security: Add ed25519 signer #92
Conversation
|
Validator is already there ndnd/std/security/known-key-validator.go Lines 72 to 80 in be1788d Don't have a unit test for now (WIP), but it should work. |
There was a problem hiding this comment.
Need test cases:
- Sign then verify.
- Import the public key from a self-signed Ed25519 certificate and verify the certificate packet. The sample certificate is linked from Ed25519 signature type #91 (comment)
|
I have not finished addressing Junxiao's comments but thank Varun for reviewing. |
| @@ -9,38 +9,17 @@ import ( | |||
| enc "github.com/named-data/ndnd/std/encoding" | |||
| basic_engine "github.com/named-data/ndnd/std/engine/basic" | |||
| "github.com/named-data/ndnd/std/ndn" | |||
| "github.com/named-data/ndnd/std/utils" | |||
| ) | |||
|
|
|||
| // eccSigner is a signer that uses ECC key to sign packets. | |||
| type eccSigner struct { | |||
There was a problem hiding this comment.
nitpicking on the naming: "ECC" is a very broad category of cryptography but this code is specifically for ECDSA. Saying "ecc signing" or "ecc key" is fairly meaningless (what algorithm?). Moreover, EdDSA also uses elliptic curves (twisted Edwards curves), so this naming could be confusing. The comment above is also meaningless for similar reasons.
| ) | ||
|
|
||
| // edSigner is a signer that uses Ed25519 key to sign packets. | ||
| type edSigner struct { |
There was a problem hiding this comment.
also nitpicking but much less important than the previous comment: EdDSA can be instantiated with different curves and hash algorithms. Ed25519 is just one instance (arguably the most common one) but the name edSigner could potentially indicate that this is for EdDSA generically. Thankfully, the comment is clear that it's for Ed25519, so this is not too important at the end of the day. It could become awkward when/if we introduce the Ed448 signature type.
Fix: #91