-
-
Notifications
You must be signed in to change notification settings - Fork 274
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
POC: add ed25519 support based on libsodium (PC) or salty (solo). #478
Conversation
9e0c295
to
cb6d69a
Compare
Very awesome that you are working on this! I'm not too qualified to review C code myself unfortunately, I thought the trickiest bit would be handling storage / distinguishing p256 and ed255 keys? FYI, salty has a small bug which causes it to generate incorrect signatures ~1% of the time. Not security critical (some operations will just have to be repeated) but a bit annoying. Branch |
Hi @nickray,
Currently, I'm kind of working around the issue by storing the algorithm in the masked metadata portion of the credential id very much like the
Thanks for the heads up. I read about the issue and decided to go ahead anyway, as it is not API related or the like.
I will check as soon as I manage to integrate the
Let's see, maybe I should give IRC a try after so many years of abstinence ;-) |
This is needed to build upcoming support for ED25519 in the 'PC' version. Without, the CI build will failed as libsodium has not yet been integrated into the build system.
This will be used for upcoming support of ED25519 in the 'Solo' version.
cb6d69a
to
6d6aeaf
Compare
Not sure if this is the way to do it... Make salty build.
For now: - libsodium(-dev) is expected to be preinstalled on build system for PC build
0f9be18
to
fe24b9e
Compare
Finally, Travis CI passed. |
This version contains the scalar fix (see ycrypto/salty#3).
This is a kind of promise that the underlying buffers have the correct size. We know what we are doing. Hopefully ;-)
Tested with ssh-keygen/ssh on Somu Hacker and working well. |
Thanks for testing and the feedback! |
If this is merged, will this introduce ed25519 support in the next release, also on v1 keys? If so, what is needed to get this done ASAP? |
@enrikb Thank you for this contribution! And sorry for taking so long to get to it. Working on merging & testing now. Expect a new secure release soon :) |
@asnelt Thank you for testing it out! |
For now:
libsodium(-dev) is expected to be preinstalled on build system for PC
build
salty needs to be prebuilt and installed into targets/stm32l432/salty/
manually
They key type is stored in the 'masked metadata' area of the key ID.
The auth buffers have been enlarged by 32 bytes to be able to append the client hash before ED25519 signature generation instead of creating a full message copy.
I have tested this successfully using fido2-tools and ssh-keygen/ssh on both PC and Solo Hacker.
All feedback much appreciated!