Module `Crypto.ED25519`

type t = t: The type that will be used to represent contiguous bytes; typically either Bytes.t or Cstruct.t

val publicKey : t -> t

publicKey sk computes the 32-byte ED25519 public key for the secret key sk.

raises Crypto_failure: when the secret key is not 32 bytes

val checkValid : t -> t -> t -> bool

checkValid s m pk checks the message m for a valid signature s signed by the private key that corresponds to the raw public key pk.

raises Crypto_failure: when the signature is not 64 bytes or the public key is not 32 bytes

val signature : t -> t -> t -> t

signature m sk pk calculates the ED25519 signature of m with a raw 32-byte secret key sk and its corresponding raw 32-byte public key pk created with (publicKey sk.

WARNING: It is incorrect to create a ED25519 signature using a public key pk that is not derived from the secret key sk. You provide the pk simply because doing so is the ProScript API, and because it can be a performance win to not recompute publicKey each time you do a signature.

1. You need to hex encode the message.

Checks may or may not be performed to verify you gave the correct public key. Implementations have the freedom to ignore whatever public key you provide (ex. dirsp-proscript-mirage will recompute the public key and ignore your public key).

raises Crypto_failure: when the secret or public key is not 32 bytes