Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-131200

sequoia - register eddsa as an alias to EDDSA-ED25519 (rhel-10)

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • crypto-policies-20251126-1.git918f03d.el10
    • No
    • Important
    • 1
    • rhel-security-crypto-spades
    • 20
    • 0
    • False
    • False
    • Hide

      None

      Show
      None
    • No
    • Crypto25-11
    • Hide

      AC1) sequoia and sequoia-rpm generated configurations have eddsa = "always" in LEGACY/DEFAULT/FUTURE, it's also added to ignore_invalid (to avoid bumping dependency)

      Implemented by /Sanity/retention (crypto-policies).

      AC2) Sequoia-aware podman can sign container image by EdDSA key when using podman-sequoia with PQC support (rust-podman-sequoia >= 0.4) in the DEFAULT policy.

      Implemented by /Sanity/smoke-test (rust-podman-sequoia).

       

      Show
      AC1) sequoia and sequoia-rpm generated configurations have eddsa = "always" in LEGACY/DEFAULT/FUTURE, it's also added to ignore_invalid (to avoid bumping dependency) Implemented by /Sanity/retention (crypto-policies). AC2) Sequoia-aware podman can sign container image by EdDSA key when using podman-sequoia with PQC support (rust-podman-sequoia >= 0.4) in the DEFAULT policy. Implemented by /Sanity/smoke-test (rust-podman-sequoia).  
    • Pass
    • Enabled
    • Automated
    • Unspecified Release Note Type - Unknown
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      What were you trying to do that didn't work?

      sequoia-openpgp 2.1 split the policy for Ed25519 into two: the v6 signature compliant with RFC 8032 and the legacy v4 signature, under the name "eddsa" (sequoia-pgp/sequoia@2affea78). This adds an "eddsa" entry as an alias to the former, as we don't distinguish them at the crypto-policies level.

      Please provide the package NVR for which the bug is seen:

      crypto-policies-20250905-2.gitc7eb7b2.el10_1.noarch

              asosedki@redhat.com Alexander Sosedkin
              omoris Ondrej Moris
              Alexander Sosedkin Alexander Sosedkin
              Ondrej Moris Ondrej Moris
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: