Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
mas.to is one of the many independent Mastodon servers you can use to participate in the fediverse.
Hello! mas.to is a fast, up-to-date and fun Mastodon server.

Administered by:

Server stats:

13K
active users

mas.to: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

gimre

HUGE disclaimer, I DO NOT recommend doing this with any key pair that contains substantial funds.
Re-read that line, before continuing.

Aug 24, 2023, 03:18 PM·Public·Web
0boosts·0favorites
Public
gimre

I've recently mentioned tool.
Besides encrypting with a --password, age has --recipient flag, which allows bech32 encoded X25519 public keys.

Now there are few things to untagle here.

In we're using ed25519 keys, therefore we represent public keys as compressed coordinates on Edwards curve.

Public
gimre

x25519 key pair is somewhat similar but different:
* it uses slightly different 'raw' private key - which is better suited for some applications,
* public keys are usually represented as (compressed) coordinates on Montgomery curve.

Luckily it just so happens, that it's pretty easy to turn ed25519 keypair into x25519 keypair,
moreover due to birational mapping, it's also somewhat easy to covert just the public key,
for more details see rfc-editor.org/rfc/rfc7748.htm.

www.rfc-editor.orgRFC 7748: Elliptic Curves for Security
Public
gimre

Bech32 is just an encoding, quite similar to base32, note howevere, that --recipient is bech32 encoding of public key, and not really an address.

What that means is that we can use Symbol accounts as encrypted age file --recipients.

Public
gimre

Let's consider account with (ed25519) public key:
`23AC0770A1060241604A8E60A47166E3E5B4034D4EE321DBE19B342E85B21544`

Converting to Montgomery curve, we get (x25519) public key:
`0959f53de990977507dd785f76e94128d16b902349d30b4f6ba4551dafbc425b`

bech32 recipient is:
`age1p9vl200fjzth2p7a0p0hd62p9rgkhyprf8fsknmt5323mtaugfdsad26fu`

Public
gimre

I'll be using (github.com/str4d/rage), but command line is exactly the same.

Anyone can encrypt file intended for that recipient:
rage --recipient age1...26fu --output super.secret.age cat.txt

Recipient having his x25519 PRIVATE key inside identity.x25519, can decrypt the file.
rage --decrypt --identity identity.x25519 --output super.secret.age unknown.txt

GitHubGitHub - str4d/rage: A simple, secure and modern file encryption tool (and Rust library) with small explicit keys, no config options, and UNIX-style composability.A simple, secure and modern file encryption tool (and Rust library) with small explicit keys, no config options, and UNIX-style composability. - str4d/rage
Public
gimre

Bonus, identity key can be encrypted with a password:
rage --encrypt --password --output identity.x25519.age identity.x25519

And there will be password prompt, when decrypting the file using ENCRYPTED private key:
rage --decrypt --identity identity.x25519.age --output super.secret.age unknown.txt

Public
gimre

Last but not least, If you're curious: in ed25519, the 'raw' key material is first passed through sha512, and first 32 bytes
are used as actual scalar, in x25519 there's no such step.

Finally, if you want to experiment on your own, I've made a small page, that does everything within a browser 🥳.

gimre-xymcity.github.io/bech32

gimre-xymcity.github.ioDev tools
Public
gimre

P.S. In case of symbol, I'd rather recommend generating fresh x25519 key pair (i.e. using rage-keygen) and associating x25519 public key with an account using some metadata key (i.e. 0x3931353532656761)

ExploreLive feeds
About