Ed448 support for GnuPG
Needs ReviewPublic

Authored by gniibe on Jun 16 2020, 9:30 AM.
This revision needs review, but there are no reviewers specified.

Details

Reviewers
None
Summary

Adding support of Ed448 with no-prefix encoding of point representation and fixed little endian for scalar.

Test Plan

Add test cases and make check.

Diff Detail

Repository
rG GnuPG
Lint
Lint Skipped
Unit
Unit Tests Skipped
gniibe created this revision.Jun 16 2020, 9:30 AM

The changes just follow the existing practice of Ed25519, which does:

(1) Has (flags eddsa) in key in SEXP.
(2) Has (flags eddsa) and (hash-algo shake256) in data to be signed in SEXP.
(3) Has (flags eddsa) and (hash-algo shake256) in data to be verified in SEXP.
(4) Uses SHA256 for hashing of OpenPGP data

It is possible for libgcrypt to allow no flags of eddsa and no specified hash-algo, defaults to eddsa and shake256 when Ed448 is using.
It will be cleaner, but if we want to use no flags and no hash-algo for Ed448 (to be minimum), we need to change our patch of this.

(1) Has no (flags eddsa) in key in SEXP.
(2) Has no (flags eddsa) and no (hash-algo shake256) in data to be signed in SEXP.
(3) Has no (flags eddsa) and no (hash-algo shake256) in data to be verified in SEXP.
(4) Uses SHA256 for hashing of OpenPGP data

gniibe updated this revision to Diff 1434.Jun 23 2020, 3:56 AM

Update to [rGc94eea15d}.
Hash defaults to SHA512.

cepxuo added a subscriber: cepxuo.