Closed Bug 1644232 Opened 6 years ago Closed 6 years ago

Assertion failure: name != ECCurve25519, at ecl/ecl.c:273 trying to create CSR for Curve25519

Categories

(NSS :: Libraries, enhancement, P3)

3.53
enhancement

Tracking

(Not tracked)

RESOLVED DUPLICATE of bug 1325335

People

(Reporter: saper, Unassigned)

Details

User Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:74.0) Gecko/20100101 Firefox/74.0

Steps to reproduce:

I am using nss 3.53 built with debug on FreeBSD (from FreeBSD ports):

set -e
mkdir nss
openssl rand -base64 -out nss/pw 21
certutil -d nss -f nss/pw -N
certutil -d nss -f nss/pw -G -k ec -q curve25519
certutil -d nss -f nss/pw -R -k ec -q curve25519 -s 'cn=eddsa maybe'

Actual results:

A random seed must be generated that will be used in the
creation of your key. One of the easiest ways to create a
random seed is to use the timing of keystrokes on a keyboard.

To begin, type keys on the keyboard until this progress meter
is full. DO NOT USE THE AUTOREPEAT FUNCTION ON YOUR KEYBOARD!

Continue typing until the progress meter is full:

|************************************************************|

Finished. Press enter to continue:

Generating key. This may take a few moments...

A random seed must be generated that will be used in the
creation of your key. One of the easiest ways to create a
random seed is to use the timing of keystrokes on a keyboard.

To begin, type keys on the keyboard until this progress meter
is full. DO NOT USE THE AUTOREPEAT FUNCTION ON YOUR KEYBOARD!

Continue typing until the progress meter is full:

|************************************************************|

Finished. Press enter to continue:

Generating key. This may take a few moments...

Assertion failure: name != ECCurve25519, at ecl/ecl.c:273
Abort trap (core dumped)

Expected results:

I'd like to have not only the Curve25519 key generated, but also I'd like to have a key usable with Ed25519 that can be used to sign a certificate request.

If this is right https://crypto.stackexchange.com/a/76158 we could have two public keys for one curve (ECDH and the EdDSA key) and use the same private key for both?

Is EdDSA supported at all? (https://bugzilla.mozilla.org/show_bug.cgi?id=957105 seemed to be only about key exchange to me). If no, https://bugzilla.mozilla.org/show_bug.cgi?id=1597057 might also be blocked by this.

The severity field is not set for this bug.
:jcj, could you have a look please?

For more information, please visit auto_nag documentation.

Flags: needinfo?(jjones)

NSS does not currently support EdDSA. There is a tracking bug (bug 1325335) for its addition, which you might want to track.

Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
Resolution: --- → DUPLICATE
Severity: -- → N/A
Type: defect → enhancement
Priority: -- → P3
Flags: needinfo?(jjones)
You need to log in before you can comment on or make changes to this bug.