From e820e1421bfa796ecf1bf14ad5179f7f23aa828d Mon Sep 17 00:00:00 2001
From: Justin W Smith <103147162+justsmth@users.noreply.github.com>
Date: Tue, 24 Oct 2023 10:22:02 -0400
Subject: [PATCH] Expose Ed25519Seed

---
 aws-lc-rs/src/ed25519.rs         | 24 +++++++++++++++++++-----
 aws-lc-rs/src/signature.rs       |  4 +++-
 aws-lc-rs/tests/ed25519_tests.rs |  3 ++-
 3 files changed, 24 insertions(+), 7 deletions(-)

diff --git a/aws-lc-rs/src/ed25519.rs b/aws-lc-rs/src/ed25519.rs
index 505f0c99a01..3fec3c45639 100644
--- a/aws-lc-rs/src/ed25519.rs
+++ b/aws-lc-rs/src/ed25519.rs
@@ -20,6 +20,7 @@ use std::fmt::{Debug, Formatter};
 use std::mem::MaybeUninit;
 use std::ptr::null_mut;
 
+use crate::buffer::Buffer;
 #[cfg(feature = "ring-sig-verify")]
 use untrusted::Input;
 use zeroize::Zeroize;
@@ -99,12 +100,25 @@ impl Drop for Ed25519KeyPair {
 
 #[derive(Clone)]
 #[allow(clippy::module_name_repetitions)]
+/// The seed value for the `EdDSA` signature scheme using Curve25519
 pub struct Seed<'a>(&'a Ed25519KeyPair);
 
-impl AsRef<[u8]> for Seed<'_> {
-    #[inline]
-    fn as_ref(&self) -> &[u8] {
-        &self.0.private_key[..ED25519_PRIVATE_KEY_SEED_LEN]
+/// Elliptic curve private key data encoded as a big-endian fixed-length integer.
+#[allow(clippy::module_name_repetitions)]
+pub struct Ed25519SeedBuffer {
+    _priv: (),
+}
+
+impl Seed<'_> {
+    /// Exposes the seed encoded as a big-endian fixed-length integer.
+    ///
+    /// For most use-cases, `EcdsaKeyPair::to_pkcs8()` should be preferred.
+    ///
+    /// # Errors
+    /// `error::Unspecified` if serialization failed.
+    pub fn to_buffer(&self) -> Result<Buffer<'static, Ed25519SeedBuffer>, Unspecified> {
+        let buffer = Vec::from(&self.0.private_key[..ED25519_PRIVATE_KEY_SEED_LEN]);
+        Ok(Buffer::<Ed25519SeedBuffer>::new(buffer))
     }
 }
 
@@ -383,7 +397,7 @@ impl Ed25519KeyPair {
         }))
     }
 
-    /// Provides the private key "seed" for this Ed25519 key pair.
+    /// Provides the private key "seed" for this `Ed25519` key pair.
     ///
     /// For serialization of the key pair, `Ed25519KeyPair::to_pkcs8()` is preferred.
     ///
diff --git a/aws-lc-rs/src/signature.rs b/aws-lc-rs/src/signature.rs
index af829c76039..5424588a3b7 100644
--- a/aws-lc-rs/src/signature.rs
+++ b/aws-lc-rs/src/signature.rs
@@ -257,7 +257,9 @@ use crate::ec::EcdsaSignatureFormat;
 pub use crate::ec::{
     EcPublicKeyDer, EcdsaSigningAlgorithm, EcdsaVerificationAlgorithm, PublicKey as EcdsaPublicKey,
 };
-pub use crate::ed25519::{Ed25519KeyPair, EdDSAParameters, ED25519_PUBLIC_KEY_LEN};
+pub use crate::ed25519::{
+    Ed25519KeyPair, EdDSAParameters, Seed as Ed25519Seed, ED25519_PUBLIC_KEY_LEN,
+};
 
 /// The longest signature is an ASN.1 P-384 signature where *r* and *s* are of
 /// maximum length with the leading high bit set on each. Then each component
diff --git a/aws-lc-rs/tests/ed25519_tests.rs b/aws-lc-rs/tests/ed25519_tests.rs
index 74201c1cf7f..3cbe2644398 100644
--- a/aws-lc-rs/tests/ed25519_tests.rs
+++ b/aws-lc-rs/tests/ed25519_tests.rs
@@ -222,11 +222,12 @@ fn test_seed() {
 
     let key_pair = Ed25519KeyPair::from_pkcs8(key_pair_doc.as_ref()).unwrap();
     let seed = key_pair.seed().unwrap();
+    let seed_buffer = seed.to_buffer().unwrap();
 
     let pub_key = key_pair.public_key();
 
     let key_pair_copy =
-        Ed25519KeyPair::from_seed_and_public_key(seed.as_ref(), pub_key.as_ref()).unwrap();
+        Ed25519KeyPair::from_seed_and_public_key(seed_buffer.as_ref(), pub_key.as_ref()).unwrap();
     let key_pair_copy_doc = key_pair_copy.to_pkcs8().unwrap();
 
     assert_eq!(key_pair_doc.as_ref(), key_pair_copy_doc.as_ref());