View Issue Details

IDProjectCategoryView StatusLast Update
0009952Talerqtartpublic2025-06-03 20:54
Reporterfefe Assigned ToFlorian Dold  
PrioritynormalSeverityminorReproducibilityhave not tried
Status resolvedResolutionfixed 
Summary0009952: js_talercrypto_eddsa_key_get_public: minor code readability suggestion
DescriptionIn tart_module.c:

   539 unsigned char pk[crypto_sign_PUBLICKEYBYTES];
   540 unsigned char sk[crypto_sign_SECRETKEYBYTES];
   541
   542 buf = expect_fixed_buffer(ctx, argv[0], 32, "eddsa private key");

The 32 is unexplained.
crypto_sign_PUBLICKEYBYTES is 32 and could be what is meant here.
crypto_sign_SECRETKEYBYTES is 64 and "eddsa private key" suggests it might be more correct.
Following the code it looks like actually only 32 bytes are read from buf and it is really a seed, not the eddsa private key, so maybe change the string as well?
TagsNo tags attached.

Activities

fefe

2025-05-13 14:04

developer   ~0024895

Similar issue in the function right after this one, js_talercrypto_ecdhe_key_get_public

Florian Dold

2025-06-03 20:51

manager   ~0025116

Last edited: 2025-06-03 20:54

commit 36e7fabe75facc704e0e53e882a0f5c0cb6625c9 (HEAD -> master, origin/master, origin/HEAD)
Author: Florian Dold <florian@dold.me>
Date: Tue Jun 3 20:45:58 2025 +0200

    avoid magic number, call it seed
    
    In the core Taler / GNUnet code base, we (somewhat incorrectly) use
    the name "private key" for what libsodium calls "secret seed".
    
    Issue: https://bugs.taler.net/n/9952

Issue History

Date Modified Username Field Change
2025-05-13 14:02 fefe New Issue
2025-05-13 14:04 fefe Note Added: 0024895
2025-05-13 14:40 Christian Grothoff Assigned To => Florian Dold
2025-05-13 14:40 Christian Grothoff Status new => assigned
2025-06-03 20:51 Florian Dold Note Added: 0025116
2025-06-03 20:51 Florian Dold Status assigned => resolved
2025-06-03 20:51 Florian Dold Resolution open => fixed
2025-06-03 20:54 Florian Dold Note Edited: 0025116