Ed25519SecretKey

dcrypt_sign::eddsa

Struct Ed25519SecretKey 

Source 
pub struct Ed25519SecretKey { /* private fields */ }
Expand description

Ed25519 secret key

§Security

This type contains secret key material that must be kept confidential:

  • Store securely (encrypted at rest)
  • Transmit securely (TLS/encrypted channels)
  • Clear from memory after use (automatic via Drop)
  • Never log or display the key material

The internal representation includes both the seed and expanded key material. Only the seed needs to be stored for persistence.

Implementations§

Source§

impl Ed25519SecretKey

Source

pub fn from_seed(seed: &[u8; 32]) -> ApiResult<Self>

Create a secret key from a 32-byte seed

This is useful when loading keys from storage. The seed is expanded using SHA-512 and the appropriate bits are clamped as per RFC 8032.

§Security
  • Only use seeds from trusted sources
  • Ensure seeds were generated with a cryptographic RNG
  • Never use predictable or low-entropy seeds
  • Validate seed integrity if loading from storage
§Example
use dcrypt_sign::eddsa::{Ed25519, Ed25519SecretKey};
use dcrypt_api::Signature;

// Load seed from storage (example uses fixed bytes)
let seed = [42u8; 32];
 
// Reconstruct secret key
let secret = Ed25519SecretKey::from_seed(&seed)?;
 
// Can now derive public key
let public = secret.public_key()?;
 
// Or use for signing
let message = b"test";
let signature = Ed25519::sign(message, &secret)?;
Source

pub fn seed(&self) -> &[u8; 32]

Get the 32-byte seed value

This is the original random seed before expansion. This is what should be stored when saving keys to persistent storage.

§Security
  • Encrypt seeds before storing to disk
  • Use secure key derivation if password-protecting
  • Clear seed arrays from memory after use
  • Never log or transmit seeds over insecure channels
Source

pub fn export_seed(&self) -> Zeroizing<Vec<u8>>

Export the seed as a Zeroizing vector for secure handling

Source

pub fn public_key(&self) -> ApiResult<Ed25519PublicKey>

Get the public key corresponding to this secret key

This derives the public key on-demand from the secret key material. The derivation is deterministic, so calling this multiple times will always return the same public key.

§Example
use dcrypt_sign::eddsa::Ed25519;
use dcrypt_api::Signature;
use rand::rngs::OsRng;

let mut rng = OsRng;
let (_, secret) = Ed25519::keypair(&mut rng)?;
 
// Get public key from secret key
let public = secret.public_key()?;
 
// Can use it for verification
let message = b"test message";
let signature = Ed25519::sign(message, &secret)?;
assert!(Ed25519::verify(message, &signature, &public).is_ok());

Trait Implementations§

Source§

impl Clone for Ed25519SecretKey

Source§

fn clone(&self) -> Ed25519SecretKey

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for Ed25519SecretKey

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Drop for Ed25519SecretKey

Source§

fn drop(&mut self)

Executes the destructor for this type. Read more
Source§

impl Zeroize for Ed25519SecretKey

Source§

fn zeroize(&mut self)

Zero out this object from memory using Rust intrinsics which ensure the zeroization operation is not “optimized away” by the compiler.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V