-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support Ed25519 #114
Support Ed25519 #114
Conversation
02f693d
to
b56a21f
Compare
Co-authored-by: Davis Goodin <[email protected]>
Co-authored-by: Davis Goodin <[email protected]>
@ueno @derekparker PTAL |
@derekparker @ueno I'll be taking a long leave soon and I'll like to have this PR as ready as possible to be merged. Could you take a look? Thanks! |
ed25519.go
Outdated
} | ||
|
||
// SignEd25519 signs the message with priv and returns a signature. | ||
func SignEd25519(priv, message []byte) (sig []byte, err error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unlike ECDSA, this API takes a private key as bytes and internally reconstructs the corresponding EVP_PKEY, which I suspect would prevent using non-extractable keys such as ones on PKCS#11. Why not defining a dedicated key type around EVP_PKEY, like PrivateKeyECDSA?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point. I've updated the implementation to use PrivateKeyEd25519
and PublicKeyEd25519
instead of raw byte slices.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me; thank you for the update!
This PR adds support for Ed25519.
OpenSSL still doesn't support Ed25519ctx nor Ed25519ph, so these are not added.
New APIs: