jakubtrnka
commented
3 years ago I'm willing to implement this if the idea gets positive acknowledgement.
Open jakubtrnka opened 3 years ago
jakubtrnka
commented
3 years ago I'm willing to implement this if the idea gets positive acknowledgement.
I implemented a simple certificate infrastructure. The server is sending certificate with its static public key signed by some authority to a client. The server on startup reads file with the certificate and its secret static key.
I want to implement validation of the server's secret key against the public key in the certificate so that I can tell "This secret key belongs to that public key".
There is, no api for this. I need to take the cryptographic algorithm and do the check manually, bypassing the abstraction layers that are hiding details about the underlying algorithms.
I imagine something like adding a method to the Builder:
Builder::build_keypair(&self) -> Result<Keypair, Error>that doesn't generate new keypair but instead takes local private key that was set previously with methodlocal_private_keyand calculates corresponding public key. Perhaps even exploit generate_key_pair for that purpose in case user sets explicitly private key.