Closed Laegluin closed 4 years ago
The reason is that the keypair is encrypted. All traces of the original secret key are wiped from memory. Signing is not possible without the password.
Instead of generate_encrypted_keypair()
, you can use generate_unencrypted_keypair()
to create a password-less key pair, that can be immediately used.
Granted, the fact that both functions return the same structure is a bit confusing. Maybe different types should be used.
Thanks a lot, I expected there was a reason I just didn't see.
Granted, the fact that both functions return the same structure is a bit confusing. Maybe different types should be used.
Yeah, that would be really helpful. I assume that's not a whole lot of work, but I'll gladly help if you need it :)
When using the key pair struct returned by
KeyPair::generate_encrypted_keypair
to create a signature, verification using the public key fails withPError { kind: Verify, err: "Could not verify signature with the provided public key ID: 2265E6986983A09D" }
.When converting the secret key to a string and then loading it again first, signature creation and validation works as expected.
See this gist for short example: https://gist.github.com/Laegluin/b07abe10bfabb01b16903c9e1b5aef50