Closed NewRedsquare closed 5 years ago
What do you want ed25519 for? U2F spec and all implementations require p-256 for signature. If you implement other curve/signing algorithm, you won't be able to use it with any existing u2f implementation.
Thank you for answering me fast, I meant for more safety (suspect a backdoor on nist p-256), but if you say it's a standard , i'll keep it. Last question , how do i wire button on st dongle ?
U2F standard does not give an option to choose the signature algorithm. Newer FIDO2 allows 2048-bit RSA with SHA-256 in addition to ECDSA over P-256 with SHA-256. But FIDO2 is out of scope of this project.
I try to figure out how to get the token with something else than NIST P-256, which can be considered as unsafe. I already tried with ed25519 , but it blocks with inject_key.py . Does someone have an idea ?