curve25519-dalek icon indicating copy to clipboard operation
curve25519-dalek copied to clipboard
verified publisher icon dalek-cryptography

Implement RFC8410: Algorithm Identifiers for Ed25519, Ed448, X25519, and X448 for Use in the Internet X.509 Public Key Infrastructure

Open stevefan1999-personal opened this issue 1 year ago • 3 comments

https://datatracker.ietf.org/doc/html/rfc8410

We can workaround this by using a wrapper that implements https://docs.rs/spki/latest/spki/trait.DynSignatureAlgorithmIdentifier.html...

stevefan1999-personal avatar Sep 25 '24 12:09 stevefan1999-personal

I submitted a PR for ed25519-dalek;

However, one thing I noticed though is that after implementing DynSignatureAlgorithmIdentifier x509-cert still needs ed25519::Signature to implement SignatureBitStringEncoding in order to build certificates with SigningKey/VerifyingKey. I worked around this in my PR but I'm not sure if it's better to fix ed25519 first or to just fix the issue in this crate.

juliusl avatar Oct 03 '24 01:10 juliusl

Realized that the x509 should've probably been a separate issue so I removed it from the PR

juliusl avatar Oct 03 '24 19:10 juliusl

I worked around this in my PR but I'm not sure if it's better to fix ed25519 first or to just fix the issue in this crate.

@juliusl if you can add support in the ed25519 crate that would be great. I will try to open a tracking issue for that.

Edit: opened an upstream issue: https://github.com/RustCrypto/signatures/issues/888

tarcieri avatar Jan 22 '25 17:01 tarcieri