Package net.i2p.crypto.eddsa

Class RedDSAEngine

java.lang.Object
java.security.SignatureSpi
java.security.Signature
net.i2p.crypto.eddsa.EdDSAEngine
net.i2p.crypto.eddsa.RedDSAEngine
public final class RedDSAEngine extends EdDSAEngine
Signing and verification for REdDSA using SHA-512 and the Ed25519 curve. Ref: Zcash Protocol Specification, Version 2018.0-beta-33 [Overwinter+Sapling] Sections 4.1.6.1, 4.1.6.2, 5.4.6

The EdDSA sign and verify algorithms do not interact well with the Java Signature API, as one or more update() methods must be called before sign() or verify(). Using the standard API, this implementation must copy and buffer all data passed in via update().

This implementation offers two ways to avoid this copying, but only if all data to be signed or verified is available in a single byte array.

Option 1:

  1. Call initSign() or initVerify() as usual.
  2. Call setParameter(ONE_SHOT_MODE)
  3. Call update(byte[]) or update(byte[], int, int) exactly once
  4. Call sign() or verify() as usual.
  5. If doing additional one-shot signs or verifies with this object, you must call setParameter(ONE_SHOT_MODE) each time

Option 2:

  1. Call initSign() or initVerify() as usual.
  2. Call one of the signOneShot() or verifyOneShot() methods.
  3. If doing additional one-shot signs or verifies with this object, just call signOneShot() or verifyOneShot() again.
Since:
0.9.39

  • Constructor Details

    • RedDSAEngine

      public RedDSAEngine()
      No specific EdDSA-internal hash requested, allows any EdDSA key.

    • RedDSAEngine

      public RedDSAEngine(MessageDigest digest)
      Specific EdDSA-internal hash requested, only matching keys will be allowed.
      Parameters:
      digest - the hash algorithm that keys must have to sign or verify.

  • Method Details