Add support for ed25519

[annerajb]

This is the 25519 portion of this issue #8252

[hashicorp-cla]

All committers have signed the CLA.

[annerajb]

this should be a draft.

[vishalnayak]

Thanks for working on this! Let us know if you need anything from our end to get this done.

[annerajb]

Thanks for working on this! Let us know if you need anything from our end to get this done.

Any pointers on testing and setting up a dev environments?

I searched casually on this github repo for some sort of developer getting started manual.
My goal is to setup a dev environment that is representative of what the CI uses and preferably same setup scripts /instructions would provide a way to run all test locally and verify my changes won't break anything else.

[vishalnayak]

Thanks for working on this! Let us know if you need anything from our end to get this done.

Any pointers on testing and setting up a dev environments?

I searched casually on this github repo for some sort of developer getting started manual.
My goal is to setup a dev environment that is representative of what the CI uses and preferably same setup scripts /instructions would provide a way to run all test locally and verify my changes won't break anything else.

@annerajb The readme on the repo should assist with that.

In your case, you can do make test TEST=./builtin/logical/pki to ensure that none of the other pki tests aren't failing.

You can find tests for reference here.

[annerajb]

Working slowly on this.

Not sure why the license/CLA still shows pending. But I guess we can deal with that later.

[annerajb]

Thanks for working on this! Let us know if you need anything from our end to get this done.

Any pointers on testing and setting up a dev environments?
I searched casually on this github repo for some sort of developer getting started manual.
My goal is to setup a dev environment that is representative of what the CI uses and preferably same setup scripts /instructions would provide a way to run all test locally and verify my changes won't break anything else.

@annerajb The readme on the repo should assist with that.

In your case, you can do make test TEST=./builtin/logical/pki to ensure that none of the other pki tests aren't failing.

You can find tests for reference here.

Thanks that was helpful.
I implemented and at least locally the pki backend test pass successfully.

Can you assist me with the following?

• finding reviewers for this to provide feedback on possible changes to be done?
• Conformance test suite seems to require cloud infrastructure. Would it be worth for me to spend time trying to set them up or will Circle CI take care of that?
• any feedback :D

[annerajb]

@vishalnayak @hsimon-hashicorp

The CI is failling on the yarn layer due to a deb package source using the expired DST lets encrypt certificate.

Apart from that can you give another review of the code at this point i was able to utilize this branch to setup a pki with ed25519 both as root and intermediate signed the int csr from the root, also tested signing with a external root ca.

locally when I run make test i see a failure but i don't seem to have touched anything near it's path.

--- FAIL: TestTLSTrailingData (0.00s)
    tls_verification_test.go:82: Bad error message: 127.0.0.1:443: A PEM block does not parse to a certificate: x509: trailing data.
[127.0.0.1:443: Found at least one leaf certificate in the CA certificate file.]
FAIL
FAIL    github.com/hashicorp/vault/vault/diagnose       6.040s

[annerajb]

@vishalnayak @hsimon-hashicorp can somebody remove the label waiting-for-response?

[vishalnayak]

This is looking great to me!

[annerajb]

This is looking great to me!

what would be the next step apart from I assume another set of eyes to review this?

(anything I can do in the meantime?)

[vishalnayak]

Thank you @annerajb for your contribution! 🎉