Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WIP: ED25519 support. #3361

Closed
wants to merge 16 commits into from
Closed

WIP: ED25519 support. #3361

wants to merge 16 commits into from

Conversation

@snhenson
Copy link
Contributor

@snhenson snhenson commented May 2, 2017

Checklist
  • documentation is added or updated
  • tests are added or updated

This adds support for Ed25519 sign and verify including ASN.1 sign/verify

The low level code is taken from the code we initially cut out from the BoringSSL import, modified slightly to fit the current curve25519.c and to make the API a little more consistent with the X25519 version.

WIP because this uses a new technique for signing (pass the message to be signed directly to EVP_PKEY_sign) and the low level code needs some more scrutiny.

snhenson added 16 commits Apr 4, 2017
Reinstate Ed25519 algorithm to curv25519.c this is largely just a copy of
the code from BoringSSL with some adjustments so it compiles under OpenSSL.
Rename and change ED25519_keypair_from_seed to ED25519_public_from_private
to be consistent with X25519 API.

Modidy ED25519_sign to take separate public key argument instead of
requiring it to follow the private key.
Make X25519 key method more flexible by removing hard coding of NID_X25519
OID. Since the parameters and key syntax between ED25519 and X25519 are
almost identical they can share a lot of common code.
Since ED25519 doesn't use EVP_Digest* it needs custom sign/verify routines
to handle ASN.1 signatures.
Add Ed25519 certificate verify test using certificate from
draft-ietf-curdle-pkix-04 and custom generated root certificate.
@snhenson
Copy link
Contributor Author

@snhenson snhenson commented May 2, 2017

Note: I'll look into adding a message sign/verify version of this which will avoid the special cases. Updated PR coming soon...

@snhenson
Copy link
Contributor Author

@snhenson snhenson commented May 2, 2017

Note: TLS support will be a separate PR.

@snhenson
Copy link
Contributor Author

@snhenson snhenson commented May 8, 2017

Closing this for now.. will open a new PR with a different approach.

@snhenson snhenson closed this May 8, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

1 participant