Implement RFC8410: Algorithm Identifiers for Ed25519, Ed448, X25519, and X448 for Use in the Internet X.509 Public Key Infrastructure

dalek-cryptography / curve25519-dalek

A pure-Rust implementation of group operations on Ristretto and Curve25519

Other

897 stars 463 forks source link

Implement RFC8410: Algorithm Identifiers for Ed25519, Ed448, X25519, and X448 for Use in the Internet X.509 Public Key Infrastructure #707

Open stevefan1999-personal opened 1 month ago

stevefan1999-personal commented 1 month ago

https://datatracker.ietf.org/doc/html/rfc8410

We can workaround this by using a wrapper that implements https://docs.rs/spki/latest/spki/trait.DynSignatureAlgorithmIdentifier.html...

juliusl commented 1 month ago

I submitted a PR for ed25519-dalek;

However, one thing I noticed though is that after implementing DynSignatureAlgorithmIdentifier x509-cert still needs ed25519::Signature to implement SignatureBitStringEncoding in order to build certificates with SigningKey/VerifyingKey. I worked around this in my PR but I'm not sure if it's better to fix ed25519 first or to just fix the issue in this crate.

juliusl commented 1 month ago

Realized that the x509 should've probably been a separate issue so I removed it from the PR