unifying the crypto keypair APIs #21002
Conversation
jakubDoka
changed the title
lib/std/crypto/25519/ed25519.zig
Outdated
| @@ -506,7 +507,7 @@ test "signature" { | |||
| test "batch verification" { | |||
| var i: usize = 0; | |||
| while (i < 100) : (i += 1) { | |||
| const key_pair = try Ed25519.KeyPair.create(null); | |||
| const key_pair = try Ed25519.KeyPair.initWithRandomSeed(); | |||
There was a problem hiding this comment.
unit tests should not use std.crypto.random, instead they should use std.testing.random_seed.
this is a problem with master branch, but it should be fixed in this PR before merging.
There was a problem hiding this comment.
I noticed https://github.com/ziglang/zig/blob/master/lib/std/crypto/salsa20.zig#L539 will need to be changed to take a seed, the initWithRandomSeed should probably be removed to reduce the likelihood of similar mistakes.
|
I have repeated the |
|
I strongly disagree with these changes. Virtually all applications should always use non-deterministic keys. We should absolutely not encourage people to provide their own seed, possibly from insecure random number generators or constant seeds. This is a recipe for disaster. Aa |
| @@ -19,8 +19,6 @@ pub const X25519 = struct { | |||
| pub const public_length = 32; | |||
| /// Length (in bytes) of the output of the DH function. | |||
| pub const shared_length = 32; | |||
| /// Seed (for key pair creation) length in bytes. | |||
| pub const seed_length = 32; | |||
There was a problem hiding this comment.
That shouldn't be removed.
There was a problem hiding this comment.
It's was moved to the keypair to unify things
| @@ -229,8 +229,6 @@ fn Kyber(comptime p: Params) type { | |||
| pub const shared_length = common_shared_key_size; | |||
| /// Length (in bytes) of a seed for deterministic encapsulation. | |||
| pub const encaps_seed_length = common_encaps_seed_length; | |||
| /// Length (in bytes) of a seed for key generation. | |||
| pub const seed_length: usize = inner_seed_length + shared_length; | |||
There was a problem hiding this comment.
Why remove these useful constants?
Testing is an extremely common use case.
You really think people are going to reach for Ed25519 encryption, and then pass the system time or something like that? ...you know what now that I think of it, yes, people are absolutely that stupid. Point taken.
However, let us accomplish your goal while keeping existing conventions, with |
|
Besides humans, AI now also writes code so this is even more important 😂. I'll get to this tomorrow |
Not really. Maybe in other languages, but in Zig,
There's nothing wrong with |
| pub fn benchmarkSignature(comptime Signature: anytype, comptime signatures_count: comptime_int) !u64 { | ||
| const msg = [_]u8{0} ** 64; | ||
| const key_pair = try Signature.KeyPair.create(null); | ||
| const key_pair = try initBenchKeyPair(Signature); |
There was a problem hiding this comment.
The benchmark can simply use Signature.KeyPair.create().
| test "batch verification" { | ||
| var prng = std.Random.DefaultPrng.init(std.testing.random_seed); |
There was a problem hiding this comment.
People often refer to tests to understand how to use things.
So perhaps use DefaultCsprng instead, and rename prng to test_prng to clarify that this code is intended solely for testing.
Frank, please do a couple greps and see that this is completely wrong. |
|
And once again I am renaming things🍷 |
|
@jakubDoka I recommend for you to sit back and do nothing until we work this out. |
|
So, does the |
|
The
|
|
Would |
|
"generate" is fine. Mainly, I care about separate functions rather than optionals (the pattern in #20953). I understand the desire to help people write better code (really, I do), but the bottom line is that entropy is an externally-provided dependency, and it needs to be recognized as one in the API. That's just a fact of reality in programming. I would like to avoid the convention-breaking |
|
Let's opt for |
|
Is this all? |
Our key pair creation API was ugly and inconsistent between ecdsa keys and other keys. The same `generate()` function can now be used to generate key pairs, and that function cannot fail. For deterministic keys, a `generateDeterministic()` function is available for all key types. Fix comments and compilation of the benchmark by the way. Fixes ziglang#21002
Related to #20953
I changed all keypair APIs I could find to
initfor the pure derivation from seed, and addedinitWithRandomSeedthat's mostly used in tests/benchmarks.Note: I noticed docs on the new functions are missing, though, I feel like they are unnecessary.