Closed Bug 1325335 (hacl-eddsa) Opened 8 years ago Closed 6 months ago

Integrate HACL* EdDSA over Curve25519

Categories

(NSS :: Libraries, defect, P3)

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: franziskus, Assigned: anna.weine)

References

(Blocks 1 open bug, )

Details

(Whiteboard: [nss-nofx])

Attachments

(5 files, 6 obsolete files)

Tracking implementation of EdDSA.
Should we morph this into a HACL* bug?
Priority: -- → P3
Version: 3.29 → trunk
Alias: hacl-eddsa
Blocks: hacl-star
Summary: Support EdDSA → Integrate HACL* EdDSA
Attached file HACL* ED25519 (obsolete) —
Keywords: stalled
QA Contact: jjones
Attachment #8953446 - Attachment is obsolete: true
Assignee: nobody → bbeurdouche
Status: NEW → ASSIGNED

Can we update the description of this bug so that it includes Curve25519, Curve25519 or Curve448, Ed448 keywords? I was searching bugzilla for all EC-related bugs and could not find this one (and filed https://bugzilla.mozilla.org/show_bug.cgi?id=1644232 as a result)

Summary: Integrate HACL* EdDSA → Integrate HACL* EdDSA over Curve25519

One this bug is resolved it will be possible to use X.509 certs with ED25519 public key for TLS in Firefox and Thunderbird, right?

One this bug is resolved
"Once this bug is resolved..."

Not immediately, because it will require some work for TLS and we don’t support those in 1.3. I have to double check but I am don’t think Ed25519 certs are allowed by the CAB forum either. This is also why we haven’t spent the effort yet. But I’d like to add the code in NSS in the next few months since we have the code.

Not immediately, because it will require some work for TLS and we don’t support those in 1.3.

I guess that effort will be then tracked in a separate bug?

I have to double check but I am don’t think Ed25519 certs are allowed by the CAB forum either.

I was thinking more of TLS client certs here rather than ones issued by some public CA.

But I’d like to add the code in NSS in the next few months since we have the code.

Great, thanks!

(In reply to Benjamin Beurdouche [:beurdouche] from comment #8)

Not immediately, because it will require some work for TLS and we don’t support those in 1.3. I have to double check but I am don’t think Ed25519 certs are allowed by the CAB forum either. This is also why we haven’t spent the effort yet. But I’d like to add the code in NSS in the next few months since we have the code.

Hi Benjamin,

Do you have plans for adding the complete code for supporting EdDSA (all 4 layers of NSS) ??

Attachment #9219044 - Attachment is obsolete: true
Attachment #9219043 - Attachment description: Bug 1325335 - Adding Ed25519 Implementation of Hacl* to the freebl library. → Bug 1325335 - Collapsed revision
Assignee: bbeurdouche → cs19mtech11026
Keywords: stalled
QA Contact: jc
Whiteboard: [nss-nofx]
Attachment #9219043 - Attachment description: Bug 1325335 - Collapsed revision → Bug 1325335 - Adding Ed25519 Implementation.
Attachment #9219043 - Attachment description: Bug 1325335 - Adding Ed25519 Implementation. → WIP: Bug 1325335 - Changing Ed25519 function names to ED.
Attachment #9219043 - Attachment description: WIP: Bug 1325335 - Changing Ed25519 function names to ED. → WIP: Bug 1325335 - Adding Ed25519 implementation.
Attachment #9219043 - Attachment description: WIP: Bug 1325335 - Adding Ed25519 implementation. → Bug 1325335 - Adding Ed25519 implementation.
Attachment #9219043 - Attachment description: Bug 1325335 - Adding Ed25519 implementation. → WIP: Bug 1325335 - Adding EdDSA implementation.
Attachment #9219043 - Attachment description: WIP: Bug 1325335 - Adding EdDSA implementation. → Bug 1325335 - Adding EdDSA implementation.

Depends on D113702

Attached file WIP: Bug 1325335 - changes in nss/lib. (obsolete) —
Attached file Bug 1325335 - nss/lib code for EDDSA. (obsolete) —

Depends on D117430

Severity: normal → S3

The bug assignee is inactive on Bugzilla, so the assignee is being reset.

Assignee: cs19mtech11026 → nobody
Status: ASSIGNED → NEW
Assignee: nobody → nkulatova
Status: NEW → ASSIGNED
Blocks: 1804788

I'm planing to work on the implementation of Ed25519 and X25519 algorithms for the WebCrypto API, but I believe we would need to complete the implementation of the crypto primitives in NSS, which I believe is the goal goal of this bug.;Is still active ? What are the plans for it ?

It seems Chrome and WebKit are actively working on the implementation of both algorithms, so it'd be great to catch up with them and avoid future interoperability issues.

Flags: needinfo?(cs19mtech11026)

Redirect a needinfo that is pending on an inactive user to the triage owner.
:beurdouche, since the bug has recent activity, could you have a look please?

For more information, please visit auto_nag documentation.

Flags: needinfo?(cs19mtech11026) → needinfo?(bbeurdouche)
Flags: needinfo?(bbeurdouche) → needinfo?(nkulatova)
Attachment #9219043 - Attachment description: Bug 1325335 - Adding EdDSA implementation. → WIP: Bug 1325335 - Adding EdDSA implementation.
Attachment #9219043 - Attachment description: WIP: Bug 1325335 - Adding EdDSA implementation. → Bug 1325335 - Adding EdDSA implementation.
Attachment #9225465 - Attachment description: Bug 1325335 - nss/lib layer code for EDDSA. → WIP: Bug 1325335 - nss/lib layer code for EDDSA.
Attachment #9226346 - Attachment is obsolete: true
Attachment #9219043 - Attachment description: Bug 1325335 - Adding EdDSA implementation. → WIP: Bug 1325335 - Adding EdDSA implementation.
Attachment #9219043 - Attachment description: WIP: Bug 1325335 - Adding EdDSA implementation. → Bug 1325335 - Adding EdDSA implementation.
Attachment #9225465 - Attachment description: WIP: Bug 1325335 - nss/lib layer code for EDDSA. → Bug 1325335 - nss/lib layer code for EDDSA.
Attachment #9225465 - Attachment description: Bug 1325335 - nss/lib layer code for EDDSA. → WIP: Bug 1325335 - nss/lib layer code for EDDSA.
Attachment #9219043 - Attachment description: Bug 1325335 - Adding EdDSA implementation. → WIP: Bug 1325335 - Adding EdDSA implementation.
Attachment #9226345 - Attachment is obsolete: true
Attachment #9225812 - Attachment is obsolete: true
Attachment #9372275 - Attachment description: WIP: Bug 1325335 - Updating HACL* → Bug 1325335 - Updating HACL*
Attachment #9219043 - Attachment description: WIP: Bug 1325335 - Adding EdDSA implementation. → Bug 1325335 - Adding EdDSA implementation.
Flags: needinfo?(nkulatova)
Attachment #9225465 - Attachment description: WIP: Bug 1325335 - nss/lib layer code for EDDSA. → Bug 1325335 - nss/lib layer code for EDDSA.
Attachment #9225465 - Attachment description: Bug 1325335 - nss/lib layer code for EDDSA. → WIP: Bug 1325335 - nss/lib layer code for EDDSA.
Attachment #9225465 - Attachment description: WIP: Bug 1325335 - nss/lib layer code for EDDSA. → Bug 1325335 - nss/lib layer code for EDDSA.
Attachment #9225465 - Attachment description: Bug 1325335 - nss/lib layer code for EDDSA. → xBug 1325335 - nss/lib layer code for EDDSA.
Attachment #9225465 - Attachment description: xBug 1325335 - nss/lib layer code for EDDSA. → Bug 1325335 - nss/lib layer code for EDDSA.

Depends on D200883

Attachment #9372275 - Attachment description: Bug 1325335 - Updating HACL* → WIP: Bug 1325335 - Updating HACL*
Attachment #9219043 - Attachment description: Bug 1325335 - Adding EdDSA implementation. → WIP: Bug 1325335 - Adding EdDSA implementation.
Attachment #9225465 - Attachment description: Bug 1325335 - nss/lib layer code for EDDSA. → WIP: Bug 1325335 - nss/lib layer code for EDDSA.
Attachment #9381806 - Attachment description: Bug 1325335 - Supporting WebCrypto TV form of TVs. → WIP: Bug 1325335 - Supporting WebCrypto TV form of TVs.
Attachment #9372275 - Attachment description: WIP: Bug 1325335 - Updating HACL* → Bug 1325335 - Updating HACL* to 0f136f28935822579c244f287e1d2a1908a7e552
Attachment #9381806 - Attachment is obsolete: true
Attachment #9225465 - Attachment description: WIP: Bug 1325335 - nss/lib layer code for EDDSA. → Bug 1325335 - nss/lib layer code for EDDSA.
Attachment #9219043 - Attachment description: WIP: Bug 1325335 - Adding EdDSA implementation. → Bug 1325335 - Adding EdDSA implementation.
Attachment #9390986 - Attachment description: WIP: Bug 1325335 - Removing check for message len in ed25519 → Bug 1325335 - Removing check for message len in ed25519

A patch has been attached on this bug, which was already closed. Filing a separate bug will ensure better tracking. If this was not by mistake and further action is needed, please alert the appropriate party. (Or: if the patch doesn't change behavior -- e.g. landing a test case, or fixing a typo -- then feel free to disregard this message)

Regressions: 1884276
Blocks: 1889153
No longer blocks: 1889153
Blocks: 1894027
No longer blocks: 1894027
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: