I am curious if the Solo OpenPGP firmware will support Ed25519 curves? This is my biggest issue with Yubikeys, I've contacted them and they do not have a roadmap for adding it.

I'd much prefer to use my Solo full time, and once it has GPG support I will be able to, and ideally it would support Ed25519.

We intend to support Ed25519. Issue is that OpenPGP Card (the "smartcard" app) does not specify it, similar to how SSH does support 25519 keys but not its PKCS#11 interface. Worst case it will be a vendor extension. Some inofficial work on the crypto implementation has started in https://github.com/nickray/salty.

See also "stretch goals" in https://www.crowdsupply.com/solokeys/somu#details-top (our resources are limited unfortunately).

@SolomonSklash what's your use case, just gpg or ssh as well? Can you explain us what other tools you may be looking at?

If you check out, in our campaign we tried to explain the current issues we know of with Ed25519:
https://www.crowdsupply.com/solokeys/somu
(at the end, section "How Can I Be More Involved?")

Knowing what people want/need may help us prioritize.

@0x0ece I use my Yubikey for U2F, HMAC challenge-response, normal GPG usage, as well as SSH via gpg-agent. I used it for SSH via PIV/smartcard feature in the past as well, before I switched to GPG subkeys for SSH.

I somehow missed the stretch goals on the Somu adding Ed25519 and SSH. I've backed it and hope those goals are met.

@SolomonSklash off-topic, but curious as to why you switched from PIV to GPG keys?

@nickray I switched because I wanted to setup GPG anyway. I still keep PIV as a backup just in case, but having everything tied to GPG makes things simpler.

@SolomonSklash you may be the right person to give our "HMAC-SHA-256" challenge-response a spin: https://github.com/solokeys/solo-python/#challenge-response; if you don't mind my asking, what are your use cases for the Yubico HMAC-SHA1 version? Advantage of using WebAuthn's hmac-secret would be that it's not proprietary (most keys will support hmac-secret due to Microsoft requiring it), so I'm pondering useful integrations.

https://github.com/nickray/salty/blob/main/c-api/salty.h is ready for testing. Only Ed25519 signatures so far.

I would also love to see ED25519 support on a SoloKey. In particular, my use case needs the ability to generate raw ED25519 signatures. I'm not sure whether OpenPGP is sufficient because from what I've seen it looks like it handles the hashing automatically . For my application I would like to have the ability to calculate raw signatures with no hashing step.

@nickray when you mean "ready for testing", is this a signal to someone or anyone to integrate it into the solo project?

Yes :) The tricky part (I think) would be to extend the RK storage which assumes just one curve.

RK? R.... Key....

RK? R.... Key....

@lf94 I'm not 100% sure, but I believe that means resident key.

Curve25519 works. d623e5d

@merlokk This can be closed since it was implemented in e0f8bfa.