From 9e688a43f1c398f44060a7401664ef9791f8e5d5 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Wed, 19 Feb 2025 22:34:52 +0100 Subject: [PATCH] Clarify that ed25519.generateDeterministic() can be used outside tests Fixes #22946 --- lib/std/crypto/25519/ed25519.zig | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/std/crypto/25519/ed25519.zig b/lib/std/crypto/25519/ed25519.zig index 082650328e88..54fbe2bdab6a 100644 --- a/lib/std/crypto/25519/ed25519.zig +++ b/lib/std/crypto/25519/ed25519.zig @@ -247,7 +247,7 @@ pub const Ed25519 = struct { /// Deterministically derive a key pair from a cryptograpically secure secret seed. /// - /// Except in tests, applications should generally call `generate()` instead of this function. + /// To create a new key, applications should generally call `generate()` instead of this function. /// /// As in RFC 8032, an Ed25519 public key is generated by hashing /// the secret key using the SHA-512 function, and interpreting the @@ -290,7 +290,8 @@ pub const Ed25519 = struct { /// Note that with EdDSA, storing the seed, and recovering the key pair /// from it is recommended over storing the entire secret key. /// The seed of an exiting key pair can be obtained with - /// `key_pair.secret_key.seed()`. + /// `key_pair.secret_key.seed()`, and the secret key can then be + /// recomputed using `SecretKey.generateDeterministic()`. pub fn fromSecretKey(secret_key: SecretKey) (NonCanonicalError || EncodingError || IdentityElementError)!KeyPair { // It is critical for EdDSA to use the correct public key. // In order to enforce this, a SecretKey implicitly includes a copy of the public key.