0

I'm facing an issue with Go's crypto/ed25519 package. I'm trying to verify the signature of a message, but the Signature and Public Key that I have to verify are longer than what crypto/ed25519 supports.

In the crypto/ed25519 package there are limits to the length of keys and signatures that are supported:

const (
    // PublicKeySize is the size, in bytes, of public keys as used in this package.
    PublicKeySize = 32
    // PrivateKeySize is the size, in bytes, of private keys as used in this package.
    PrivateKeySize = 64
    // SignatureSize is the size, in bytes, of signatures generated and verified by this package.
    SignatureSize = 64
    // SeedSize is the size, in bytes, of private key seeds. These are the private key representations used by RFC 8032.
    SeedSize = 32
)

But the key that I have to use to verify the message are longer than this:

SignatureSize = 128
PublicKeySize = 64

When I try to use the Verify(...) function it returns false because of the size of my size of my signature and public key. What can I do to verify my signature at it's current length?

Jonathan Hall
  • 75,165
  • 16
  • 143
  • 189
Maia
  • 5
  • 3
  • 3
    You either have your credentials in the wrong format (e.g. hex encoded or base64 encoded), or you don't have an Ed25519 key. A public key is defined to be 32 bytes. The signature is defined to be 64 bytes. See: https://ed25519.cr.yp.to – John Dec 10 '20 at 20:50
  • too much suspense in this question. I would like to see how those keys and signatures were generated, or, at least, what they look like. –  Dec 10 '20 at 21:01

1 Answers1

1

Most likely the key and signature you have are hex encoded to keep them human readable and easily transmittable in headers, json, etc.

Try decoding them first:

    const s = "48656c6c6f20476f7068657221"
    decoded, err := hex.DecodeString(s)
    if err != nil {
        log.Fatal(err)
    }

    fmt.Println(len(decoded))
TehSphinX
  • 6,536
  • 1
  • 24
  • 34