Class CryptoSign
- Namespace
- LibSodium
- Assembly
- LibSodium.Net.dll
Provides digital signature functionality using Ed25519, as implemented by libsodium.
public static class CryptoSign
- Inheritance
-
CryptoSign
- Inherited Members
Fields
PrivateKeyLen
Length in bytes of a private (secret) key (64).
public const int PrivateKeyLen = 64
Field Value
PublicKeyLen
Length in bytes of a public key (32).
public const int PublicKeyLen = 32
Field Value
SeedLen
Length in bytes of a seed used to generate key pairs deterministically.
public const int SeedLen = 32
Field Value
SignatureLen
Length in bytes of a signature (64).
public const int SignatureLen = 64
Field Value
Methods
CreateIncrementalPreHashSign(SecureMemory<byte>)
Creates an Ed25519ph incremental signing operation using a private key stored in secure memory. The key is used as-is and not disposed automatically. The caller retains ownership.
public static ICryptoIncrementalOperation CreateIncrementalPreHashSign(SecureMemory<byte> privateKey)
Parameters
privateKey
SecureMemory<byte>The Ed25519ph private key used for signing, stored in secure memory (64 bytes).
Returns
- ICryptoIncrementalOperation
An incremental operation that produces a signature when finalized.
CreateIncrementalPreHashSign(ReadOnlyMemory<byte>)
Creates an Ed25519ph incremental signing operation using the provided private key. The key is not copied or disposed. The caller is responsible for its lifecycle and protection.
public static ICryptoIncrementalOperation CreateIncrementalPreHashSign(ReadOnlyMemory<byte> privateKey)
Parameters
privateKey
ReadOnlyMemory<byte>The private key used for signing (64 bytes).
Returns
- ICryptoIncrementalOperation
An incremental operation that produces a signature when finalized.
CreateIncrementalPreHashVerify(ReadOnlyMemory<byte>, ReadOnlyMemory<byte>)
Creates an Ed25519ph incremental verification operation using the given public key and signature. The result of the verification is written to the output span as a single byte: 1 for valid, 0 for invalid.
public static ICryptoIncrementalOperation CreateIncrementalPreHashVerify(ReadOnlyMemory<byte> publicKey, ReadOnlyMemory<byte> signature)
Parameters
publicKey
ReadOnlyMemory<byte>The Ed25519ph public key used to verify the signature (32 bytes).
signature
ReadOnlyMemory<byte>The expected Ed25519ph signature to verify against (64 bytes).
Returns
- ICryptoIncrementalOperation
An incremental operation that validates the message on finalization.
GenerateKeyPair(Span<byte>, SecureMemory<byte>)
Generates a new Ed25519 public/private key pair.
public static void GenerateKeyPair(Span<byte> publicKey, SecureMemory<byte> privateKey)
Parameters
publicKey
Span<byte>A span where the generated public key will be stored (must be PublicKeyLen bytes).
privateKey
SecureMemory<byte>A span where the generated private key will be stored (must be PrivateKeyLen bytes).
Exceptions
- ArgumentException
Thrown if the buffer sizes are incorrect.
- LibSodiumException
Thrown if key pair generation fails.
GenerateKeyPair(Span<byte>, Span<byte>)
Generates a new Ed25519 public/private key pair.
public static void GenerateKeyPair(Span<byte> publicKey, Span<byte> privateKey)
Parameters
publicKey
Span<byte>A span where the generated public key will be stored (must be PublicKeyLen bytes).
privateKey
Span<byte>A span where the generated private key will be stored (must be PrivateKeyLen bytes).
Exceptions
- ArgumentException
Thrown if the buffer sizes are incorrect.
- LibSodiumException
Thrown if key pair generation fails.
GenerateKeyPairDeterministically(Span<byte>, SecureMemory<byte>, SecureMemory<byte>)
Generates a Ed25519 public/private key pair from a seed deterministically.
public static void GenerateKeyPairDeterministically(Span<byte> publicKey, SecureMemory<byte> secretKey, SecureMemory<byte> seed)
Parameters
publicKey
Span<byte>A span where the generated public key will be stored (must be PublicKeyLen bytes).
secretKey
SecureMemory<byte>A span where the generated private key will be stored (must be PrivateKeyLen bytes).
seed
SecureMemory<byte>A seed used for key generation (must be SeedLen bytes).
Exceptions
- ArgumentException
Thrown if the buffer sizes are incorrect.
- LibSodiumException
Thrown if key pair generation fails.
GenerateKeyPairDeterministically(Span<byte>, Span<byte>, ReadOnlySpan<byte>)
Generates a Ed25519 public/private key pair from a seed deterministically.
public static void GenerateKeyPairDeterministically(Span<byte> publicKey, Span<byte> secretKey, ReadOnlySpan<byte> seed)
Parameters
publicKey
Span<byte>A span where the generated public key will be stored (must be PublicKeyLen bytes).
secretKey
Span<byte>A span where the generated private key will be stored (must be PrivateKeyLen bytes).
seed
ReadOnlySpan<byte>A seed used for key generation (must be SeedLen bytes).
Exceptions
- ArgumentException
Thrown if the buffer sizes are incorrect.
- LibSodiumException
Thrown if key pair generation fails.
PreHashSign(Stream, Span<byte>, SecureMemory<byte>)
Signs the contents of a stream using a Ed25519ph private key stored in secure memory.
public static Span<byte> PreHashSign(Stream message, Span<byte> signature, SecureMemory<byte> privateKey)
Parameters
message
StreamThe input stream containing the message to sign.
signature
Span<byte>A buffer that will receive the Ed25519ph signature. Must be at least 64 bytes.
privateKey
SecureMemory<byte>The Ed25519ph private key in secure memory (64 bytes).
Returns
PreHashSign(Stream, Span<byte>, ReadOnlyMemory<byte>)
Signs the contents of a stream using the specified Ed25519ph private key and writes the Ed25519ph signature to the provided buffer.
public static Span<byte> PreHashSign(Stream message, Span<byte> signature, ReadOnlyMemory<byte> privateKey)
Parameters
message
StreamThe input stream containing the message to sign.
signature
Span<byte>A buffer that will receive theEd25519ph signature. Must be at least 64 bytes.
privateKey
ReadOnlyMemory<byte>The Ed25519ph private key (64 bytes).
Returns
PreHashSignAsync(Stream, Memory<byte>, SecureMemory<byte>, CancellationToken)
Asynchronously signs the contents of a stream using a private key stored in secure memory and Ed25519ph.
public static Task<Memory<byte>> PreHashSignAsync(Stream message, Memory<byte> signature, SecureMemory<byte> privateKey, CancellationToken cancellationToken = default)
Parameters
message
StreamThe input stream containing the message to sign.
signature
Memory<byte>A memory buffer that will receive the Ed25519ph signature. Must be at least 64 bytes.
privateKey
SecureMemory<byte>The Ed25519ph private key in secure memory (64 bytes).
cancellationToken
CancellationTokenA cancellation token that can be used to cancel the operation.
Returns
- Task<Memory<byte>>
The portion of the signature buffer containing the resulting signature (64 bytes).
PreHashSignAsync(Stream, Memory<byte>, ReadOnlyMemory<byte>, CancellationToken)
Asynchronously signs the contents of a stream using the specified private key and writes the Ed25519ph signature to the provided buffer.
public static Task<Memory<byte>> PreHashSignAsync(Stream message, Memory<byte> signature, ReadOnlyMemory<byte> privateKey, CancellationToken cancellationToken = default)
Parameters
message
StreamThe input stream containing the message to sign.
signature
Memory<byte>A memory buffer that will receive the Ed25519ph signature. Must be at least 64 bytes.
privateKey
ReadOnlyMemory<byte>The Ed25519ph private key (64 bytes).
cancellationToken
CancellationTokenA cancellation token that can be used to cancel the operation.
Returns
- Task<Memory<byte>>
The portion of the signature buffer containing the resulting signature (64 bytes).
PreHashVerify(Stream, ReadOnlyMemory<byte>, ReadOnlyMemory<byte>)
Verifies the signature of a stream using the specified public key and Ed25519ph.
public static bool PreHashVerify(Stream message, ReadOnlyMemory<byte> signature, ReadOnlyMemory<byte> publicKey)
Parameters
message
StreamThe input stream containing the message to verify.
signature
ReadOnlyMemory<byte>The Ed25519ph signature to verify (64 bytes).
publicKey
ReadOnlyMemory<byte>The Ed25519ph public key (32 bytes).
Returns
- bool
true
if the signature is valid; otherwise,false
.
PreHashVerifyAsync(Stream, ReadOnlyMemory<byte>, ReadOnlyMemory<byte>, CancellationToken)
Asynchronously verifies the signature of a stream using the specified public key and Ed25519ph.
public static Task<bool> PreHashVerifyAsync(Stream message, ReadOnlyMemory<byte> signature, ReadOnlyMemory<byte> publicKey, CancellationToken cancellationToken = default)
Parameters
message
StreamThe input stream containing the message to verify.
signature
ReadOnlyMemory<byte>The Ed25519ph signature to verify (64 bytes).
publicKey
ReadOnlyMemory<byte>The Ed25519ph public key (32 bytes).
cancellationToken
CancellationTokenA cancellation token that can be used to cancel the operation.
Returns
PrivateKeyToCurve(SecureMemory<byte>, SecureMemory<byte>)
Converts an Ed25519 private key (64 bytes) to a Curve25519 private key (32 bytes).
public static void PrivateKeyToCurve(SecureMemory<byte> curvePrivateKey, SecureMemory<byte> edPrivateKey)
Parameters
curvePrivateKey
SecureMemory<byte>The buffer where the resulting Curve25519 private key will be written. Must be 32 bytes.
edPrivateKey
SecureMemory<byte>The source Ed25519 private key. Must be 64 bytes.
Remarks
The resulting Curve25519 private key can be used with CryptoBox and CryptoKeyExchange APIs.
Exceptions
- ArgumentException
Thrown if buffer sizes are incorrect.
- LibSodiumException
Thrown if the conversion fails.
PrivateKeyToCurve(Span<byte>, ReadOnlySpan<byte>)
Converts an Ed25519 private key (64 bytes) to a Curve25519 private key (32 bytes).
public static void PrivateKeyToCurve(Span<byte> curvePrivateKey, ReadOnlySpan<byte> edPrivateKey)
Parameters
curvePrivateKey
Span<byte>The buffer where the resulting Curve25519 private key will be written. Must be 32 bytes.
edPrivateKey
ReadOnlySpan<byte>The source Ed25519 private key. Must be 64 bytes.
Remarks
The resulting Curve25519 private key can be used with CryptoBox and CryptoKeyExchange APIs.
Exceptions
- ArgumentException
Thrown if buffer sizes are incorrect.
- LibSodiumException
Thrown if the conversion fails.
PublicKeyToCurve(Span<byte>, ReadOnlySpan<byte>)
Converts an Ed25519 public key (32 bytes) to a Curve25519 public key (32 bytes).
public static void PublicKeyToCurve(Span<byte> curvePublicKey, ReadOnlySpan<byte> edPublicKey)
Parameters
curvePublicKey
Span<byte>The buffer where the resulting Curve25519 public key will be written. Must be 32 bytes.
edPublicKey
ReadOnlySpan<byte>The source Ed25519 public key. Must be 32 bytes.
Remarks
The resulting Curve25519 public key can be used with CryptoBox and CryptoKeyExchange APIs.
Exceptions
- ArgumentException
Thrown if buffer sizes are incorrect.
- LibSodiumException
Thrown if the conversion fails.
Sign(ReadOnlySpan<byte>, Span<byte>, SecureMemory<byte>)
Creates an Ed25519 signature for the given message using the provided private key.
public static Span<byte> Sign(ReadOnlySpan<byte> message, Span<byte> signature, SecureMemory<byte> privateKey)
Parameters
message
ReadOnlySpan<byte>The message to be signed.
signature
Span<byte>A span to store the Ed25519 signature (must be at least SignatureLen bytes).
privateKey
SecureMemory<byte>The Ed25519 private key to sign with (must be PrivateKeyLen bytes).
Returns
Exceptions
- ArgumentException
Thrown if the signature or private key length is incorrect.
- LibSodiumException
Thrown if the signing operation fails.
Sign(ReadOnlySpan<byte>, Span<byte>, ReadOnlySpan<byte>)
Creates a Ed25519 signature for the given message using the provided private key.
public static Span<byte> Sign(ReadOnlySpan<byte> message, Span<byte> signature, ReadOnlySpan<byte> privateKey)
Parameters
message
ReadOnlySpan<byte>The message to be signed.
signature
Span<byte>A span to store the Ed25519 signature (must be at least SignatureLen bytes).
privateKey
ReadOnlySpan<byte>The Ed25519 private key to sign with (must be PrivateKeyLen bytes).
Returns
Exceptions
- ArgumentException
Thrown if the signature or private key length is incorrect.
- LibSodiumException
Thrown if the signing operation fails.
Verify(ReadOnlySpan<byte>, ReadOnlySpan<byte>, ReadOnlySpan<byte>)
Verifies an Ed25519 signature against a given message and public key.
public static bool Verify(ReadOnlySpan<byte> message, ReadOnlySpan<byte> signature, ReadOnlySpan<byte> publicKey)
Parameters
message
ReadOnlySpan<byte>The original message.
signature
ReadOnlySpan<byte>The Ed25519 signature to verify (must be SignatureLen bytes).
publicKey
ReadOnlySpan<byte>The Ed25519 public key used to verify the signature (must be PublicKeyLen bytes).
Returns
- bool
true
if the signature is valid; otherwise,false
.
Exceptions
- ArgumentException
Thrown if the signature or public key length is incorrect.