Closed dajiaji closed 2 years ago
paragonie-security
commented
2 years ago We're erring on the side of over-specifying rather than under-specifying. Use what you need from the test vectors; you don't need everything, I'd wager.
Some implementations aim to deterministically generate the tokens from the parameters. Others are content with merely decoding successfully.
We're considering adding failing tests (i.e. this MUST fail) to make sure people aren't only testing the happy path.
dajiaji
commented
2 years ago Thanks for your quick reply.
We're erring on the side of over-specifying rather than under-specifying. Use what you need from the test vectors; you don't need everything, I'd wager.
Some implementations aim to deterministically generate the tokens from the parameters. Others are content with merely decoding successfully.
OK. I understand that there are cases where a seed is used to verify the step to generate an Ed25519 private key. Anyway, I’ll ignore these test cases for the time being. Maybe I'll send a PR for making the ”paserk"s not include a seed.
We're considering adding failing tests (i.e. this MUST fail) to make sure people aren't only testing the happy path.
Good news. I'm looking forward to it.
paragonie-security
commented
2 years ago Our consideration is in #4. We'll also clarify in the README that the test vectors contain extraneous information and to only use what you need from each JSON entry.
Hi @paragonie-security and folks,
Could you tell me whether Ed25519 secret key should include seed information or not?
The spec (https://github.com/paseto-standard/paserk/blob/master/types/secret.md) says:
However, the test vectors defined in k2.secret.json and k4.secret.json include seed information and it seems to me that the PASERK data is concatenated with the seed and the secret key. To my understanding, the length of the Ed25519 private key is 32 bytes and I think there is no need to add 32 byte seed information to the private key.
Regards, dajiaji