|
DeterministicESPAsyncWebServer v6.27.1
Zero-allocation, bounded-execution async HTTP server for ESP32
|
Ed25519 signatures (RFC 8032) for ssh-ed25519 host keys + client auth. More...
#include <stddef.h>#include <stdint.h>Go to the source code of this file.
Macros | |
| #define | SSH_ED25519_SEED_LEN 32 |
| Ed25519 seed (private key) length. | |
| #define | SSH_ED25519_PUBKEY_LEN 32 |
| Ed25519 public key length. | |
| #define | SSH_ED25519_SIG_LEN 64 |
| Ed25519 signature length (R || S). | |
Functions | |
| void | ssh_ed25519_pubkey (uint8_t pub[SSH_ED25519_PUBKEY_LEN], const uint8_t seed[SSH_ED25519_SEED_LEN]) |
Derive the 32-byte public key A from a 32-byte seed. | |
| void | ssh_ed25519_sign (uint8_t sig[SSH_ED25519_SIG_LEN], const uint8_t *msg, size_t mlen, const uint8_t seed[SSH_ED25519_SEED_LEN]) |
Deterministically sign mlen bytes of msg with seed (RFC 8032 §5.1.6). | |
| bool | ssh_ed25519_verify (const uint8_t pub[SSH_ED25519_PUBKEY_LEN], const uint8_t *msg, size_t mlen, const uint8_t sig[SSH_ED25519_SIG_LEN]) |
| Verify an Ed25519 signature (RFC 8032 §5.1.7). | |
Ed25519 signatures (RFC 8032) for ssh-ed25519 host keys + client auth.
PureEdDSA over edwards25519. Deterministic signing (RFC 8032 §5.1.6) - no RNG - and verification, built on the shared Curve25519 field arithmetic (ssh_curve25519) and SHA-512 (ssh_sha512). No heap; state is on the stack. Correctness is pinned to the RFC 8032 §7.1 vectors and to a reference implementation (test_ssh_ed25519).
The server signs the KEX exchange hash with its ssh-ed25519 host key, and verifies a client's ed25519 public-key authentication signature.
Definition in file ssh_ed25519.h.
| #define SSH_ED25519_SEED_LEN 32 |
Ed25519 seed (private key) length.
Definition at line 27 of file ssh_ed25519.h.
| #define SSH_ED25519_PUBKEY_LEN 32 |
Ed25519 public key length.
Definition at line 29 of file ssh_ed25519.h.
| #define SSH_ED25519_SIG_LEN 64 |
Ed25519 signature length (R || S).
Definition at line 31 of file ssh_ed25519.h.
| void ssh_ed25519_pubkey | ( | uint8_t | pub[SSH_ED25519_PUBKEY_LEN], |
| const uint8_t | seed[SSH_ED25519_SEED_LEN] | ||
| ) |
Derive the 32-byte public key A from a 32-byte seed.
| void ssh_ed25519_sign | ( | uint8_t | sig[SSH_ED25519_SIG_LEN], |
| const uint8_t * | msg, | ||
| size_t | mlen, | ||
| const uint8_t | seed[SSH_ED25519_SEED_LEN] | ||
| ) |
Deterministically sign mlen bytes of msg with seed (RFC 8032 §5.1.6).
| sig | Output R || S, SSH_ED25519_SIG_LEN bytes. |
| bool ssh_ed25519_verify | ( | const uint8_t | pub[SSH_ED25519_PUBKEY_LEN], |
| const uint8_t * | msg, | ||
| size_t | mlen, | ||
| const uint8_t | sig[SSH_ED25519_SIG_LEN] | ||
| ) |
Verify an Ed25519 signature (RFC 8032 §5.1.7).
sig is a valid signature of msg under public key pub.