Class: RbNaCl::Signatures::Ed25519::SigningKey

Inherits:

Object

• Object
• RbNaCl::Signatures::Ed25519::SigningKey

Extended by:

RbNaCl::Sodium

Includes:

KeyComparator, RbNaCl::Serializable

Defined in:

lib/rbnacl/signatures/ed25519/signing_key.rb

Overview

Private key for producing digital signatures using the Ed25519 algorithm. Ed25519 provides a 128-bit security level, that is to say, all known attacks take at least 2^128 operations, providing the same security level as AES-128, NIST P-256, and RSA-3072.

Signing keys are produced from a 32-byte (256-bit) random seed value. This value can be passed into the SigningKey constructor as a String whose bytesize is 32.

The public VerifyKey can be computed from the private 32-byte seed value as well, eliminating the need to store a "keypair".

SigningKey produces 64-byte (512-bit) signatures. The signatures are deterministic: signing the same message will always produce the same signature. This prevents "entropy failure" seen in other signature algorithms like DSA and ECDSA, where poor random number generators can leak enough information to recover the private key.

Instance Attribute Summary

• #verify_key ⇒ Object readonly

  Returns the value of attribute verify_key.

Class Method Summary

• .generate ⇒ RbNaCl::SigningKey

  Generate a random SigningKey.

• .signature_bytes ⇒ Integer

  The size of signatures generated by the SigningKey class.

Instance Method Summary

• #initialize(seed) ⇒ RbNaCl::SigningKey constructor

  Create a SigningKey from a seed value.

• #keypair_bytes ⇒ String

  Return the raw 64 byte value of this key.

• #primitive ⇒ Symbol

  The crypto primitive this SigningKey class uses for signatures.

• #sign(message) ⇒ String

  Sign a message using this key.

• #sign_attached(message) ⇒ String

  Sign a message using this key, attaching the signature to the message.

• #signature_bytes ⇒ Integer

  The size of signatures generated by the SigningKey instance.

• #to_bytes ⇒ String

  Return the raw seed value of this key.

Methods included from RbNaCl::Sodium

sodium_constant, sodium_function, sodium_function_with_return_code, sodium_primitive, sodium_type

Methods included from RbNaCl::Serializable

#inspect, #to_s, #to_str

Methods included from KeyComparator

#<=>, #==

Constructor Details

#initialize(seed) ⇒ RbNaCl::SigningKey

Create a SigningKey from a seed value

Parameters:

• seed (String) —

  Random 32-byte value (i.e. private key)

# File 'lib/rbnacl/signatures/ed25519/signing_key.rb', line 55

def initialize(seed)
  seed = seed.to_s

  Util.check_length(seed, Ed25519::SEEDBYTES, "seed")

  pk = Util.zeros(Ed25519::VERIFYKEYBYTES)
  sk = Util.zeros(Ed25519::SIGNINGKEYBYTES)

  self.class.sign_ed25519_seed_keypair(pk, sk, seed) || raise(CryptoError, "Failed to generate a key pair")

  @seed        = seed
  @signing_key = sk
  @verify_key  = VerifyKey.new(pk)
end

Instance Attribute Details

#verify_key ⇒ Object (readonly)

Returns the value of attribute verify_key.

# File 'lib/rbnacl/signatures/ed25519/signing_key.rb', line 41

def verify_key
  @verify_key
end

Class Method Details

.generate ⇒ RbNaCl::SigningKey

Generate a random SigningKey

Returns:

• (RbNaCl::SigningKey) —

  Freshly-generated random SigningKey

# File 'lib/rbnacl/signatures/ed25519/signing_key.rb', line 46

def self.generate
  new RbNaCl::Random.random_bytes(Ed25519::SEEDBYTES)
end

.signature_bytes ⇒ Integer

The size of signatures generated by the SigningKey class

Returns:

• (Integer) —

  The number of bytes in a signature

# File 'lib/rbnacl/signatures/ed25519/signing_key.rb', line 116

def self.signature_bytes
  Ed25519::SIGNATUREBYTES
end

Instance Method Details

#keypair_bytes ⇒ String

Return the raw 64 byte value of this key

Returns:

• (String) —

  The signature key bytes. Left half is 32-byte curve25519 private scalar, right half is 32-byte group element

# File 'lib/rbnacl/signatures/ed25519/signing_key.rb', line 102

def keypair_bytes
  @signing_key
end

#primitive ⇒ Symbol

The crypto primitive this SigningKey class uses for signatures

Returns:

• (Symbol) —

  The primitive

# File 'lib/rbnacl/signatures/ed25519/signing_key.rb', line 109

def primitive
  self.class.primitive
end

#sign(message) ⇒ String

Sign a message using this key

Parameters:

• message (String) —

  Message to be signed by this key

Returns:

• (String) —

  Signature as bytes

# File 'lib/rbnacl/signatures/ed25519/signing_key.rb', line 75

def sign(message)
  sign_attached(message)[0, signature_bytes]
end

#sign_attached(message) ⇒ String

Sign a message using this key, attaching the signature to the message

Parameters:

• message (String) —

  Message to be signed by this key

Returns:

• (String) —

  Signature and the message as bytes

# File 'lib/rbnacl/signatures/ed25519/signing_key.rb', line 84

def sign_attached(message)
  buffer = Util.prepend_zeros(signature_bytes, message)
  buffer_len = Util.zeros(FFI::Type::LONG_LONG.size)
  self.class.sign_ed25519(buffer, buffer_len, message, message.bytesize, @signing_key)
  buffer
end

#signature_bytes ⇒ Integer

The size of signatures generated by the SigningKey instance

Returns:

• (Integer) —

  The number of bytes in a signature

# File 'lib/rbnacl/signatures/ed25519/signing_key.rb', line 123

def signature_bytes
  Ed25519::SIGNATUREBYTES
end

#to_bytes ⇒ String

Return the raw seed value of this key

Returns:

• (String) —

  seed used to create this key

# File 'lib/rbnacl/signatures/ed25519/signing_key.rb', line 94

def to_bytes
  @seed
end