CKM_EDDSA

Summary

FIPS approved?	No
Supported functions	Sign \| Verify
Functions restricted from FIPS use	N/A
Minimum key length (bits)	256
Minimum key length for FIPS use (bits)	N/A
Minimum legacy key length for FIPS use (bits)	N/A
Maximum key length (bits)	256
Block size	0
Digest size	0
Key types	EDDSA
Algorithms	SHA512
Modes	None
Flags	Extractable

This mechanism makes use of keys generated by CKM_EC_EDWARDS_KEY_PAIR_GEN (using keys generated over Edwards curves) for EDDSA signing. The keys used by this mechanism are of type CKK_EC_EDWARDS. For Luna HSM, the EDDSA algorithm is compliant with “PureEDDSA” as defined in RFC 8032 and “EdDSA for more curves, July 2015”.

Mechanism Parameters

Mechanism parameters are optional; not using the parameters selects the PureEdDSA algorithm ed25519. Setting the prehashed flag (phFlag) to TRUE will select the prehashed ed25519ph curve variant.

NOTE This curve variant requires minimum Luna HSM Firmware 7.4.0.

typedef struct CK_EDDSA_PARAMS
{
     CK_BBOOL     phFlag;
     CK_ULONG     ulContextDataLen;
     CK_BYTE_PTR  pContextData; 
}

CK_EDDSA_PARAMS;

CK_EDDSA_PARAMS eddsaParams;
     eddsaParams.phFlag = CK_TRUE; // Set prehashed flag to true for Ed25519ph. Setting it to false or not using mechanism parameters does Ed25519.
     eddsaParams.ulContextDataLen = 0; // Context length must be 0
     eddsaParams.pContextData = NULL; // Context must be NULL

CK_MECHANISM mechanism;
     mechanism.mechanism = CKM_EDDSA;
     mechanism.pParameter = &eddsaParams;
     mechanism.ulParameterLen = sizeof(eddsaParams);

C_SignInit(hSession, &mechanism, hKey); // or C_VerifyInit
// followed by C_Sign, C_SignUpdate/C_SignFinal or verify equivalents.

OIDs and Algorithm Identifiers for 25519 Keys

New OIDs and algorithm identifiers are as follows. Curve identifiers, including the plaintext curve names, must be ASN.1-encoded.

Edwards 25519 (sign/verify)

Curve Identifier (CKA_ECDSA_PARAMS):

>“edwards25519” (RFC7748)

>“Ed25519” (RFC8410)

>1.3.6.1.4.1.11591.15.1 (https://www.alvestrand.no/objectid/1.3.6.1.4.1.11591.15.1.html)

Key OIDs (wrap/unwrap):

>1.3.101.100 (https://tools.ietf.org/html/draft-josefsson-pkix-eddsa-04)

>1.3.101.112 (RFC8410)

Curve 25519 (ECDH)

Curve Identifier (CKA_ECDSA_PARAMS):

>“curve25519” (RFC7748)

>“X25519” (RFC8410)

>1.3.6.1.4.1.3029.1.5.1 (http://oidref.com/1.3.6.1.4.1.3029.1.5.1)

Key OIDs (wrap/unwrap):

>1.3.6.1.4.1.11591.7 (https://tools.ietf.org/html/draft-josefsson-pkix-newcurves-00)

>1.3.101.110 (RFC8410)



	SUPPORT	LEGAL
Luna Network HSM Documentation © Copyright 2001-2023, Thales Group Last Updated: 2023-05-25 23:13:01 GMT-04:00	Customer Release Notes Customer Support Portal Support Contacts	End User License Agreement Third Party Software Licenses Document Information