[RFR] 8166597: Crypto support for the EdDSA Signature Algorithm (JEP 339)
Weijun Wang
weijun.wang at oracle.com
Thu Apr 2 07:43:28 UTC 2020
One more thing:
https://tools.ietf.org/html/rfc8410#section-1
In [RFC8032] the elliptic curve signature system Edwards-curve
Digital Signature Algorithm (EdDSA) is described along with a
recommendation for the use of the curve25519 and curve448. EdDSA has
defined two modes: the PureEdDSA mode without prehashing and the
HashEdDSA mode with prehashing. The convention used for identifying
the algorithm/curve combinations is to use "Ed25519" and "Ed448" for
the PureEdDSA mode.
Does this mean we should reject prehash=true for "Ed25519" and "Ed448"?
Thanks,
Max
More information about the security-dev
mailing list