Implementations of X25519 key agreement and Ed25519 signature verification, optimized with ASM for Cortex-M4 processors or higher (ARMv7e-M or higher).
Not reviewed, could have bugs, use at your own risk, etc etc.
- ed25519
sign()is not constant time. DO NOT USE IN PRODUCTION. (verify()is OK since it only operates on public data.) - implement
from_bytes_mod_order_wideusing the asm field element impl. - remove dependency on ed25519-dalek.
Original X25519 ASM implementation by Emil Lenngren.
Extended to support Ed25519 verify by Dario Nieuwenhuis.
Test harness for running Wycheproof test vectors in QEMU is taken from the salty project.
- Main
cortex25519crate is available under the BSD 2-clause license. - Wycheproof test vectors are available under Apache license.
- QEMU test harness is available under Apache + MIT.