Consistently describe Ed25519 as a 255-bit curve

The coordinates are over $F_{2^{255}-19}$, so by the general definition of the bit size associated with the curve in the specification, the value for size attribute of keys is 255. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-11-30 00:44:20 +01:00 · 2021-03-16 18:25:14 +01:00 · 2021-03-16 18:25:14 +01:00 · a00abc6b65
commit a00abc6b65
parent 7e54a29bea
2 changed files with 3 additions and 3 deletions
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@ -586,11 +586,11 @@
 /** The twisted Edwards curves Ed25519 and Ed448.
 *
 * These curves are suitable for EdDSA (#PSA_ALG_PURE_EDDSA for both curves,
- * #PSA_ALG_ED25519PH for the 256-bit curve,
+ * #PSA_ALG_ED25519PH for the 255-bit curve,
 * #PSA_ALG_ED448PH for the 448-bit curve).
 *
 * This family comprises the following twisted Edwards curves:
- * - 256-bit: Edwards25519, the twisted Edwards curve birationally equivalent
+ * - 255-bit: Edwards25519, the twisted Edwards curve birationally equivalent
 *   to Curve25519.
 *   Bernstein et al., _Twisted Edwards curves_, Africacrypt 2008.
 * - 448-bit: Edwards448, the twisted Edwards curve birationally equivalent
--- a/scripts/mbedtls_dev/crypto_knowledge.py
+++ b/scripts/mbedtls_dev/crypto_knowledge.py
@ -78,7 +78,7 @@ class KeyType:
        'PSA_ECC_FAMILY_SECT_R2': (163,),
        'PSA_ECC_FAMILY_BRAINPOOL_P_R1': (160, 192, 224, 256, 320, 384, 512),
        'PSA_ECC_FAMILY_MONTGOMERY': (255, 448),
-        'PSA_ECC_FAMILY_TWISTED_EDWARDS': (256, 448),
+        'PSA_ECC_FAMILY_TWISTED_EDWARDS': (255, 448),
    }
    KEY_TYPE_SIZES = {
        'PSA_KEY_TYPE_AES': (128, 192, 256), # exhaustive