sectionYPositions = computeSectionYPositions($el), 10)" x-init="setTimeout(() => sectionYPositions = computeSectionYPositions($el), 10)">
On This Page
Digital signature algorithm.
priv_of_cstruct cs
decodes a private key from the buffer cs
. If the provided data is invalid, an error is returned.
val priv_to_cstruct : priv -> Cstruct.t
priv_to_cstruct p
encode the private key p
to a buffer.
pub_of_cstruct cs
decodes a public key from the buffer cs
. If the provided data is invalid, an error is returned.
val pub_to_cstruct : ?compress:bool -> pub -> Cstruct.t
pub_to_cstruct ~compress p
encodes the public key p
into a buffer. If compress
is provided and true
(default false
), the compressed representation is returned.
val generate : ?g:Mirage_crypto_rng.g -> unit -> priv * pub
generate ~g ()
generates a key pair.
val sign : key:priv -> ?k:Cstruct.t -> Cstruct.t -> Cstruct.t * Cstruct.t
sign ~key ~k digest
signs the message digest
using the private key
. The digest
is not processed further - it should be the hash of the message to sign. If k
is not provided, it is computed using the deterministic construction from RFC 6979. The result is a pair of r
and s
.
val verify : key:pub -> (Cstruct.t * Cstruct.t) -> Cstruct.t -> bool
verify ~key (r, s) digest
verifies the signature r, s
on the message digest
with the public key
. The return value is true
if verification was successful, false
otherwise. If the message has more bits than the group order, the result is false.
module K_gen (H : Mirage_crypto.Hash.S) : sig ... end
K_gen
can be instantiated over a hashing module to obtain an RFC6979 compliant k
-generator for that hash.