auth-api: move to
Ed25519 signatures
previously we used P-256 as the curve of our choice for ec signatures.
however, in the meantime
Ed25519 has become a lot more wide-spread.
this simplifies our ec generation code significantly while keeping the
same security level.
Ed25519 was also specifically designed and
reviewed to avoid implementation errors likely making it a more secure
choice
note that
Ed25519 as a signature scheme always uses sha512, so signing
or verifying with a chosen digest is not supported.
as this mostly affects newly generated keys, this should not break any
existing setups.
Signed-off-by: Stefan Sterz <s.sterz@proxmox.com>
projects / proxmox.git / commit