Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EdDSASigner- The privatekeyBytes is 64? #238

Closed
yanyanxiaoyu opened this issue Jul 13, 2022 · 6 comments
Closed

EdDSASigner- The privatekeyBytes is 64? #238

yanyanxiaoyu opened this issue Jul 13, 2022 · 6 comments
Labels
question Further information is requested

Comments

@yanyanxiaoyu
Copy link

Hello,

I generated a private key by ED25519, and the private key is 32 bytes.
I want to use EdDSASigner to sign it, but it seems like the EdDSASigner will check the private key bytes.
From my understanding, the ED25519 private key should be 32 bytes, right? I'm not sure if it is a bug or my misunderstanding.
Expecting your reply!

Thanks.
@yanyanxiaoyu yanyanxiaoyu added the bug Something isn't working label Jul 13, 2022
@mirceanis
Copy link
Member

mirceanis commented Jul 13, 2022
edited
Loading

how did you generate the private key?

This library [currently] uses @stablelib/ed25519, which uses the same conventions as libsodium and NaCl to represent key material.

In this convention, Ed25519 secret keys are represented on 64 bytes which I believe is actually the full keypair, not just the secret part, adding up to a total of 64 bytes.

I think after we manage to modularize this library (see #170) the EdDSASigner will likely lose that 64 byte check logic, or be replaced entirely by something new, depending on the underlying crypto package being used.

@yanyanxiaoyu
Copy link
Author

In this convention, Ed25519 secret keys are represented on 64 bytes which I believe is actually the full keypair, not just the secret part, adding up to a total of 64 bytes.

about the full keypair, does that means "privatekey+publickey" or "publickey + privatekey"?

@yanyanxiaoyu
Copy link
Author

Hello,

Any question is that:
when I call verifyEd25519, I got the error "Error: invalid_signature: Signature invalid for JWT", it seems like this error from the function verify(publicKey, message, signature).

Do you have any idea about it?

Thanks.

@mirceanis
Copy link
Member

about the full keypair, does that means "privatekey+publickey" or "publickey + privatekey"?

It seems to be private+public. See the code

when I call verifyEd25519, I got the error "Error: invalid_signature: Signature invalid for JWT", it seems like this error from the function verify(publicKey, message, signature).

I have no idea without more details. What parameters are you sending to the function?

@mirceanis mirceanis added question Further information is requested and removed bug Something isn't working labels Jul 20, 2022
@yanyanxiaoyu
Copy link
Author

Hi, I think I have found the issue, it is all caused by my misuse of the full keypair. Really thanks a lot.

@mirceanis
Copy link
Member

I'm happy to hear that you solved it. I'm closing this then.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mirceanis @yanyanxiaoyu