Skip to content

Commit

Permalink
Implement DynSignatureAlgorithmIdentifier trait for ed25519 (#712)
Browse files Browse the repository at this point in the history
  • Loading branch information
juliusl authored Oct 8, 2024
1 parent cbf794d commit 43a16f0
Show file tree
Hide file tree
Showing 3 changed files with 45 additions and 1 deletion.
14 changes: 14 additions & 0 deletions ed25519-dalek/src/signing.rs
Original file line number Diff line number Diff line change
Expand Up @@ -665,6 +665,20 @@ impl pkcs8::EncodePrivateKey for SigningKey {
}
}

#[cfg(all(feature = "alloc", feature = "pkcs8"))]
impl pkcs8::spki::DynSignatureAlgorithmIdentifier for SigningKey {
fn signature_algorithm_identifier(
&self,
) -> pkcs8::spki::Result<pkcs8::spki::AlgorithmIdentifierOwned> {
// From https://datatracker.ietf.org/doc/html/rfc8410
// `id-Ed25519 OBJECT IDENTIFIER ::= { 1 3 101 112 }`
Ok(pkcs8::spki::AlgorithmIdentifier {
oid: ed25519::pkcs8::ALGORITHM_OID,
parameters: None,
})
}
}

#[cfg(feature = "pkcs8")]
impl TryFrom<pkcs8::KeypairBytes> for SigningKey {
type Error = pkcs8::Error;
Expand Down
14 changes: 14 additions & 0 deletions ed25519-dalek/src/verifying.rs
Original file line number Diff line number Diff line change
Expand Up @@ -580,6 +580,20 @@ impl pkcs8::EncodePublicKey for VerifyingKey {
}
}

#[cfg(all(feature = "alloc", feature = "pkcs8"))]
impl pkcs8::spki::DynSignatureAlgorithmIdentifier for VerifyingKey {
fn signature_algorithm_identifier(
&self,
) -> pkcs8::spki::Result<pkcs8::spki::AlgorithmIdentifierOwned> {
// From https://datatracker.ietf.org/doc/html/rfc8410
// `id-Ed25519 OBJECT IDENTIFIER ::= { 1 3 101 112 }`
Ok(ed25519::pkcs8::spki::AlgorithmIdentifierOwned {
oid: ed25519::pkcs8::ALGORITHM_OID,
parameters: None,
})
}
}

#[cfg(feature = "pkcs8")]
impl TryFrom<pkcs8::PublicKeyBytes> for VerifyingKey {
type Error = pkcs8::spki::Error;
Expand Down
18 changes: 17 additions & 1 deletion ed25519-dalek/tests/pkcs8.rs
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,16 @@
//! RFC5958 (PKCS#8) and RFC5280 (SPKI).

#![cfg(feature = "pkcs8")]

use ed25519_dalek::pkcs8::{DecodePrivateKey, DecodePublicKey};
use ed25519_dalek::{SigningKey, VerifyingKey};
use hex_literal::hex;

#[cfg(feature = "alloc")]
use ed25519_dalek::pkcs8::{EncodePrivateKey, EncodePublicKey};

#[cfg(all(feature = "alloc", feature = "pkcs8"))]
use ed25519_dalek::pkcs8::spki::DynSignatureAlgorithmIdentifier;

/// Ed25519 PKCS#8 v1 private key encoded as ASN.1 DER.
const PKCS8_V1_DER: &[u8] = include_bytes!("examples/pkcs8-v1.der");

Expand Down Expand Up @@ -69,3 +71,17 @@ fn encode_verifying_key() {
let verifying_key2 = VerifyingKey::from_public_key_der(verifying_key_der.as_bytes()).unwrap();
assert_eq!(verifying_key, verifying_key2);
}

#[test]
#[cfg(feature = "alloc")]
fn get_algo_identifier() {
let verifying_key = VerifyingKey::from_public_key_der(PUBLIC_KEY_DER).unwrap();
let identifier = verifying_key.signature_algorithm_identifier().unwrap();
assert!(identifier.parameters.is_none()); // According to rfc8410 this must be None
assert_eq!(identifier.oid, ed25519::pkcs8::ALGORITHM_OID);

let signing_key = SigningKey::from_bytes(&SK_BYTES);
let identifer = signing_key.signature_algorithm_identifier().unwrap();
assert!(identifer.parameters.is_none()); // According to rfc8410 this must be None
assert_eq!(identifer.oid, ed25519::pkcs8::ALGORITHM_OID);
}

0 comments on commit 43a16f0

Please sign in to comment.