Clarify that ed25519.generateDeterministic() can be used outside tests

Fixes #22946
2025-12-06 13:54:21 +00:00 · 2025-02-19 22:34:52 +01:00 · 2025-02-19 22:34:52 +01:00 · 541d54a37d
commit 541d54a37d
parent d0e288ab18
1 changed files with 3 additions and 2 deletions
--- a/lib/std/crypto/25519/ed25519.zig
+++ b/lib/std/crypto/25519/ed25519.zig
@ -247,7 +247,7 @@ pub const Ed25519 = struct {

        /// Deterministically derive a key pair from a cryptograpically secure secret seed.
        ///
-        /// Except in tests, applications should generally call `generate()` instead of this function.
+        /// To create a new key, applications should generally call `generate()` instead of this function.
        ///
        /// As in RFC 8032, an Ed25519 public key is generated by hashing
        /// the secret key using the SHA-512 function, and interpreting the
@ -290,7 +290,8 @@ pub const Ed25519 = struct {
        /// Note that with EdDSA, storing the seed, and recovering the key pair
        /// from it is recommended over storing the entire secret key.
        /// The seed of an exiting key pair can be obtained with
-        /// `key_pair.secret_key.seed()`.
+        /// `key_pair.secret_key.seed()`, and the secret key can then be
+        /// recomputed using `SecretKey.generateDeterministic()`.
        pub fn fromSecretKey(secret_key: SecretKey) (NonCanonicalError || EncodingError || IdentityElementError)!KeyPair {
            // It is critical for EdDSA to use the correct public key.
            // In order to enforce this, a SecretKey implicitly includes a copy of the public key.