class RbNaCl::Signatures::Ed25519::SigningKey
Private key for producing digital signatures using the Ed25519
algorithm. Ed25519
provides a 128-bit security level, that is to say, all known attacks take at least 2^128 operations, providing the same security level as AES-128, NIST P-256, and RSA-3072.
Signing keys are produced from a 32-byte (256-bit) random seed value. This value can be passed into the SigningKey
constructor as a String whose bytesize is 32.
The public VerifyKey
can be computed from the private 32-byte seed value as well, eliminating the need to store a “keypair”.
SigningKey
produces 64-byte (512-bit) signatures. The signatures are deterministic: signing the same message will always produce the same signature. This prevents “entropy failure” seen in other signature algorithms like DSA and ECDSA, where poor random number generators can leak enough information to recover the private key.
Attributes
Public Class Methods
Generate a random SigningKey
@return [RbNaCl::SigningKey] Freshly-generated random SigningKey
# File lib/rbnacl/signatures/ed25519/signing_key.rb, line 46 def self.generate new RbNaCl::Random.random_bytes(Ed25519::SEEDBYTES) end
Create a SigningKey
from a seed value
@param seed [String] Random
32-byte value (i.e. private key)
@return [RbNaCl::SigningKey] Key which can sign messages
# File lib/rbnacl/signatures/ed25519/signing_key.rb, line 55 def initialize(seed) seed = seed.to_s Util.check_length(seed, Ed25519::SEEDBYTES, "seed") pk = Util.zeros(Ed25519::VERIFYKEYBYTES) sk = Util.zeros(Ed25519::SIGNINGKEYBYTES) self.class.sign_ed25519_seed_keypair(pk, sk, seed) || raise(CryptoError, "Failed to generate a key pair") @seed = seed @signing_key = sk @verify_key = VerifyKey.new(pk) end
The size of signatures generated by the SigningKey
class
@return [Integer] The number of bytes in a signature
# File lib/rbnacl/signatures/ed25519/signing_key.rb, line 109 def self.signature_bytes Ed25519::SIGNATUREBYTES end
Public Instance Methods
Return the raw 64 byte value of this key
@return [String] The signature key bytes. Left half is 32-byte
curve25519 private scalar, right half is 32-byte group element
# File lib/rbnacl/signatures/ed25519/signing_key.rb, line 95 def keypair_bytes @signing_key end
The crypto primitive this SigningKey
class uses for signatures
@return [Symbol] The primitive
# File lib/rbnacl/signatures/ed25519/signing_key.rb, line 102 def primitive self.class.primitive end
Sign a message using this key
@param message [String] Message to be signed by this key
@return [String] Signature as bytes
# File lib/rbnacl/signatures/ed25519/signing_key.rb, line 75 def sign(message) buffer = Util.prepend_zeros(signature_bytes, message) buffer_len = Util.zeros(FFI::Type::LONG_LONG.size) self.class.sign_ed25519(buffer, buffer_len, message, message.bytesize, @signing_key) buffer[0, signature_bytes] end
The size of signatures generated by the SigningKey
instance
@return [Integer] The number of bytes in a signature
# File lib/rbnacl/signatures/ed25519/signing_key.rb, line 116 def signature_bytes Ed25519::SIGNATUREBYTES end
Return the raw seed value of this key
@return [String] seed used to create this key
# File lib/rbnacl/signatures/ed25519/signing_key.rb, line 87 def to_bytes @seed end