|
Crypto++
8.8
Free C++ class library of cryptographic schemes
|
Classes for x25519 and ed25519 operations. More...
Go to the source code of this file.
Classes | |
| class | x25519 |
| x25519 with key validation More... | |
| struct | ed25519_MessageAccumulator |
| ed25519 message accumulator More... | |
| struct | ed25519PrivateKey |
| Ed25519 private key. More... | |
| struct | ed25519Signer |
| Ed25519 signature algorithm. More... | |
| struct | ed25519PublicKey |
| Ed25519 public key. More... | |
| struct | ed25519Verifier |
| Ed25519 signature verification algorithm. More... | |
| struct | ed25519 |
| Ed25519 signature scheme. More... | |
Classes for x25519 and ed25519 operations.
This implementation integrates Andrew Moon's public domain code for curve25519-donna and ed25519-donna.
Moving keys into and out of the library proceeds as follows. If an Integer class is accepted or returned, then the data is in big endian format. That is, the MSB is at byte position 0, and the LSB is at byte position 31. The Integer will work as expected, just like an int or a long.
If a byte array is accepted, then the byte array is in little endian format. That is, the LSB is at byte position 0, and the MSB is at byte position 31. This follows the implementation where byte 0 is clamed with 248. That is my_arr[0] &= 248 to mask the lower 3 bits.
PKCS8 and X509 keys encoded using ASN.1 follow little endian arrays. The format is specified in draft-ietf-curdle-pkix.
If you have a little endian array and you want to wrap it in an Integer using big endian then you can perform the following:
Integer x(my_arr, SECRET_KEYLENGTH, UNSIGNED, LITTLE_ENDIAN_ORDER);
Definition in file xed25519.h.
1.9.1