Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implements DynSignatureAlgorithmIdentifier trait for ed25519 #712

Merged
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 14 additions & 0 deletions ed25519-dalek/src/signing.rs
Original file line number Diff line number Diff line change
Expand Up @@ -665,6 +665,20 @@ impl pkcs8::EncodePrivateKey for SigningKey {
}
}

#[cfg(all(feature = "alloc", feature = "pkcs8"))]
impl pkcs8::spki::DynSignatureAlgorithmIdentifier for SigningKey {
fn signature_algorithm_identifier(
&self,
) -> pkcs8::spki::Result<pkcs8::spki::AlgorithmIdentifierOwned> {
// From https://datatracker.ietf.org/doc/html/rfc8410
// `id-Ed25519 OBJECT IDENTIFIER ::= { 1 3 101 112 }`
Ok(pkcs8::spki::AlgorithmIdentifier {
oid: ed25519::pkcs8::ALGORITHM_OID,
parameters: None,
})
}
}

#[cfg(feature = "pkcs8")]
impl TryFrom<pkcs8::KeypairBytes> for SigningKey {
type Error = pkcs8::Error;
Expand Down
14 changes: 14 additions & 0 deletions ed25519-dalek/src/verifying.rs
Original file line number Diff line number Diff line change
Expand Up @@ -580,6 +580,20 @@ impl pkcs8::EncodePublicKey for VerifyingKey {
}
}

#[cfg(all(feature = "alloc", feature = "pkcs8"))]
impl pkcs8::spki::DynSignatureAlgorithmIdentifier for VerifyingKey {
fn signature_algorithm_identifier(
&self,
) -> pkcs8::spki::Result<pkcs8::spki::AlgorithmIdentifierOwned> {
// From https://datatracker.ietf.org/doc/html/rfc8410
// `id-Ed25519 OBJECT IDENTIFIER ::= { 1 3 101 112 }`
Ok(ed25519::pkcs8::spki::AlgorithmIdentifierOwned {
oid: ed25519::pkcs8::ALGORITHM_OID,
parameters: None,
})
}
}

#[cfg(feature = "pkcs8")]
impl TryFrom<pkcs8::PublicKeyBytes> for VerifyingKey {
type Error = pkcs8::spki::Error;
Expand Down
18 changes: 17 additions & 1 deletion ed25519-dalek/tests/pkcs8.rs
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,16 @@
//! RFC5958 (PKCS#8) and RFC5280 (SPKI).

#![cfg(feature = "pkcs8")]

use ed25519_dalek::pkcs8::{DecodePrivateKey, DecodePublicKey};
use ed25519_dalek::{SigningKey, VerifyingKey};
use hex_literal::hex;

#[cfg(feature = "alloc")]
use ed25519_dalek::pkcs8::{EncodePrivateKey, EncodePublicKey};

#[cfg(all(feature = "alloc", feature = "pkcs8"))]
use ed25519_dalek::pkcs8::spki::DynSignatureAlgorithmIdentifier;

/// Ed25519 PKCS#8 v1 private key encoded as ASN.1 DER.
const PKCS8_V1_DER: &[u8] = include_bytes!("examples/pkcs8-v1.der");

Expand Down Expand Up @@ -69,3 +71,17 @@ fn encode_verifying_key() {
let verifying_key2 = VerifyingKey::from_public_key_der(verifying_key_der.as_bytes()).unwrap();
assert_eq!(verifying_key, verifying_key2);
}

#[test]
#[cfg(feature = "alloc")]
fn get_algo_identifier() {
let verifying_key = VerifyingKey::from_public_key_der(PUBLIC_KEY_DER).unwrap();
let identifier = verifying_key.signature_algorithm_identifier().unwrap();
assert!(identifier.parameters.is_none()); // According to rfc8410 this must be None
assert_eq!(identifier.oid, ed25519::pkcs8::ALGORITHM_OID);

let signing_key = SigningKey::from_bytes(&SK_BYTES);
let identifer = signing_key.signature_algorithm_identifier().unwrap();
assert!(identifer.parameters.is_none()); // According to rfc8410 this must be None
assert_eq!(identifer.oid, ed25519::pkcs8::ALGORITHM_OID);
}
Loading