Skip to content

Support Ed25519 signing OCSP #323

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
+191 −132
Open

Support Ed25519 signing OCSP #323

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
f46d230
ocsp: support ed25519 signing
dixyes Sep 9, 2025
1acc324
ocsp: add ECDSA and Ed25519 ocsp signing tests
dixyes Sep 9, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 16 additions & 4 deletions ocsp/ocsp.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ package ocsp
import (
"crypto"
"crypto/ecdsa"
"crypto/ed25519"
"crypto/elliptic"
"crypto/rand"
"crypto/rsa"
Expand Down Expand Up @@ -151,6 +152,7 @@ var (
oidSignatureECDSAWithSHA256 = asn1.ObjectIdentifier{1, 2, 840, 10045, 4, 3, 2}
oidSignatureECDSAWithSHA384 = asn1.ObjectIdentifier{1, 2, 840, 10045, 4, 3, 3}
oidSignatureECDSAWithSHA512 = asn1.ObjectIdentifier{1, 2, 840, 10045, 4, 3, 4}
oidSignatureEd25519 = asn1.ObjectIdentifier{1, 3, 101, 112}
)

var hashOIDs = map[crypto.Hash]asn1.ObjectIdentifier{
Expand Down Expand Up @@ -179,6 +181,7 @@ var signatureAlgorithmDetails = []struct {
{x509.ECDSAWithSHA256, oidSignatureECDSAWithSHA256, x509.ECDSA, crypto.SHA256},
{x509.ECDSAWithSHA384, oidSignatureECDSAWithSHA384, x509.ECDSA, crypto.SHA384},
{x509.ECDSAWithSHA512, oidSignatureECDSAWithSHA512, x509.ECDSA, crypto.SHA512},
{x509.PureEd25519, oidSignatureEd25519, x509.Ed25519, crypto.Hash(0) /* no pre-hashing */},
}

// TODO(rlb): This is also from crypto/x509, so same comment as AGL's below
Expand Down Expand Up @@ -211,8 +214,13 @@ func signingParamsForPublicKey(pub interface{}, requestedSigAlgo x509.SignatureA
err = errors.New("x509: unknown elliptic curve")
}

case ed25519.PublicKey:
pubType = x509.Ed25519
hashFunc = crypto.Hash(0)
sigAlgo.Algorithm = oidSignatureEd25519

default:
err = errors.New("x509: only RSA and ECDSA keys supported")
err = errors.New("x509: only RSA, ECDSA and Ed25519 keys supported")
}

if err != nil {
Expand Down Expand Up @@ -753,14 +761,18 @@ func CreateResponse(issuer, responderCert *x509.Certificate, template Response,
return nil, err
}

signed := tbsResponseDataDER
hashFunc, signatureAlgorithm, err := signingParamsForPublicKey(priv.Public(), template.SignatureAlgorithm)
if err != nil {
return nil, err
}
if hashFunc != 0 {
responseHash := hashFunc.New()
responseHash.Write(tbsResponseDataDER)
signed = responseHash.Sum(nil)
}

responseHash := hashFunc.New()
responseHash.Write(tbsResponseDataDER)
signature, err := priv.Sign(rand.Reader, responseHash.Sum(nil), hashFunc)
signature, err := priv.Sign(rand.Reader, signed, hashFunc)
if err != nil {
return nil, err
}
Expand Down
Loading