Digital Signatures¶
Digital signatures are somewhat similar to signatures in real life; a verified signature proves to the verifier that at some point, the document was signed by someone with knowledge of the private key.
from monocypher.signing import SigningKey
# Generate a random SigningKey -- this must be kept secret
signing_key = SigningKey.generate()
# This can be published
verify_key = signing_key.verify_key
signed = alice_sk.sign(b'hello there!')
Verifying signatures:
assert verify_key.verify(signed)
# You can also verify the detached signature
assert signed.msg == message
assert verify_key.verify(message, sig=signed.sig)
Reference¶
- class monocypher.signing.SigningKey(sk)¶
EdDSA private key. This should be kept secret.
- KEY_SIZE = 32¶
Length of a secret key.
- SIG_SIZE = 64¶
Length of a signature.
- classmethod generate()¶
Generates a random
SigningKey
object.- Return type:
- sign(msg)¶
Signs the given msg.
- Return type:
- to_private_key()¶
Converts from a
SigningKey
to aPrivateKey
object. The conversion is one-way and deterministic. Note that although the conversion is sound, you should not (without good reason) use the same private key for signing and key-exchange.- Return type:
- class monocypher.signing.VerifyKey(pk)¶
EdDSA public key. This can be published.
- KEY_SIZE = 32¶
Length of a public key.
- SIG_SIZE = 64¶
Length of a signature.
- to_public_key()¶
Converts from a
VerifyKey
to aPublicKey
object. See notes about using the same key for both signing and key-exchange inSigningKey.to_private_key
.- Return type:
- verify(signed, sig=None)¶
Verify the given signed message. If sig is None, then the signature is assumed to be prepended to signed. Return the original message if the verification succeeds, otherwise
SignatureError
is raised.- Parameters:
signed – A bytes-like object, or a
SignedMessage
object.
- class monocypher.signing.SignedMessage¶
A subclass of
bytes
representing a signed message. By default, the signature will be prepended to the message.
- exception monocypher.signing.SignatureError¶
Extras¶
The SigningKey
and VerifyKey
classes both implement equality (between objects of the same type)
and conversion to bytes
, as well as hashing:
>>> sk_1 = SigningKey.generate()
>>> sk_2 = SigningKey.generate()
>>> sk_1 == sk_2
False
>>> sk_1.verify_key == VerifyKey(bytes(sk_1.verify_key))
True
>>> hash(sk_1)
...
>>> hash(sk_1.verify_key)
...
Implementation¶
sign()
and verify()
both use PureEdDSA with Curve25519 and Blake2b, (RFC 8032).
This is the same as Ed25519 with Blake2b instead of SHA-512.
to_private_key()
and to_public_key()
use the crypto_from_eddsa_private
and crypto_from_eddsa_public
functions from Monocypher respectively, which converts from
EdDSA keys to X25519 keys.