… | |
… | |
35 | # verify message |
35 | # verify message |
36 | $valid = Crypt::Ed25519::eddsa_verify $message, $pubkey, $signature; |
36 | $valid = Crypt::Ed25519::eddsa_verify $message, $pubkey, $signature; |
37 | |
37 | |
38 | # verify, but croak on failure |
38 | # verify, but croak on failure |
39 | Crypt::Ed25519:eddsa_verify_croak $message, $pubkey, $signature; |
39 | Crypt::Ed25519:eddsa_verify_croak $message, $pubkey, $signature; |
|
|
40 | |
|
|
41 | ############################################ |
|
|
42 | # Key exchange |
|
|
43 | |
|
|
44 | # side A: |
|
|
45 | ($pubkey_a, $privkey_a) = Crypt::Ed25519::generate_keypair; |
|
|
46 | # send $pubkey to side B |
|
|
47 | |
|
|
48 | # side B: |
|
|
49 | ($pubkey_b, $privkey_b) = Crypt::Ed25519::generate_keypair; |
|
|
50 | # send $pubkey to side A |
|
|
51 | |
|
|
52 | # side A then calculates their shared secret: |
|
|
53 | $shared_secret = Crypt::Ed25519::key_exchange $pubkey_b, $privkey_a; |
|
|
54 | |
|
|
55 | # and side B does this: |
|
|
56 | $shared_secret = Crypt::Ed25519::key_exchange $pubkey_a, $privkey_b; |
|
|
57 | |
|
|
58 | # the generated $shared_secret will be the same - you cna now |
|
|
59 | # hash it with hkdf or something else to generate symmetric private keys |
40 | |
60 | |
41 | DESCRIPTION |
61 | DESCRIPTION |
42 | This module implements Ed25519 public key generation, message signing |
62 | This module implements Ed25519 public key generation, message signing |
43 | and verification. It is a pretty bare-bones implementation that |
63 | and verification. It is a pretty bare-bones implementation that |
44 | implements the standard Ed25519 variant with SHA512 hash, as well as a |
64 | implements the standard Ed25519 variant with SHA512 hash, as well as a |
… | |
… | |
115 | source of key material, you can simply generate 32 octets from it |
135 | source of key material, you can simply generate 32 octets from it |
116 | and use this as your secret key. |
136 | and use this as your secret key. |
117 | |
137 | |
118 | $public_key = Crypt::Ed25519::eddsa_public_key $secret_key |
138 | $public_key = Crypt::Ed25519::eddsa_public_key $secret_key |
119 | Takes a secret key generated by "Crypt::Ed25519::eddsa_secret_key" |
139 | Takes a secret key generated by "Crypt::Ed25519::eddsa_secret_key" |
120 | and returns the corresponding $public_key. The derivation ios |
140 | and returns the corresponding $public_key. The derivation is |
121 | deterministic, i.e. the $public_key generated for a specific |
141 | deterministic, i.e. the $public_key generated for a specific |
122 | $secret_key is always the same. |
142 | $secret_key is always the same. |
123 | |
143 | |
124 | This public key corresponds to the public key in the Ed25519 API |
144 | This public key corresponds to the public key in the Ed25519 API |
125 | above. |
145 | above. |
… | |
… | |
156 | derive the public key as needed. On the other hand, signing using the |
176 | derive the public key as needed. On the other hand, signing using the |
157 | private key is faster than using the secret key, so converting the |
177 | private key is faster than using the secret key, so converting the |
158 | secret key to a public/private key pair allows you to sign a small |
178 | secret key to a public/private key pair allows you to sign a small |
159 | message, or many messages, faster. |
179 | message, or many messages, faster. |
160 | |
180 | |
|
|
181 | Key Exchange |
|
|
182 | As an extension to Ed25519, this module implements a key exchange |
|
|
183 | similar (But not identical) to Curve25519. For this, both sides generate |
|
|
184 | a keypair and send their public key to the other side. Then both sides |
|
|
185 | can generate the same shared secret using this function: |
|
|
186 | |
|
|
187 | $shared_secret = Crypt::Ed25519::key_exchange $other_public_key, |
|
|
188 | $own_private_key |
|
|
189 | Return the 32 octet shared secret generated from the given public |
|
|
190 | and private key. See SYNOPSIS for an actual example. |
|
|
191 | |
161 | SUPPORT FOR THE PERL MULTICORE SPECIFICATION |
192 | SUPPORT FOR THE PERL MULTICORE SPECIFICATION |
162 | This module supports the perl multicore specification |
193 | This module supports the perl multicore specification |
163 | (<http://perlmulticore.schmorp.de/>) for key generation (usually the |
194 | (<http://perlmulticore.schmorp.de/>) for all operations, although it |
164 | slowest operation), and all signing and verification functions. |
195 | makes most sense to use it when signing or verifying longer messages. |
165 | |
196 | |
166 | IMPLEMENTATIOIN |
197 | IMPLEMENTATION |
167 | This module currently uses "Nightcracker's Ed25519" implementation, |
198 | This module currently uses "Nightcracker's Ed25519" implementation, |
168 | which is unmodified except for some portability fixes and static |
199 | which is unmodified except for some portability fixes and static |
169 | delcarations, but the interface is kept implementation-agnostic to allow |
200 | delcarations, but the interface is kept implementation-agnostic to allow |
170 | usage of other implementations in the future. |
201 | usage of other implementations in the future. |
171 | |
202 | |
172 | AUTHOR |
203 | AUTHOR |
173 | Marc Lehmann <schmorp@schmorp.de> |
204 | Marc Lehmann <schmorp@schmorp.de> |
174 | http://sfotware.schmorp.de/pkg/Crypt-Ed25519.html |
205 | http://software.schmorp.de/pkg/Crypt-Ed25519.html |
175 | |
206 | |