ed25519 support (#4114)

* ed25519 support

* review feedback

1 files changed, 45 insertions, 0 deletions

diff --git a/tests/wycheproof/test_eddsa.py b/tests/wycheproof/test_eddsa.py
new file mode 100644
index 00000000..40cb49a3
--- /dev/null
+++ b/tests/wycheproof/test_eddsa.py
@@ -0,0 +1,45 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import absolute_import, division, print_function
+
+import binascii
+
+import pytest
+
+from cryptography.exceptions import InvalidSignature
+from cryptography.hazmat.backends.interfaces import DHBackend
+from cryptography.hazmat.primitives.asymmetric.ed25519 import (
+    Ed25519PublicKey
+)
+
+
+@pytest.mark.supported(
+    only_if=lambda backend: backend.ed25519_supported(),
+    skip_message="Requires OpenSSL with Ed25519 support"
+)
+@pytest.mark.requires_backend_interface(interface=DHBackend)
+@pytest.mark.wycheproof_tests(
+    "eddsa_test.json",
+)
+def test_ed25519_signature(backend, wycheproof):
+    # We want to fail if/when wycheproof adds more edwards curve tests
+    # so we can add them as well.
+    assert wycheproof.testgroup["key"]["curve"] == "edwards25519"
+
+    key = Ed25519PublicKey.from_public_bytes(
+        binascii.unhexlify(wycheproof.testgroup["key"]["pk"])
+    )
+
+    if wycheproof.valid or wycheproof.acceptable:
+        key.verify(
+            binascii.unhexlify(wycheproof.testcase["sig"]),
+            binascii.unhexlify(wycheproof.testcase["msg"]),
+        )
+    else:
+        with pytest.raises(InvalidSignature):
+            key.verify(
+                binascii.unhexlify(wycheproof.testcase["sig"]),
+                binascii.unhexlify(wycheproof.testcase["msg"]),
+            )