hare

[hare] The Hare programming language
git clone https://git.torresjrjr.com/hare.git
Log | Files | Refs | README | LICENSE
commit dd6895e2dcbe262482f67f569b4d6cdc795150a4
parent 95992f6d6f9d7a548ace16af84d66bc4571bff41
Author: Drew DeVault <sir@cmpwn.com>
Date:   Fri,  6 May 2022 16:33:01 +0200

crypto::*25519: add note about keys

Shamelessly stolen verbatim from Monocypher

Signed-off-by: Drew DeVault <sir@cmpwn.com>

Diffstat:

Mcrypto/ed25519/README | 3+++


Mcrypto/x25519/README | 3+++


2 files changed, 6 insertions(+), 0 deletions(-)

diff --git a/crypto/ed25519/README b/crypto/ed25519/README
@@ -1,5 +1,8 @@
 This module implements the ed25519 signature algorithm, as defined by RFC 8032.
 
+Do not use the same secret key for both key exchanges and signatures. The public
+keys are different and revealing both may leak information.
+
 This is a low-level module which implements cryptographic primitives. Direct use
 of cryptographic primitives is not recommended for non-experts, as incorrect use
 of these primitives can easily lead to the introduction of security
diff --git a/crypto/x25519/README b/crypto/x25519/README
@@ -4,6 +4,9 @@ derive shared keys between them, based on curve25519.
 A key pair is created by generating a private key with [[newkey]] and deriving
 the public key with [[pubkey]]. A shared key can be found by using [[derive]].
 
+Do not use the same secret key for both key exchanges and signatures. The public
+keys are different and revealing both may leak information.
+
 This is a low-level module which implements cryptographic primitives. Direct use
 of cryptographic primitives is not recommended for non-experts, as incorrect use
 of these primitives can easily lead to the introduction of security