Closed bbyrd74 closed 6 years ago
crypto_sign_keypair
generates an Ed25519 keypair with a "compressed Edwards-y" public key
crypto_box_seal
expects a "Montgomery-u" public key
Though these curves are birationally equivalent and therefore you can map group elements from one to another, you can't simply substitute one compressed point for another as they use completely different point compression formats/encodings. You'd have to actively convert between them.
Max, Thanks much for this tip. I have my application working perfectly now with this conversion. And I learned something very important on the difference between ED/Curve keys.
On Sun, Oct 15, 2017 at 7:50 AM, Max Bruckner notifications@github.com wrote:
https://download.libsodium.org/doc/advanced/ed25519-curve25519.html
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/jedisct1/libsodium/issues/613#issuecomment-336709500, or mute the thread https://github.com/notifications/unsubscribe-auth/AKQ5UGyuMs6DxY6ItmMxAC00rriJSuylks5ssf-egaJpZM4P454g .
I can create a standard pair of keys with crypto_box_keypair(publicKey, privateKey) and with that I can encrypt a message using the public key, and then decrypt it with the private key
But should this not also work with signed keys as well? I can use crypto_sign_keypair(publicKey, privateKey) and and sign/verify messages with created keys, and when I try to encrypt a message using the public key, that seems to work, but then decrypting it just crashes. I even extracted the 1st 32 bytes from the private key as for signed keypair, the private key is the full 64 bytes, with the first 32 being the private seed and the next 32 being the public key; and it appears that crypto_box_seal and crypto_box_seal_open expects only 32bytes for the private key.