Adding ECDSA support to COSE-JAVA

[vikram919]

As per RFC 8152, https://tools.ietf.org/html/rfc8152#section-8.2 COSE should support ed25519 signing, I would like to know why this option is not present in current version of COSE-JAVA and Can we plan in adding ECDSA support to COSE-JAVA? Thank you!

[jimsch]

While I would love to add Ed25519 to the library, having just made the commitment to use the Java Cryptographic subsystem for things, doing so would require us to go back and make the code more complicated. As soon as I find out that there is a Java Crypto Subsystem which supports Ed25519 I will be adding it.

Some of the issues that need to be addressed are things like - what does the public key return in terms of a public key value as returning an ECPoint is not really the correct answer. I don't know when, or if, the Java people are working to get this done.

[vikram919]

@jimsch Thanks for the response, Well for now can we make use of https://github.com/str4d/ed25519-java implementation to support EDDSA for cose in key generation and returning as ECPoint?

[jimsch]

Turns out that str4d is not correctly implemented so this is blocked again

[vikram919]

Turns out that str4d is not correctly implemented so this is blocked again

Can I know at which point it is blocked?

In mean time, I tried to extract PrivateKey from OneKey class using below code,

    byte[] pkcs8 = val.GetByteString();
    net.i2p.crypto.eddsa.KeyFactory fact = new net.i2p.crypto.eddsa.KeyFactory();
    KeySpec keyspec = new PKCS8EncodedKeySpec(pkcs8);
    privateKey = fact.engineGeneratePrivate(keyspec);

For making above code run, I changed protected method of class KeyFactory in str4d. https://github.com/vikram919/ed25519-java/blob/master/src/net/i2p/crypto/eddsa/KeyFactory.java

for computing signature in SignCommon class: str4d has EdDSAEngine to sign and verify

if (alg.equals(AlgorithmID.ECDSA)) {
            PrivateKey priv = cnKey.AsPrivateKey();
            EdDSAEngine signer = new EdDSAEngine();
            signer.initSign(priv);
            signer.update(rgbToBeSigned);
            return signer.sign();
        }

I know, It is a mess but I will let you know Once am done with testing. currently am a Master student doing some tests on ephemeral diffie hellmann over cose to derive shared secret based on OSCORE profile

[jimsch]

THey did not implement the PKCS8 private key structure correctly. I have opened an issue for that. I have pushed an EdDSA branch w/o key generation on the EdDSA branch of my copy of the repository.

[jimsch]

I messed up - they did do it correctly. The branch should now work.

[jimsch]

In version 0.9.8 - requires installing the dependent JAR.