rage icon indicating copy to clipboard operation
rage copied to clipboard
verified publisher icon str4d

Decide how to handle key read-write cycle

Open str4d opened this issue 6 years ago • 2 comments

The X25519 function allows any 32-byte string as a secret key, and clamps it as a scalar on use. From 712c025b40275014e204b60d3ee39c4762cadf86 the library stores keys internally in clamped form (rage -g returns clamped keys but rage -d accepts both clamped and unclamped). This means that reading and then writing a key may result in a different encoding. I do not know if this is likely to trip anyone up, and in any case I cannot think of any reason for anyone to be performing this operation. That being said, it would be nice to document this behaviour somewhere, and/or discourage or prevent the read/write cycle.

str4d avatar Oct 30 '19 08:10 str4d

To be clear, I'm referring to the read-write APIs on age::SecretKey, for downstream library users. The rage and rage-keygen tools do not have this problem.

str4d avatar Dec 28 '19 13:12 str4d

One way around this would be to have distinct types for generated and parsed SecretKeys. I'll play with this idea during my recipients / identities refactor for 0.5.

str4d avatar Mar 28 '20 09:03 str4d