Struct ed25519_dalek::hazmat::ExpandedSecretKey
source · pub struct ExpandedSecretKey {
pub scalar: Scalar,
pub hash_prefix: [u8; 32],
}
hazmat
only.Expand description
Contains the secret scalar and domain separator used for generating signatures.
This is used internally for signing.
In the usual Ed25519 signing algorithm, scalar
and hash_prefix
are defined such that
scalar || hash_prefix = H(sk)
where sk
is the signing key and H
is SHA-512.
WARNING: Deriving the values for these fields in any other way can lead to full key
recovery, as documented in raw_sign
and raw_sign_prehashed
.
Instances of this secret are automatically overwritten with zeroes when they fall out of scope.
Fields§
§scalar: Scalar
The secret scalar used for signing
hash_prefix: [u8; 32]
The domain separator used when hashing the message to generate the pseudorandom r
value
Implementations§
source§impl ExpandedSecretKey
impl ExpandedSecretKey
sourcepub fn from_bytes(bytes: &[u8; 64]) -> Self
pub fn from_bytes(bytes: &[u8; 64]) -> Self
Construct an ExpandedSecretKey
from an array of 64 bytes. In the spec, the bytes are the
output of a SHA-512 hash. This clamps the first 32 bytes and uses it as a scalar, and uses
the second 32 bytes as a domain separator for hashing.
sourcepub fn from_slice(bytes: &[u8]) -> Result<Self, SignatureError>
pub fn from_slice(bytes: &[u8]) -> Result<Self, SignatureError>
Construct an ExpandedSecretKey
from a slice of 64 bytes.
§Returns
A Result
whose okay value is an EdDSA ExpandedSecretKey
or whose error value is an
SignatureError
describing the error that occurred, namely that the given slice’s length
is not 64.
Trait Implementations§
source§impl Drop for ExpandedSecretKey
Available on crate feature zeroize
only.
impl Drop for ExpandedSecretKey
zeroize
only.source§impl From<&[u8; 32]> for ExpandedSecretKey
impl From<&[u8; 32]> for ExpandedSecretKey
The spec-compliant way to define an expanded secret key. This computes SHA512(sk)
, clamps the
first 32 bytes and uses it as a scalar, and uses the second 32 bytes as a domain separator for
hashing.
source§fn from(secret_key: &SecretKey) -> ExpandedSecretKey
fn from(secret_key: &SecretKey) -> ExpandedSecretKey
source§impl From<&ExpandedSecretKey> for VerifyingKey
impl From<&ExpandedSecretKey> for VerifyingKey
source§fn from(expanded_secret_key: &ExpandedSecretKey) -> VerifyingKey
fn from(expanded_secret_key: &ExpandedSecretKey) -> VerifyingKey
Derive this public key from its corresponding ExpandedSecretKey
.
source§impl TryFrom<&[u8]> for ExpandedSecretKey
impl TryFrom<&[u8]> for ExpandedSecretKey
impl ZeroizeOnDrop for ExpandedSecretKey
zeroize
only.