CRYPTO_ED25519_SIGN_INIT_FIRST_PASS(3MONOCYPHER) 3MONOCYPHER CRYPTO_ED25519_SIGN_INIT_FIRST_PASS(3MONOCYPHER)

crypto_ed25519_sign_init_first_pass, crypto_ed25519_sign_update, crypto_ed25519_sign_final, crypto_ed25519_sign_init_second_pass, crypto_ed25519_check_init, crypto_ed25519_check_update, crypto_ed25519_check_final
incremental public key signatures

#include <monocypher-ed25519.h>

void
crypto_ed25519_sign_init_first_pass(crypto_ed25519_sign_ctx *ctx, const uint8_t secret_key[32], const uint8_t public_key[32]);

void
crypto_ed25519_sign_update(crypto_ed25519_sign_ctx *ctx, const uint8_t *message, size_t message_size);

void
crypto_ed25519_sign_final(crypto_ed25519_sign_ctx *ctx, uint8_t signature[64]);

void
crypto_ed25519_sign_init_second_pass(crypto_ed25519_sign_ctx *ctx);

void
crypto_ed25519_check_init(crypto_ed25519_check_ctx *ctx, const uint8_t signature[64], const uint8_t public_key[32]);

void
crypto_ed25519_check_update(crypto_ed25519_check_ctx *ctx, const uint8_t *message, size_t message_size);

int
crypto_ed25519_check_final(crypto_ed25519_check_ctx *ctx);

These functions are variants of crypto_ed25519_sign(3monocypher) and crypto_ed25519_check(3monocypher). Prefer those simpler functions if possible.

These functions provide Ed25519 public key signatures and verification with SHA-512 as the underlying hash function. They are interoperable with other Ed25519 implementations. If you have no interoperability requirements, prefer crypto_sign(3monocypher).

The arguments, security considerations, and semantics are the same as those described in crypto_sign_init_first_pass(3monocypher) and crypto_sign(3monocypher).

crypto_ed25519_sign_init_first_pass(), crypto_ed25519_sign_init_second_pass(), crypto_ed25519_sign_update(), crypto_ed25519_sign_final(), crypto_ed25519_check_init(), and crypto_ed25519_check_update() return nothing.

crypto_ed25519_check_final() returns 0 for legitimate messages and -1 for forgeries.

crypto_blake2b(3monocypher), crypto_x25519(3monocypher), crypto_lock(3monocypher), crypto_ed25519_sign(3monocypher), crypto_sign(3monocypher), crypto_sign_init_first_pass(3monocypher), crypto_sha512(3monocypher), crypto_wipe(3monocypher), intro(3monocypher)

These functions implement Ed25519 as described in RFC 8032.

The crypto_ed25519_sign_init_first_pass(), crypto_ed25519_sign_update(), crypto_ed25519_sign_final(), crypto_ed25519_sign_init_second_pass(), crypto_ed25519_check_init(), crypto_ed25519_check_update(), and crypto_ed25519_check_final() functions first appeared in Monocypher 3.0.0. They replace recompilation of Monocypher with the ED25519_SHA512 preprocessor definition.
February 13, 2022 Debian