Add Ed448 algorithm identifier #86
Description
Checklist
- I've searched the issue tracker for similar requests
Is your feature request related to a problem? Please describe.
I'm unable to implement ED448 signature algorithm support in Rustls despite ED448 being available in the RustCrypto ecosystem. The blocking issue is that the necessary algorithm identifier (alg_id) is missing from the PKI types, which prevents proper integration with the Rustls crypto provider interface.
Describe the solution you'd like
Add ED448 support to Rustls by:
- Including ED448 algorithm identifier in the PKI types crate
- Extending the
AlgorithmIdentifierconst to include ED448 - Adding the necessary OID mappings for ED448 certificates (OID: 1.3.101.113)
- Ensuring compatibility with existing RustCrypto's
ed448or similar implementations
Describe alternatives you've considered
- Forking and patching locally: Maintaining a fork with ED448 support, but this creates maintenance burden and divergence from upstream
- Using ED25519 only: While ED25519 is supported, some applications specifically require ED448 for its higher security margin (224-bit vs 128-bit security level)
- External wrapper: Creating a wrapper that translates ED448 operations to supported algorithms, but this adds unnecessary complexity and potential security risks
Additional context
- ED448 is part of RFC 8032 and is increasingly adopted in security-critical applications
- The RustCrypto project already provides ED448 implementation through crates like
ed448 - This would align Rustls with other TLS libraries (OpenSSL, BoringSSL) that support ED448
- The missing
alg_idin PKI types is the primary blocker preventing community implementation - This feature would benefit users requiring CNSA 2.0 compliance or higher security margins
Related specifications:
- RFC 8032: Edwards-Curve Digital Signature Algorithm (EdDSA)
- RFC 8446: TLS 1.3 includes ED448 as a supported signature algorithm
Past Issues:
rustls/rustls#52
rustls/rustls#1120