Package sign
Package sign signs small messages using public-key cryptography.
Sign uses Ed25519 to sign messages. The length of messages is not hidden.
Messages should be small because:
1. The whole message needs to be held in memory to be processed.
2. Using large messages pressures implementations on small machines to process
plaintext without verifying the signature. This is very dangerous, and this API
discourages it, but a protocol that uses excessive message sizes might present
some implementations with no other choice.
3. Performance may be improved by working with messages that fit into data caches.
Thus large amounts of data should be chunked so that each message is small.
This package is not interoperable with the current release of NaCl
(https://nacl.cr.yp.to/sign.html), which does not support Ed25519 yet. However,
it is compatible with the NaCl fork libsodium (https://www.libsodium.org), as well
as TweetNaCl (https://tweetnacl.cr.yp.to/).
Constants
Overhead is the number of bytes of overhead when signing a message.
const Overhead = 64
func GenerateKey(rand io.Reader) (publicKey *[32]byte, privateKey *[64]byte, err error)
GenerateKey generates a new public/private key pair suitable for use with
Sign and Open.
func Open(out, signedMessage []byte, publicKey *[32]byte) ([]byte, bool)
Open verifies a signed message produced by Sign and appends the message to
out, which must not overlap the signed message. The output will be Overhead
bytes smaller than the signed message.
func Sign(out, message []byte, privateKey *[64]byte) []byte
Sign appends a signed copy of message to out, which will be Overhead bytes
longer than the original and must not overlap it.