keys/: Support the EdDSA signature schemes from catcrypt(1).

author Mark Wooding <mdw@distorted.org.uk>

Thu, 26 May 2016 08:26:09 +0000 (09:26 +0100)

committer Mark Wooding <mdw@distorted.org.uk>

Sun, 14 May 2017 17:19:08 +0000 (18:19 +0100)
author Mark Wooding <mdw@distorted.org.uk>
Thu, 26 May 2016 08:26:09 +0000 (09:26 +0100)
committer Mark Wooding <mdw@distorted.org.uk>
Sun, 14 May 2017 17:19:08 +0000 (18:19 +0100)
diff --git a/keys/tripe-keys.conf.5.in b/keys/tripe-keys.conf.5.in

index 0b488f07c24b66180e0ad5e6521bbdc12a62aeef..e993ad266111568ab52687d78a896af7c95bbb8f 100644 (file)
--- a/keys/tripe-keys.conf.5.in
+++ b/keys/tripe-keys.conf.5.in
@@ -261,7 +261,7 @@ dh  dsa
  ec     ecdsa
  _
  .TE
-.ne 10
+.ne 12
  .TP
  .I sig-genalg
  Key-generation algorithm for signing key.  Default depends on
@@ -280,9 +280,11 @@ rsapcs1    rsa
  rsapss rsa
  ecdsa  ec
  eckcdsa        ec
+ed25519        ed25519
+ed448  ed448
  _
  .TE
-.ne 8
+.ne 10
  .TP
  .I sig-param
  Signature-key generation parameters.  Default depends on
@@ -299,6 +301,8 @@ dh  \-LS \-b3072 \-B256
  dsa    \-b3072 \-B256
  rsa    \-b3072
  ec     \-Cnist-p256
+ed25519        \fInone
+ed448  \fInone
  _
  .TE
  .TP
diff --git a/keys/tripe-keys.in b/keys/tripe-keys.in

index f40f3965ee0970b13baca580a613bbb6e6cc5d2a..787336fa7cc24b3191b01f1464b03db5a3268b23 100644 (file)
--- a/keys/tripe-keys.in
+++ b/keys/tripe-keys.in
@@ -262,11 +262,15 @@ def conf_defaults():
                                         'rsapkcs1': 'rsa',
                                         'rsapss': 'rsa',
                                         'ecdsa': 'ec',
-                                       'eckcdsa': 'ec'}[conf['sig']]),
+                                       'eckcdsa': 'ec',
+                                       'ed25519': 'ed25519',
+                                       'ed448': 'ed448'}[conf['sig']]),
                 ('sig-param', lambda: {'dh': '-LS -b3072 -B256',
                                        'dsa': '-b3072 -B256',
                                        'ec': '-Cnist-p256',
-                                      'rsa': '-b3072'}[conf['sig-genalg']]),
+                                      'rsa': '-b3072',
+                                      'ed25519': '',
+                                      'ed448': ''}[conf['sig-genalg']]),
                 ('sig-hash', '${hash}'),
                 ('sig-expire', 'forever'),
                 ('fingerprint-hash', '${hash}')]:
diff --git a/keys/tripe-keys.master b/keys/tripe-keys.master

index 01e094ba5467ec7b1e36fde6b35da45f4ac3b414..35b868ce29f7ac23d67055ec8aced20bf8304108 100644 (file)
--- a/keys/tripe-keys.master
+++ b/keys/tripe-keys.master
@@ -37,6 +37,7 @@
  ## Signature scheme to use for signing/verifying repository archives.
  # sig = dsa
  # sig = ecdsa
+# sig = ed25519
  
  ## How recently an archive must have been signed to be valid.
  # sig-fresh = always
author	Mark Wooding <mdw@distorted.org.uk>
	Thu, 26 May 2016 08:26:09 +0000 (09:26 +0100)
committer	Mark Wooding <mdw@distorted.org.uk>
	Sun, 14 May 2017 17:19:08 +0000 (18:19 +0100)
keys/tripe-keys.conf.5.in		patch \| blob \| blame \| history
keys/tripe-keys.in		patch \| blob \| blame \| history
keys/tripe-keys.master		patch \| blob \| blame \| history