Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
proposal: crypto/tls, crypto/x509: EdDSA certificates support #25355
Ed25519 and Ed448 certificates are finally coming.
https://tools.ietf.org/html/draft-ietf-curdle-pkix-07 is the draft for X.509, and Ed25519/Ed448 are supported directly by TLS 1.3.
The implementation is not hard and I have a branch of it already: master...FiloSottile:filippo/ed25519
The problem is that we'll have to vendor golang.org/x/crypto/ed25519 for the primitive functionality (like we did with golang.org/x/crypto/curve25519), but that will mismatch the PublicKey and PrivateKey types, which are exposed to the user in tls.Certificate.PrivateKey and x509.Certificate.PublicKey. A user-supplied ed25519.PrivateKey would not type-assert to the vendored ed25519.PrivateKey, and a parsed ed25519.PublicKey would not type-assert to the application side one.
I can think of three decent solutions off the top of my head:
We also need to decide if we want to bring Ed448 on board at the same time. We don't have a Ed448 implementation yet.