github.com/agl/ed25519 unmaintained #1
Comments
|
CMIAW, but it looks like x/crypto/ed25519 uses 64 bytes for private ED25519 keys, so it can't simpy swapped because the signal protocol uses 32 bytes. |
|
@oz Fork of github.com/agl/ed25519 also defines private key size as 64 bytes. I could be wrong, it looks like second half of 32 bytes is used to store public key. |
|
The x/crypto/ed25519 can't import internal package golang.org/x/crypto/ed25519/internal/edwards25519, I think to fork it to the package is a good choice |
|
Yes, we cannot directly use internal packages. If functions in internal source is required, we could try check with the maintainer (or, submit a PR) and see whether that request can be entertained? That way, there is no less dependency to maintain/worry about. |
|
In case anyone is interested, I updated my fork to use filippo.io/edwards25519 and the stdlib crypto/ed25519: https://github.com/tulir/libsignal-protocol-go/blob/main/ecc/SignCurve25519.go |
Cool, DONE d983864 |
Above dependency is unmaintained. As per the README in the ed25519 repository:
--8<--
This repository is unmaintained. Please see x/crypto/ed25519 for a maintained version.
Before trying to recover a previous version from git, note that I left a one-bit leak in the Elligator code in for years because I'm literally not looking at the PRs. Uncared for code is not a foundation to build upon.
--8<--
Any plans to use the x/crypto/ed25519 instead of github/agl/ed25519?
The text was updated successfully, but these errors were encountered: