Open kenneth-leong-gt opened 1 year ago
Hello @kenneth-leong-gt thanks for your feedback. Could you please check issue https://github.com/danubetech/key-formats-java/issues/11 on the "key-formats-java" library to see if that solves the problem? If not, or if that other issue discussion isn't clear, please reply back here and we'll take another look to help!
ok seems to be working using the tink povider now. Thank you very much.
But one comment on the api for Ed25519Signature2020LdSigner
constructor.
public Ed25519Signature2020LdSigner(byte[] privateKey) {
this(new Ed25519_EdDSA_PrivateKeySigner(privateKey));
}
It states that the param needed is the byte array for the private key, but actually it requires the private key byte array concat-ed with the public key byte array as internally its checking for 64 bytes for the byte array length. As shown in this check below.
@Override
public byte[] sign(byte[] content, byte[] privateKey) throws GeneralSecurityException {
if (privateKey.length != Ed25519Sign.SECRET_KEY_LEN + Ed25519Verify.PUBLIC_KEY_LEN) throw new GeneralSecurityException("Invalid private key length: " + privateKey.length); // <-------this check here
byte[] privateKeyOnly = new byte[32];
System.arraycopy(privateKey, 0, privateKeyOnly, 0, Ed25519Sign.SECRET_KEY_LEN);
byte[] signatureValue = new Ed25519Sign(privateKeyOnly).sign(content);
return signatureValue;
}
So kinda confusing imo.
It states that the param needed is the byte array for the private key, but actually it requires the private key byte array concat-ed with the public key byte array
I agree this is confusing, however we did this to mirror what libsodium has been doing, where in several places the public and private keys are used together. Not sure what's the reason for this.
See e.g. here:
I suppose the Tink approach is better, where the "private key" is really only the private key.
I just added two commits which hopefully document the issues that were raised here a bit:
https://github.com/danubetech/key-formats-java/commit/433dd834589d6b34badcd534d00de8d8d41c34bc https://github.com/danubetech/key-formats-java/commit/06809721fe70d68470d9ec9652489007cb8ce52e
thanks for the updates. btw are there any plans for something like ld-signatures-swift
or anything for iOS?
No sorry, at the moment we don't have plans to implement this in any other lanaguge...
Can we close this issue?
yes, thanks
Is this library able to be used in an Android device? I am getting exception for the instantiation of
com.danubetech.keyformats.crypto.provider.impl.NaClSodiumEd25519Provider
when running in Android.Full stack trace below