Add Curve25519 support (#577)

Supported in PIV applet since firmware 5.7.X
This commit is contained in:
Andrew Lubawy
2026-02-18 16:27:43 -08:00
committed by GitHub
parent c96b50bcec
commit 872ba35f54
6 changed files with 252 additions and 12 deletions
+17 -1
View File
@@ -278,7 +278,7 @@ pub mod yubikey_signer {
oid::db::rfc5912,
Encode, Sequence,
};
use sha2::{Digest, Sha256, Sha384};
use sha2::{Digest, Sha256, Sha384, Sha512};
use signature::Keypair;
use std::{cell::RefCell, fmt, io::Write, marker::PhantomData};
use x509_cert::spki::{
@@ -313,6 +313,22 @@ pub mod yubikey_signer {
fn read_signature(input: &[u8]) -> SigResult<Self::Signature>;
}
impl KeyType for ed25519_dalek::SigningKey {
const ALGORITHM: AlgorithmId = AlgorithmId::Ed25519;
type Error = ed25519_dalek::SignatureError;
type Signature = ed25519_dalek::Signature;
type VerifyingKey = ed25519_dalek::VerifyingKey;
type PublicKey = ed25519_dalek::VerifyingKey;
fn prepare(input: &[u8]) -> SigResult<Vec<u8>> {
Ok(Sha512::digest(input).to_vec())
}
fn read_signature(input: &[u8]) -> SigResult<Self::Signature> {
Self::Signature::try_from(input)
}
}
impl KeyType for p256::NistP256 {
const ALGORITHM: AlgorithmId = AlgorithmId::EccP256;
type Error = ecdsa::Error;