Skip to main content
Version: Next

Ed25519

Algorithm

Ed25519 signs the raw message (or a pre-hash you define at the protocol layer). Certificate parsing can lift an Ed25519 public key from SPKI with noxtls_ed25519_public_key_from_subject_public_key_info.

Purpose

Pure Edwards-curve signatures (RFC 8032): compact keys and deterministic-style signing APIs.

Rust API

  • Crate: noxtls-crypto
  • Module path (conceptual): noxtls_crypto::pkc
  • Primary symbols:
    • Ed25519PrivateKey
    • Ed25519PublicKey
    • noxtls_ed25519_generate_private_key_auto
    • noxtls_ed25519_verify
    • noxtls_ed25519_public_key_from_subject_public_key_info

Functions and types:

  • Ed25519PrivateKey::sign(message) -> [u8; 64] - Parameters: message is the byte payload to sign with the private key instance. Behavior: computes detached Ed25519 signature bytes. Returns: fixed-size 64-byte signature array.
  • noxtls_ed25519_verify(public_key, message, signature) - Parameters: public_key verifies provenance, message is signed content, and signature is detached signature bytes. Behavior: checks signature validity against message and key. Returns: Ok(()) on success or crypto error on failure.
  • noxtls_ed25519_generate_private_key_auto - Parameters: DRBG source for key material generation. Behavior: creates Ed25519 private key from RNG-backed entropy. Returns: generated private key in Result.

Feature flags and policy

Default.

Examples

use noxtls_crypto::{noxtls_ed25519_generate_private_key_auto, noxtls_ed25519_verify, HmacDrbgSha256};

let mut drbg = HmacDrbgSha256::new(b"0123456789abcdef", b"nonce", b"")?;
let sk = noxtls_ed25519_generate_private_key_auto(&mut drbg)?;
let pk = sk.verifying_key();
let msg = b"device attestation payload";
let sig = sk.sign(msg);
noxtls_ed25519_verify(&pk, msg, &sig)?;
# Ok::<(), noxtls_core::Error>(())

Security and compatibility

Signatures are 64 bytes; verify before trusting messages. Prefer Ed25519 over RSA where footprint matters.