE
EdDSA keypair destructor.
decaf_error_t DECAF_API_VIS decaf_ed448_verify(const uint8_t signature[DECAF_EDDSA_448_SIGNATURE_BYTES], const uint8_t pubkey[DECAF_EDDSA_448_PUBLIC_BYTES], const uint8_t *message, size_t message_len, uint8_t prehashed, const uint8_t *context, uint8_t context_len) DECAF_NOINLINE
EdDSA signature verification.
void DECAF_API_VIS decaf_ed448_sign(uint8_t signature[DECAF_EDDSA_448_SIGNATURE_BYTES], const uint8_t privkey[DECAF_EDDSA_448_PRIVATE_BYTES], const uint8_t pubkey[DECAF_EDDSA_448_PUBLIC_BYTES], const uint8_t *message, size_t message_len, uint8_t prehashed, const uint8_t *context, uint8_t context_len) DECAF_NOINLINE
EdDSA signing.
#define DECAF_EDDSA_448_PRIVATE_BYTES
Number of bytes in an EdDSA private key.
Definition: ed448.h:30
void DECAF_API_VIS decaf_448_point_mul_by_ratio_and_encode_like_eddsa(uint8_t enc[DECAF_EDDSA_448_PUBLIC_BYTES], const decaf_448_point_t p) DECAF_NONNULL DECAF_NOINLINE
EdDSA point encoding.
void DECAF_API_VIS decaf_ed448_keypair_sign(uint8_t signature[DECAF_EDDSA_448_SIGNATURE_BYTES], const decaf_eddsa_448_keypair_t keypair, const uint8_t *message, size_t message_len, uint8_t prehashed, const uint8_t *context, uint8_t context_len) DECAF_NOINLINE
EdDSA signing.
#define DECAF_EDDSA_448_SIGNATURE_BYTES
Number of bytes in an EdDSA private key.
Definition: ed448.h:33