rage
rage copied to clipboard
Decide how to handle key read-write cycle
The X25519 function allows any 32-byte string as a secret key, and clamps it as a scalar on use. From 712c025b40275014e204b60d3ee39c4762cadf86 the library stores keys internally in clamped form (rage -g
returns clamped keys but rage -d
accepts both clamped and unclamped). This means that reading and then writing a key may result in a different encoding. I do not know if this is likely to trip anyone up, and in any case I cannot think of any reason for anyone to be performing this operation. That being said, it would be nice to document this behaviour somewhere, and/or discourage or prevent the read/write cycle.
To be clear, I'm referring to the read-write APIs on age::SecretKey
, for downstream library users. The rage
and rage-keygen
tools do not have this problem.
One way around this would be to have distinct types for generated and parsed SecretKey
s. I'll play with this idea during my recipients / identities refactor for 0.5.