Skip to content

Add Ed25519 support #91

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mkj merged 3 commits into from
Mar 11, 2020
Merged

Add Ed25519 support #91

mkj merged 3 commits into from
Mar 11, 2020

Conversation

@themiron
Copy link
Contributor

@themiron themiron commented Mar 5, 2020
edited
Loading

Initially inspired by @pts work and #75 pr, but made with general approach:

  • Curve25519/Ed25519 implementation based on TweetNaCl version 20140427, old Google's curve25519_donna dropped as unnecessary, saves a lot of size.
  • SHA512 reused from LibTomCrypt, no need to keep own copy
  • Sign/Verify require no additional memory allocation
  • Dropbear's API made ~similar to LibTomCrypt devel to ease possible switch, if necessary. Anyway, LibTomCrypt is based on TweetNaCl as well.
  • Default private key path is key/etc/dropbear/dropbear_ed25519_host_key
  • Implemented general import from / export to OpenSSH private keys, can be reused for other key types on necessary
  • Implemented *25519 fuzzers
  • Man, license, commens updated

So far, DROPBEAR_CURVE25519 increases binary by ~2,5Kb on X86-64, DROPBEAR_ED25519 adds 7,5Kb more vs ~8Kb for DROPBEAR_CURVE25519 only.

themiron added 3 commits March 5, 2020 04:22
@themiron
Add support for Ed25519 as a public key type
c491f88 
Ed25519 is a elliptic curve signature scheme that offers
better security than ECDSA and DSA and good performance. It may be
used for both user and host keys.

OpenSSH key import and fuzzer are not supported yet.

Initially inspired by Peter Szabo.
@themiron
Add curve25519 and ed25519 fuzzers
b070f0f
@themiron
Add import and export of Ed25519 keys
66ba87f
@themiron themiron mentioned this pull request Mar 5, 2020
Closed
@mkj mkj merged commit 3d12521 into mkj:master Mar 11, 2020
@edef1c edef1c mentioned this pull request May 11, 2020
Merged
10 tasks
@PirMei PirMei mentioned this pull request May 28, 2020
Closed
@geor-g
Copy link

geor-g commented May 31, 2020

@mkj Any chance of a new release including ed25519 support?

bantu
bantu reviewed May 31, 2020
View reviewed changes
@maurerle maurerle mentioned this pull request Jan 22, 2021
Closed
@ejiektpobehuk ejiektpobehuk mentioned this pull request Mar 7, 2021
Open
ejiektpobehuk added a commit to ejiektpobehuk/openzfs-docs that referenced this pull request Mar 7, 2021
@ejiektpobehuk
Arch Linux: Remove DropBear key limitation note
73bdd0b 
ed25519 support: mkj/dropbear#91
@ejiektpobehuk ejiektpobehuk mentioned this pull request Mar 7, 2021
Closed
ejiektpobehuk added a commit to ejiektpobehuk/openzfs-docs that referenced this pull request Mar 9, 2021
@ejiektpobehuk
Arch Linux: Remove DropBear key limitation note
2916fdc 
Signed-off-by: Vlad Petrov <ejiek@mail.ru>

ed25519 support: mkj/dropbear#91
ejiektpobehuk added a commit to ejiektpobehuk/openzfs-docs that referenced this pull request Mar 9, 2021
@ejiektpobehuk
Arch Linux: Remove DropBear key limitation note
36efa7f 
ed25519 support: mkj/dropbear#91

Signed-off-by: Vlad Petrov <ejiek@mail.ru>
ejiektpobehuk added a commit to ejiektpobehuk/openzfs-docs that referenced this pull request Mar 23, 2021
@ejiektpobehuk
Arch Linux: Remove DropBear key limitation note
da6291a 
ed25519 support: mkj/dropbear#91

Signed-off-by: Vlad Petrov <ejiek@mail.ru>
ejiektpobehuk added a commit to ejiektpobehuk/openzfs-docs that referenced this pull request Mar 23, 2021
@ejiektpobehuk
Arch Linux: Remove DropBear key limitation note
af93344 
ed25519 support: mkj/dropbear#91

Signed-off-by: Vlad Petrov <ejiek@mail.ru>
rlaager pushed a commit to openzfs/openzfs-docs that referenced this pull request Mar 24, 2021
@ejiektpobehuk @rlaager
Arch Linux: Remove DropBear key limitation note
8a996a1 
ed25519 support: mkj/dropbear#91

Closes #131

Signed-off-by: Vlad Petrov <ejiek@mail.ru>
Signed-off-by: Maurice Zhou <ja@apvc.uk>
[more concise wording; fix rst formatting]
Signed-off-by: Richard Laager <rlaager@wiktel.com>
@pzakha pzakha mentioned this pull request Aug 9, 2021
Merged
jwk404 pushed a commit to openzfs/zfs that referenced this pull request Nov 4, 2021
@michaelfranzl
Update contrib/initramfs/README.initramfs.markdown
4b87c19 
Note that Dropbear supports ed25519 keys since version 2020.79.

See mkj/dropbear#91

Reviewed-by: George Melikov <mail@gmelikov.ru>
Reviewed-by: John Kennedy <john.kennedy@delphix.com>
Signed-off-by: Michael Franzl <michael@franzl.name>
Closes #12715
@anarcat anarcat mentioned this pull request Apr 20, 2024
Closed
wommy pushed a commit to wommy/openzfs-docs that referenced this pull request Nov 11, 2025
@ejiektpobehuk @rlaager
Arch Linux: Remove DropBear key limitation note
dc9d236 
ed25519 support: mkj/dropbear#91

Closes openzfs#131

Signed-off-by: Vlad Petrov <ejiek@mail.ru>
Signed-off-by: Maurice Zhou <ja@apvc.uk>
[more concise wording; fix rst formatting]
Signed-off-by: Richard Laager <rlaager@wiktel.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@bantu bantu bantu left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@themiron @geor-g @bantu @mkj