Open johughes99 opened 3 years ago
We haven't quite move to 3.0 header files yet, and Ed25519-variant support is somewhat experimental (not all functionality is implemented)
Understand. I just thought I would raise awareness.
Also, as far as I can tell openssl does not support ed25519ctx or ed25519ph.
From: Roland van Rijswijk @.> Sent: 18 March 2021 08:57 To: opendnssec/SoftHSMv2 @.> Cc: johughes99 @.>; Author @.> Subject: Re: [opendnssec/SoftHSMv2] Ed25519ctx and Ed25519ph (#619)
We haven't quite move to 3.0 header files yet, and Ed25519-variant support is somewhat experimental (not all functionality is implemented)
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/opendnssec/SoftHSMv2/issues/619#issuecomment-801748936 , or unsubscribe https://github.com/notifications/unsubscribe-auth/AI6R5DI57DQKSNCSTKIAWILTEG57DANCNFSM4ZKRH4GQ . https://github.com/notifications/beacon/AI6R5DL7H74F5SWKXPKA6ALTEG57DA5CNFSM4ZKRH4G2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOF7E3PSA.gif
Just doing some testing with the new 3.0 Edwards function calls. Key gen signing and verification seem fine (as expected)
However , I thought I would also try the Ed25519ctx and Ed25519ph variations. It would appear that SoftHSMv2 do not supported these - or to put it more accurately it does not look for existence of the CK_EDDSA_PARAMS mechanism parameter. In fact the definition of CK_EDDSA_PARAMS is not in any of the header files.
I really don't have a feel how well supported Ed25519ctx and Ed25519ph are - but I would have thought SoftHSMv2 should report some sort of not supported error if the someone tries to use this parameter - just to avoid confusion.