Signing Message Can't Be Of Arbitrary Size

[LuisOsta]

To my understanding (here's a RFC link to what I think is the relevant bit), the messages that can be signed by a Ed25519 can be of arbitrary size.

But the sign function enforces a 32-byte message:

throw new TypeError(`Expected Uint8Array of length ${lengths}, not of length=${b.length}`);
              ^
TypeError: Expected Uint8Array of length 32, not of length=91

Why does the library do this?

[LuisOsta]

Here's the line that enforces the 32-byte limit - https://github.com/paulmillr/ed25519-keygen/blob/39a7ca48765fbdda27616e6bdd9558f491d35d2a/src/hdkey.ts#L130

[paulmillr]

yeah, probably. pull request with tests etc is welcome.

[LuisOsta]

@paulmillr I've created a PR https://github.com/paulmillr/ed25519-keygen/pull/6 that removes the check, the tests pass. What tests would you want me to add if any? The change doesn't really deal with any of the cryptography but a semantic thing about size requirements

[LuisOsta]

Also @paulmillr I'm unsure if this is intentional but the top level npm test doesn't actually run the HDKey tests as those are defined & included under a separate package.json. So I don't think the automatic GitHub workflow actually runs the HDKey tests

[LuisOsta]

@paulmillr When do you think you'll be able to cut a new release?

[paulmillr]

@LuisOsta 0.4.1 is live now