Hello all,
I recently played with implementing Ed25519 certificates in crypto/x509 (and crypto/tls).
https://tools.ietf.org/html/draft-ietf-curdle-pkix-07 is the draft for X.509, and Ed25519 is supported directly by the TLS 1.3 draft.
https://github.com/golang/go/compare/master...FiloSottile:filippo/ed25519
The code is straightforward enough, but I have one main problem: we'll have to vendor
golang.org/x/crypto/ed25519 for the primitive functionality (like we did with
golang.org/x/crypto/curve25519), but that will mismatch the PublicKey and PrivateKey types. A user-supplied ed25519.PrivateKey would not type-assert to the vendored ed25519.PrivateKey, and a parsed ed25519.PublicKey would not type-assert to the application side one.
I can think of four bad solutions off the top of my head:
1) define Ed25519 types in crypto/x509, which are easy to cast to/from, as they're nothing but []byte; if/when we promote ed25519 to the stdlib, alias them
2) use []byte for both types, document it as such
3) use reflect in some clever way to detect the type on the way in and convert it; not sure this works at all on the way out (that is, when returning a ed25519.PublicKey in a parsed certificate)
4) simply promote ed25519 to the stdlib
Anyone with better ideas or comments?