ed25519-dalek: use SignatureAlgorithmIdenfier instead of the dynamic counterpart (#779)

baloo · web-flow · commit d159f47f53a1 · 2025-07-07T13:57:47.000-06:00
This allows to use ed25519 to create certificates for example This partially reverts #712
diff --git a/ed25519-dalek/src/signing.rs b/ed25519-dalek/src/signing.rs
@@ -676,20 +676,6 @@ impl pkcs8::EncodePrivateKey for SigningKey {
     }
 }
 
-#[cfg(all(feature = "alloc", feature = "pkcs8"))]
-impl pkcs8::spki::DynSignatureAlgorithmIdentifier for SigningKey {
-    fn signature_algorithm_identifier(
-        &self,
-    ) -> pkcs8::spki::Result<pkcs8::spki::AlgorithmIdentifierOwned> {
-        // From https://datatracker.ietf.org/doc/html/rfc8410
-        // `id-Ed25519   OBJECT IDENTIFIER ::= { 1 3 101 112 }`
-        Ok(pkcs8::spki::AlgorithmIdentifier {
-            oid: ed25519::pkcs8::ALGORITHM_OID,
-            parameters: None,
-        })
-    }
-}
-
 #[cfg(feature = "pkcs8")]
 impl TryFrom<pkcs8::KeypairBytes> for SigningKey {
     type Error = pkcs8::Error;
@@ -720,6 +706,14 @@ impl TryFrom<&pkcs8::KeypairBytes> for SigningKey {
     }
 }
 
+#[cfg(feature = "pkcs8")]
+impl pkcs8::spki::SignatureAlgorithmIdentifier for SigningKey {
+    type Params = pkcs8::spki::der::AnyRef<'static>;
+
+    const SIGNATURE_ALGORITHM_IDENTIFIER: pkcs8::spki::AlgorithmIdentifier<Self::Params> =
+        <Signature as pkcs8::spki::AssociatedAlgorithmIdentifier>::ALGORITHM_IDENTIFIER;
+}
+
 #[cfg(feature = "pkcs8")]
 impl From<SigningKey> for pkcs8::KeypairBytes {
     fn from(signing_key: SigningKey) -> pkcs8::KeypairBytes {
diff --git a/ed25519-dalek/src/verifying.rs b/ed25519-dalek/src/verifying.rs
@@ -610,6 +610,14 @@ impl TryFrom<&[u8]> for VerifyingKey {
     }
 }
 
+#[cfg(feature = "pkcs8")]
+impl pkcs8::spki::SignatureAlgorithmIdentifier for VerifyingKey {
+    type Params = pkcs8::spki::der::AnyRef<'static>;
+
+    const SIGNATURE_ALGORITHM_IDENTIFIER: pkcs8::spki::AlgorithmIdentifier<Self::Params> =
+        <ed25519::Signature as pkcs8::spki::AssociatedAlgorithmIdentifier>::ALGORITHM_IDENTIFIER;
+}
+
 impl From<VerifyingKey> for EdwardsPoint {
     fn from(vk: VerifyingKey) -> EdwardsPoint {
         vk.point
@@ -623,20 +631,6 @@ impl pkcs8::EncodePublicKey for VerifyingKey {
     }
 }
 
-#[cfg(all(feature = "alloc", feature = "pkcs8"))]
-impl pkcs8::spki::DynSignatureAlgorithmIdentifier for VerifyingKey {
-    fn signature_algorithm_identifier(
-        &self,
-    ) -> pkcs8::spki::Result<pkcs8::spki::AlgorithmIdentifierOwned> {
-        // From https://datatracker.ietf.org/doc/html/rfc8410
-        // `id-Ed25519   OBJECT IDENTIFIER ::= { 1 3 101 112 }`
-        Ok(ed25519::pkcs8::spki::AlgorithmIdentifierOwned {
-            oid: ed25519::pkcs8::ALGORITHM_OID,
-            parameters: None,
-        })
-    }
-}
-
 #[cfg(feature = "pkcs8")]
 impl TryFrom<pkcs8::PublicKeyBytes> for VerifyingKey {
     type Error = pkcs8::spki::Error;
