Function signer [src]

Create a Signer, that can be used for incremental signing. Note that the signature is not deterministic. The noise parameter, if set, should be something unique for each message, such as a random nonce, or a counter.

Prototype

 pub fn signer(key_pair: KeyPair, noise: ?[noise_length]u8) (IdentityElementError || KeyMismatchError || NonCanonicalError || WeakPublicKeyError)!Signer

Parameters

key_pair: KeyPairnoise: ?[noise_length]u8

Source

  pub fn signer(key_pair: KeyPair, noise: ?[noise_length]u8) (IdentityElementError || KeyMismatchError || NonCanonicalError || WeakPublicKeyError)!Signer {
    if (!mem.eql(u8, &key_pair.secret_key.publicKeyBytes(), &key_pair.public_key.toBytes())) {
        return error.KeyMismatch;
    }
    const scalar_and_prefix = key_pair.secret_key.scalarAndPrefix();
    var h = Sha512.init(.{});
    h.update(&scalar_and_prefix.prefix);
    var noise2: [noise_length]u8 = undefined;
    crypto.random.bytes(&noise2);
    h.update(&noise2);
    if (noise) |*z| {
        h.update(z);
    }
    var nonce64: [64]u8 = undefined;
    h.final(&nonce64);
    const nonce = Curve.scalar.reduce64(nonce64);

    return Signer.init(scalar_and_prefix.scalar, nonce, key_pair.public_key);
}  