• Stars
    star
    211
  • Rank 186,867 (Top 4 %)
  • Language
    Java
  • License
    Creative Commons ...
  • Created over 10 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Pure Java implementation of EdDSA

EdDSA-Java

Build Status

This is an implementation of EdDSA in Java. Structurally, it is based on the ref10 implementation in SUPERCOP (see https://ed25519.cr.yp.to/software.html).

There are two internal implementations:

  • A port of the radix-2^51 operations in ref10 - fast and constant-time, but only useful for Ed25519.
  • A generic version using BigIntegers for calculation - a bit slower and not constant-time, but compatible with any EdDSA parameter specification.

To use

Download the latest .jar from the releases tab and place it in your classpath.

Gradle users:

compile 'net.i2p.crypto:eddsa:0.3.0'

Java 7 and above are supported.

The JUnit4 tests require the Hamcrest library hamcrest-all.jar.

This code is released to the public domain and can be used for any purpose. See LICENSE.txt for details.

Disclaimer

There are no guarantees that this is secure for all cases, and users should review the code themselves before depending on it. PRs that fix bugs or improve reviewability are very welcome. Additionally:

Code comparison

For ease of following, here are the main methods in ref10 and their equivalents in this codebase:

EdDSA Operation ref10 function Java function
Generate keypair crypto_sign_keypair EdDSAPrivateKeySpec constructor
Sign message crypto_sign EdDSAEngine.engineSign
Verify signature crypto_sign_open EdDSAEngine.engineVerify
EdDSA point arithmetic ref10 function Java function
R = b * B ge_scalarmult_base GroupElement.scalarMultiply
R = a*A + b*B ge_double_scalarmult_vartime GroupElement.doubleScalarMultiplyVariableTime
R = 2 * P ge_p2_dbl GroupElement.dbl
R = P + Q ge_madd, ge_add GroupElement.madd, GroupElement.add
R = P - Q ge_msub, ge_sub GroupElement.msub, GroupElement.sub

Important changes

0.3.0

  • The library has been extensively profiled for contention issues in a multi-threaded environment. The only remaining potential contention is in EdDSANamedCurveTable.defineCurve(), which will be rarely called.
  • The public constant for the curve name has returned as ED_25519, and the curve specification has a public constant ED_25519_CURVE_SPEC to avoid repeated lookups when converting to and from encoded form for the public or private keys.
  • GroupElement is now completely immutable, and all fields final, to avoid the need for synchronized blocks over mutable fields. This required some new constructors and paths to construction.
  • EdDSAPublicKeySpec.getNegativeA() and EdDSAPublicKey.getNegativeA() now evaluate lazily, taking advantage of the immutability of GroupElement.negate(). This boosts the performance of the public key constructor when the key is just being passed around rather than used.
  • Support for X509Key wrapped EdDSA public keys.

0.2.0

  • Ed25519 is now named Ed25519 in EdDSANamedCurveTable, and the previous public constant (containing the older inaccurate name) has been removed.

Credits

More Repositories

1

rage

A simple, secure and modern file encryption tool (and Rust library) with small explicit keys, no config options, and UNIX-style composability.
Rust
2,594
star
2

age-plugin-yubikey

YubiKey plugin for age
Rust
590
star
3

ire

I2P router implementation in Rust
Rust
150
star
4

zcash-pow

The proof-of-work algorithm for Zcash
Python
80
star
5

wage

A WASM package and web app for encrypting and decrypting age-encrypted files, powered by rage.
Vue
75
star
6

bls

Rust crate for BLS signatures
Rust
30
star
7

fpe

Format-preserving encryption in Rust
Rust
25
star
8

pinentry-rs

Rust interface for pinentry binaries
Rust
24
star
9

memuse

Traits for inspecting memory usage of Rust types
Rust
24
star
10

txi2p

I2P bindings for Twisted.
Python
12
star
11

backflip

Help your Flipper Zero perform tricks!
Rust
10
star
12

addchain

Rust crate for generating addition chains
Rust
8
star
13

zcon1-demo-wasm

JavaScript
7
star
14

age-plugin-remote

[UNFINISHED] Expose local age identities to remote machines via SSH
Rust
6
star
15

partysig

Create and verify distributed multi-party signatures
Python
6
star
16

x509.rs

Pure-Rust X.509 serialization
Rust
5
star
17

girage

[ALPHA STATE] Graphical interface for a simple, secure, and modern encryption tool.
Rust
4
star
18

zk

Rust
4
star
19

halo2-website

Rust
4
star
20

hazmat

A collection of helpers for working with hazardous materials in Rust crates.
Rust
2
star
21

i2p_elgamal

Rust implementation of I2P's 2048-bit ElGamal primitive
Rust
2
star
22

plc

Key management for DID PLC identities
Rust
2
star
23

mostly-harmless

A bag of various unrelated projects with varying levels of serviceability and destructiveness.
Rust
1
star
24

vrf-r255

Implementation of draft-irtf-cfrg-vrf-15 with ristretto255
Rust
1
star