Ed25519 and X.509

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Ed25519 and X.509

Felipe Gasper-2
Hi all,

        Are there yet OIDs for Ed25519-signed X.509? I know about the drafts for the key format but am not aware of actual OIDs to identify the signature hash algorithm.

        Thank you!

-F
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Ed25519 and X.509

Matt Caswell-2


On 28/07/18 03:49, Felipe Gasper wrote:
> Hi all,
>
> Are there yet OIDs for Ed25519-signed X.509? I know about the drafts for the key format but am not aware of actual OIDs to identify the signature hash algorithm.
>
> Thank you!
>

See:

https://tools.ietf.org/html/draft-ietf-curdle-pkix-10

Matt

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Ed25519 and X.509

Felipe Gasper-2
I knew about this one. I see OIDs here for the key algorithm, but not the signature/hash algorithm .. ? I’m looking for the OID that precedes the signature in an X.509 structure.

Thank you!

-FG

> On Jul 28, 2018, at 7:10 AM, Matt Caswell <[hidden email]> wrote:
>
>
>
>> On 28/07/18 03:49, Felipe Gasper wrote:
>> Hi all,
>>
>>    Are there yet OIDs for Ed25519-signed X.509? I know about the drafts for the key format but am not aware of actual OIDs to identify the signature hash algorithm.
>>
>>    Thank you!
>>
>
> See:
>
> https://tools.ietf.org/html/draft-ietf-curdle-pkix-10
>
> Matt
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Ed25519 and X.509

Matt Caswell-2


On 28/07/18 12:23, Felipe Gasper wrote:
> I knew about this one. I see OIDs here for the key algorithm, but not the signature/hash algorithm .. ? I’m looking for the OID that precedes the signature in an X.509 structure.

There is an example of a certificate signed with Ed25519 in that
document. As noted in the text:

  "The same algorithm identifiers are used for identifying a public key,
   identifying a private key and identifying a signature (for the two
   EdDSA related OIDs). "

Note, these OIDS are for EdDSA in pure mode so there is no hash, and
hence no need for a separate OID for the sig/hash pair.

Matt


>
> Thank you!
>
> -FG
>
>> On Jul 28, 2018, at 7:10 AM, Matt Caswell <[hidden email]> wrote:
>>
>>
>>
>>> On 28/07/18 03:49, Felipe Gasper wrote:
>>> Hi all,
>>>
>>>    Are there yet OIDs for Ed25519-signed X.509? I know about the drafts for the key format but am not aware of actual OIDs to identify the signature hash algorithm.
>>>
>>>    Thank you!
>>>
>>
>> See:
>>
>> https://tools.ietf.org/html/draft-ietf-curdle-pkix-10
>>
>> Matt
>>
>> --
>> openssl-users mailing list
>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Ed25519 and X.509

Felipe Gasper-2
Ah ok. Thank you for clarifying!

-FG

> On Jul 28, 2018, at 7:42 AM, Matt Caswell <[hidden email]> wrote:
>
>
>
>> On 28/07/18 12:23, Felipe Gasper wrote:
>> I knew about this one. I see OIDs here for the key algorithm, but not the signature/hash algorithm .. ? I’m looking for the OID that precedes the signature in an X.509 structure.
>
> There is an example of a certificate signed with Ed25519 in that
> document. As noted in the text:
>
>  "The same algorithm identifiers are used for identifying a public key,
>   identifying a private key and identifying a signature (for the two
>   EdDSA related OIDs). "
>
> Note, these OIDS are for EdDSA in pure mode so there is no hash, and
> hence no need for a separate OID for the sig/hash pair.
>
> Matt
>
>
>>
>> Thank you!
>>
>> -FG
>>
>>> On Jul 28, 2018, at 7:10 AM, Matt Caswell <[hidden email]> wrote:
>>>
>>>
>>>
>>>> On 28/07/18 03:49, Felipe Gasper wrote:
>>>> Hi all,
>>>>
>>>>   Are there yet OIDs for Ed25519-signed X.509? I know about the drafts for the key format but am not aware of actual OIDs to identify the signature hash algorithm.
>>>>
>>>>   Thank you!
>>>>
>>>
>>> See:
>>>
>>> https://tools.ietf.org/html/draft-ietf-curdle-pkix-10
>>>
>>> Matt
>>>
>>> --
>>> openssl-users mailing list
>>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users