package sign
import "github.com/cloudflare/circl/sign"
Package sign provides unified interfaces for signature schemes.
A register of schemes is available in the package
github.com/cloudflare/circl/sign/schemes
Index ¶
Variables ¶
var ( // ErrTypeMismatch is the error used if types of, for instance, private // and public keys don't match. ErrTypeMismatch = errors.New("types mismatch") // ErrSeedSize is the error used if the provided seed is of the wrong // size. ErrSeedSize = errors.New("wrong seed size") // ErrPubKeySize is the error used if the provided public key is of // the wrong size. ErrPubKeySize = errors.New("wrong size for public key") // ErrPrivKeySize is the error used if the provided private key is of // the wrong size. ErrPrivKeySize = errors.New("wrong size for private key") // ErrContextNotSupported is the error used if a context is not // supported. ErrContextNotSupported = errors.New("context not supported") // ErrContextTooLong is the error used if the context string is too long. ErrContextTooLong = errors.New("context string too long") )
Types ¶
type PrivateKey ¶
type PrivateKey interface {
// Returns the signature scheme for this private key.
Scheme() Scheme
Equal(crypto.PrivateKey) bool
// For compatibility with Go standard library
crypto.Signer
crypto.PrivateKey
encoding.BinaryMarshaler
}
A private key allows one to create signatures.
type PublicKey ¶
type PublicKey interface {
// Returns the signature scheme for this public key.
Scheme() Scheme
Equal(crypto.PublicKey) bool
encoding.BinaryMarshaler
crypto.PublicKey
}
A public key is used to verify a signature set by the corresponding private key.
type Scheme ¶
type Scheme interface {
// Name of the scheme.
Name() string
// GenerateKey creates a new key-pair.
GenerateKey() (PublicKey, PrivateKey, error)
// Creates a signature using the PrivateKey on the given message and
// returns the signature. opts are additional options which can be nil.
//
// Panics if key is nil or wrong type or opts context is not supported.
Sign(sk PrivateKey, message []byte, opts *SignatureOpts) []byte
// Checks whether the given signature is a valid signature set by
// the private key corresponding to the given public key on the
// given message. opts are additional options which can be nil.
//
// Panics if key is nil or wrong type or opts context is not supported.
Verify(pk PublicKey, message []byte, signature []byte, opts *SignatureOpts) bool
// Deterministically derives a keypair from a seed. If you're unsure,
// you're better off using GenerateKey().
//
// Panics if seed is not of length SeedSize().
DeriveKey(seed []byte) (PublicKey, PrivateKey)
// Unmarshals a PublicKey from the provided buffer.
UnmarshalBinaryPublicKey([]byte) (PublicKey, error)
// Unmarshals a PublicKey from the provided buffer.
UnmarshalBinaryPrivateKey([]byte) (PrivateKey, error)
// Size of binary marshalled public keys.
PublicKeySize() int
// Size of binary marshalled public keys.
PrivateKeySize() int
// Size of signatures.
SignatureSize() int
// Size of seeds.
SeedSize() int
// Returns whether contexts are supported.
SupportsContext() bool
}
A Scheme represents a specific instance of a signature scheme.
type SignatureOpts ¶
type SignatureOpts struct {
// If non-empty, includes the given context in the signature if supported
// and will cause an error during signing otherwise.
Context string
}
Source Files ¶
Directories ¶
| Path | Synopsis |
|---|---|
| sign/bls | Package bls provides BLS signatures using the BLS12-381 pairing curve. |
| sign/dilithium | Deprecated. |
| sign/dilithium/mode2 | mode2 implements the CRYSTALS-Dilithium signature scheme Dilithium2 as submitted to round3 of the NIST PQC competition and described in |
| sign/dilithium/mode2/internal | |
| sign/dilithium/mode3 | mode3 implements the CRYSTALS-Dilithium signature scheme Dilithium3 as submitted to round3 of the NIST PQC competition and described in |
| sign/dilithium/mode3/internal | |
| sign/dilithium/mode5 | mode5 implements the CRYSTALS-Dilithium signature scheme Dilithium5 as submitted to round3 of the NIST PQC competition and described in |
| sign/dilithium/mode5/internal | |
| sign/ed25519 | Package ed25519 implements Ed25519 signature scheme as described in RFC-8032. |
| sign/ed448 | Package ed448 implements Ed448 signature scheme as described in RFC-8032. |
| sign/eddilithium2 | Package eddilithium2 implements the hybrid signature scheme Ed25519-Dilithium2. |
| sign/eddilithium3 | Package eddilithium3 implements the hybrid signature scheme Ed448-Dilithium3. |
| sign/internal | |
| sign/mldsa | mldsa implements NIST post-quantum signature scheme ML-DSA (FIPS204) |
| sign/mldsa/mldsa44 | mldsa44 implements NIST signature scheme ML-DSA-44 as defined in FIPS204. |
| sign/mldsa/mldsa44/internal | |
| sign/mldsa/mldsa65 | mldsa65 implements NIST signature scheme ML-DSA-65 as defined in FIPS204. |
| sign/mldsa/mldsa65/internal | |
| sign/mldsa/mldsa87 | mldsa87 implements NIST signature scheme ML-DSA-87 as defined in FIPS204. |
| sign/mldsa/mldsa87/internal | |
| sign/schemes | Package schemes contains a register of signature algorithms. |
- Version
- v1.6.1 (latest)
- Published
- Apr 9, 2025
- Platform
- linux/amd64
- Imports
- 3 packages
- Last checked
- 3 days ago –
Tools for package owners.