Add Ed25519 keys and EdDSA signatures

2025-10-19 07:53:49 +00:00 · 2022-04-15 00:15:48 +02:00 · 2022-04-15 00:15:48 +02:00 · 764c1e81b9
commit 764c1e81b9
parent db731bb3a7
73 changed files with 6840 additions and 629 deletions
--- a/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519.txt
+++ b/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519.txt
@ -0,0 +1,12 @@
+-----BEGIN PRIVATE KEY-----
+MC4CAQAwBQYDK2VwBCIEIAX0BvLDTI71TpzUoZ+rzXFdgm0WVN+ndcu2UuG4lz47
+-----END PRIVATE KEY-----
+ED25519 Private-Key:
+priv:
+    05:f4:06:f2:c3:4c:8e:f5:4e:9c:d4:a1:9f:ab:cd:
+    71:5d:82:6d:16:54:df:a7:75:cb:b6:52:e1:b8:97:
+    3e:3b
+pub:
+    bc:85:b8:cf:58:5d:20:a4:de:47:e8:4d:1c:b6:18:
+    3f:63:d9:ba:96:22:3f:cb:c8:86:e3:63:ff:de:a2:
+    0c:ff
--- a/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_private.der
+++ b/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_private.der
--- a/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_private.pem
+++ b/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_private.pem
@ -0,0 +1,3 @@
+-----BEGIN PRIVATE KEY-----
+MC4CAQAwBQYDK2VwBCIEIAX0BvLDTI71TpzUoZ+rzXFdgm0WVN+ndcu2UuG4lz47
+-----END PRIVATE KEY-----
--- a/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_private_enc_aes128.pem
+++ b/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_private_enc_aes128.pem
@ -0,0 +1,6 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIGbMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAiwCrCpOhjU8wICCAAw
+DAYIKoZIhvcNAgkFADAdBglghkgBZQMEAQIEEOk0cNotyf4edYcdUnl6GNAEQFEf
+NUiZ3jfT8HYD0FqIjwZ9UL5T5rUmM34LCqipAuSPu+f23i2OuFlWIvfXtF4Qy79v
+ysv4OQa6DTDGopAHaL4=
+-----END ENCRYPTED PRIVATE KEY-----
--- a/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_private_enc_aes192.pem
+++ b/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_private_enc_aes192.pem
@ -0,0 +1,6 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIGbMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAiX7Eh6OAEHXAICCAAw
+DAYIKoZIhvcNAgkFADAdBglghkgBZQMEARYEEJpUDxSZpCzf7OI60qPsYU0EQG0u
+aMz2AkSXtRU3+ATTEDtb4slSdtivYBkUCfcAw8/d0PZN56wjPStu585VgRTlGTXW
+Ty3Qe6eABSTTtEfBAhU=
+-----END ENCRYPTED PRIVATE KEY-----
--- a/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_private_enc_aes256.pem
+++ b/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_private_enc_aes256.pem
@ -0,0 +1,6 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIGbMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAh8KD2HGLrgSAICCAAw
+DAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEENKrZJ2LKxhTgbSfXCWBKuMEQFiS
+O8+y8UlvtuAAHhDd0TBu7sGVG2M4tzpvhnMV82QXfCRDkJAUqQNtXQBLWjdO44Ui
+EaYvk2g9GUDQVDfx25E=
+-----END ENCRYPTED PRIVATE KEY-----
--- a/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_private_enc_des3.pem
+++ b/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_private_enc_des3.pem
@ -0,0 +1,5 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIGKME4GCSqGSIb3DQEFDTBBMCkGCSqGSIb3DQEFDDAcBAjS0vLA/pEM8AICCAAw
+DAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQIdHVzfnJXMDwEOFN1knabShDOAvnI
+M8NhzBnlqPf0YK3HeJ4JZY0jAfLBGyKafLPA94+KbGBGRLB+bFIrVRpBrkN4
+-----END ENCRYPTED PRIVATE KEY-----
--- a/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_private_openssh.pem
+++ b/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_private_openssh.pem
@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACB5VzUBr/gix80anEf1muNYHTnCByK7eInlDM5QrqilUAAAAIiXPO6Alzzu
+gAAAAAtzc2gtZWQyNTUxOQAAACB5VzUBr/gix80anEf1muNYHTnCByK7eInlDM5QrqilUA
+AAAEBjRlj3swElydFqbfy2FD2dgmwGMDLyhkPJ6HesGcJC4XlXNQGv+CLHzRqcR/Wa41gd
+OcIHIrt4ieUMzlCuqKVQAAAABHRlc3QB
+-----END OPENSSH PRIVATE KEY-----
--- a/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_private_openssh_pwd.pem
+++ b/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_private_openssh_pwd.pem
@ -0,0 +1,8 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABDjWCfp8z
+xIlHc7MwYdCIthAAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAICHNC69L0IPdGK1V
+hVBpRNoxcBOoDKZpGZ98pFEBo1wNAAAAkKTQjCRhdNO9Zv027lR5uG3cGePQK+98oRA6Wy
+wcrAmwahxGoBo8y49yPMCIt0e9KmDY7+Utw0FBfdldKuYzRV732kd7bQgr0z13sc+70oix
+rT8S6ufYMZHyT5sRvjaM8jlM6nuyBix4xLc7pjyNqojZfLnoELNWQ9hrN6DK8C4yQ2rUwU
+UtOxazNEKJBnmLqg==
+-----END OPENSSH PRIVATE KEY-----
--- a/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_private_p8.der
+++ b/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_private_p8.der
--- a/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_private_p8.pem
+++ b/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_private_p8.pem
@ -0,0 +1,6 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIGbMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAh2gZRW4+DZnQICCAAw
+DAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEENs1bbPFWltnsWl6mwI1bf8EQH0K
+0QOWF+Y2c24tojkepMuuKq3JRht2vCY/bxaJO74lk0p0DLsa8kIxUfd6oDA0+Mf2
+K8LxR/qXZCIMRYzRyjA=
+-----END ENCRYPTED PRIVATE KEY-----
--- a/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_public.der
+++ b/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_public.der
--- a/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_public.pem
+++ b/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_public.pem
@ -0,0 +1,3 @@
+-----BEGIN PUBLIC KEY-----
+MCowBQYDK2VwAyEAvIW4z1hdIKTeR+hNHLYYP2PZupYiP8vIhuNj/96iDP8=
+-----END PUBLIC KEY-----
--- a/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_public_openssh.txt
+++ b/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_public_openssh.txt
@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHlXNQGv+CLHzRqcR/Wa41gdOcIHIrt4ieUMzlCuqKVQ test
--- a/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_x509.der
+++ b/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_x509.der
--- a/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_x509.pem
+++ b/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/ecc_ed25519_x509.pem
@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBWzCCAQ2gAwIBAgIUCvoAagsRlhJ+PYMH2nrNafycn1UwBQYDK2VwMCMxCzAJ
+BgNVBAYTAkdCMRQwEgYDVQQDDAtleGFtcGxlLmNvbTAeFw0yMjA1MDcxODMxMzFa
+Fw0yMzA1MDcxODMxMzFaMCMxCzAJBgNVBAYTAkdCMRQwEgYDVQQDDAtleGFtcGxl
+LmNvbTAqMAUGAytlcAMhALyFuM9YXSCk3kfoTRy2GD9j2bqWIj/LyIbjY//eogz/
+o1MwUTAdBgNVHQ4EFgQU8Yevx2AVIt0UoJy8mJSdH7lBHF0wHwYDVR0jBBgwFoAU
+8Yevx2AVIt0UoJy8mJSdH7lBHF0wDwYDVR0TAQH/BAUwAwEB/zAFBgMrZXADQQB/
+vYInhoHQyJYoNuPWHQt0AkZwHTZNNFBSz/+Vty2SfkTZgsyKtqNdeVlc1VfVDjU7
+Sa3zerNfRQGz/qMLtKkP
+-----END CERTIFICATE-----
--- a/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/gen_ed22519.sh
+++ b/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/gen_ed22519.sh
@ -0,0 +1,39 @@
+#!/bin/sh
+
+# Note that openssl's ec command does not support ed25519; you must use the (gen)pkey command
+
+set -e
+set -x
+
+openssl version | tee openssl_version_ed25519.txt
+
+# Private key (PKCS#8)
+openssl genpkey -algorithm ed25519 -outform PEM -out ecc_ed25519_private.pem
+openssl pkey -inform PEM -in ecc_ed25519_private.pem -outform DER -out ecc_ed25519_private.der
+openssl pkey -in ecc_ed25519_private.pem -text -out ecc_ed25519.txt
+
+# Encrypted private key
+# Traditional format (PEM enveloped) is unsupported for ed25519, so we only use encrypted PKCS#8
+openssl pkcs8 -in ecc_ed25519_private.der -inform DER -passout 'pass:secret' -out ecc_ed25519_private_p8.der -outform DER -topk8
+openssl pkcs8 -in ecc_ed25519_private.der -inform DER -passout 'pass:secret' -out ecc_ed25519_private_p8.pem -outform PEM -topk8
+openssl pkey -in ecc_ed25519_private.pem -des3 -out ecc_ed25519_private_enc_des3.pem -passout 'pass:secret' -outform PEM
+openssl pkey -in ecc_ed25519_private.pem -aes128 -out ecc_ed25519_private_enc_aes128.pem -passout 'pass:secret' -outform PEM
+openssl pkey -in ecc_ed25519_private.pem -aes192 -out ecc_ed25519_private_enc_aes192.pem -passout 'pass:secret' -outform PEM
+openssl pkey -in ecc_ed25519_private.pem -aes256 -out ecc_ed25519_private_enc_aes256.pem -passout 'pass:secret' -outform PEM
+# GCM is not supported by openssl in this case...
+#openssl pkey -in ecc_ed25519_private.pem -aes-256-gcm -out ecc_ed25519_private_enc_aes256_gcm.pem -passout 'pass:secret' -outform PEM
+
+# Public key
+openssl pkey -in ecc_ed25519_private.pem -pubout -out ecc_ed25519_public.pem
+openssl pkey -pubin -in ecc_ed25519_public.pem -outform DER -out ecc_ed25519_public.der
+
+# X.509 cert
+openssl req -new -key ecc_ed25519_private.pem -days 365 -x509 -out ecc_ed25519_x509.pem -subj '/C=GB/CN=example.com'
+openssl x509 -in ecc_ed25519_x509.pem -out ecc_ed25519_x509.der -outform DER
+
+# OpenSSH - also the .pem.pub files are created
+# Unfortunately, it does not seem possible to reuse ecc_ed25519_private.pem, we need to regenerate
+ssh-keygen -t ed25519 -f ecc_ed25519_private_openssh.pem -P "" -C test
+mv ecc_ed25519_private_openssh.pem.pub ecc_ed25519_public_openssh.txt
+ssh-keygen -t ed25519 -f ecc_ed25519_private_openssh_pwd.pem -P "password" -C test
+rm ecc_ed25519_private_openssh_pwd.pem.pub
--- a/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/openssl_version_ed25519.txt
+++ b/test_vectors/pycryptodome_test_vectors/PublicKey/ECC/openssl_version_ed25519.txt
@ -0,0 +1 @@
+OpenSSL 1.1.1n  FIPS 15 Mar 2022
--- a/test_vectors/pycryptodome_test_vectors/Signature/wycheproof/eddsa_test.json
+++ b/test_vectors/pycryptodome_test_vectors/Signature/wycheproof/eddsa_test.json
--- a/test_vectors/pycryptodome_test_vectors/init.py
+++ b/test_vectors/pycryptodome_test_vectors/init.py
@ -1 +1 @@
-__version__ = "1.0.7"
+__version__ = "1.0.8"
				`@ -0,0 +1 @@`
				`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHlXNQGv+CLHzRqcR/Wa41gdOcIHIrt4ieUMzlCuqKVQ test`