#crypto #ed25519 #x25519 #signature #eddsa

no-std ed25519-compact

A small, self-contained, wasm-friendly Ed25519 implementation

28 releases (16 stable)

new 1.0.15 Sep 23, 2022
1.0.11 Feb 6, 2022
1.0.1 Dec 27, 2021
1.0.0 Nov 11, 2021
0.1.6 Jul 4, 2020

#20 in Cryptography

Download history 5835/week @ 2022-06-10 5705/week @ 2022-06-17 5235/week @ 2022-06-24 8442/week @ 2022-07-01 9973/week @ 2022-07-08 12476/week @ 2022-07-15 12705/week @ 2022-07-22 11626/week @ 2022-07-29 10836/week @ 2022-08-05 11345/week @ 2022-08-12 12060/week @ 2022-08-19 13584/week @ 2022-08-26 11190/week @ 2022-09-02 13052/week @ 2022-09-09 17198/week @ 2022-09-16 14019/week @ 2022-09-23

57,832 downloads per month
Used in 17 crates (10 directly)

ISC license

120KB
3.5K SLoC

GitHub CI

A compact Ed25519 and X25519 implementation for Rust

  • Formally-verified Curve25519 field arithmetic
  • no_std-friendly
  • WebAssembly-friendly
  • Compute@Edge-friendly
  • Lightweight
  • Zero dependencies if randomness is provided by the application
  • Only one portable dependency (getrandom) if not
  • Safe and simple Rust interface

API documentation

Example usage

cargo.toml:

[dependencies]
ed25519-compact = "0.1"

Example code:

// A message to sign and verify.
let message = b"test";

// Generates a new key pair using a random seed.
// A given seed will always produce the same key pair.
let key_pair = KeyPair::from_seed(Seed::default());

// Computes a signature for this message using the secret part of the key pair.
let signature = key_pair.sk.sign(message, Some(Noise::default()));

// Verifies the signature using the public part of the key pair.
key_pair
    .pk
    .verify(message, &signature)
    .expect("Signature didn't verify");

// Verification of a different message using the same signature and public key fails.
key_pair
    .pk
    .verify(b"A different message", &signature)
    .expect_err("Signature shouldn't verify");

// All these structures can be viewed as raw bytes simply by dereferencing them:
let signature_as_bytes: &[u8] = signature.as_ref();
println!("Signature as bytes: {:?}", signature_as_bytes);

Cargo features

  • self-verify: after having computed a new signature, verify that is it valid. This is slower, but improves resilience against fault attacks. It is enabled by default on WebAssembly targets.
  • std: disables no_std compatibility in order to make errors implement the standard Error trait.
  • random (enabled by default): adds Default implementations to the Seed and Noise objects, in order to securely create random keys and noise.
  • traits: add support for the traits from the ed25519 and signature crates.
  • pem: add support for importing/exporting keys as OpenSSL-compatible PEM files.
  • blind-keys: add support for key blinding.
  • opt_size: Enable size optimizations (based on benchmarks, 8-15% size reduction at the cost of 6.5-7% performance).
  • x25519: Enable support for the X25519 key exchange system.
  • disable-signatures: Disable support for signatures, and only compile support for X25519.

Dependencies

~48KB