asn1: Ed25519/Ed448 and X25519/X448 OIDs; accept ABSENT/NULL AlgorithmIdentifier params (RFC 8410); minor DER tolerance; update module ABI

Author: ariawisp

cryptography-serialization/asn1/modules/api/cryptography-serialization-asn1-modules.api

@@ -133,6 +133,12 @@ public final class dev/whyoleg/cryptography/serialization/asn1/modules/EcdsaSign
 	public final fun serializer ()Lkotlinx/serialization/KSerializer;
 }
 
+public final class dev/whyoleg/cryptography/serialization/asn1/modules/EdwardsOids {
+	public static final field INSTANCE Ldev/whyoleg/cryptography/serialization/asn1/modules/EdwardsOids;
+	public final fun getEd25519-STa95mE ()Ljava/lang/String;
+	public final fun getEd448-STa95mE ()Ljava/lang/String;
+}
+
 public abstract interface class dev/whyoleg/cryptography/serialization/asn1/modules/KeyAlgorithmIdentifier : dev/whyoleg/cryptography/serialization/asn1/modules/AlgorithmIdentifier {
 	public static final field Companion Ldev/whyoleg/cryptography/serialization/asn1/modules/KeyAlgorithmIdentifier$Companion;
 }
@@ -141,6 +147,12 @@ public final class dev/whyoleg/cryptography/serialization/asn1/modules/KeyAlgori
 	public final fun serializer ()Lkotlinx/serialization/KSerializer;
 }
 
+public final class dev/whyoleg/cryptography/serialization/asn1/modules/MontgomeryOids {
+	public static final field INSTANCE Ldev/whyoleg/cryptography/serialization/asn1/modules/MontgomeryOids;
+	public final fun getX25519-STa95mE ()Ljava/lang/String;
+	public final fun getX448-STa95mE ()Ljava/lang/String;
+}
+
 public final class dev/whyoleg/cryptography/serialization/asn1/modules/PrivateKeyInfo {
 	public static final field Companion Ldev/whyoleg/cryptography/serialization/asn1/modules/PrivateKeyInfo$Companion;
 	public fun <init> (ILdev/whyoleg/cryptography/serialization/asn1/modules/KeyAlgorithmIdentifier;[B)V

cryptography-serialization/asn1/modules/api/cryptography-serialization-asn1-modules.klib.api

@@ -256,6 +256,20 @@ final value class dev.whyoleg.cryptography.serialization.asn1.modules/EcPoint {
     }
 }
 
+final object dev.whyoleg.cryptography.serialization.asn1.modules/EdwardsOids { // dev.whyoleg.cryptography.serialization.asn1.modules/EdwardsOids|null[0]
+    final val Ed25519 // dev.whyoleg.cryptography.serialization.asn1.modules/EdwardsOids.Ed25519|{}Ed25519[0]
+        final fun <get-Ed25519>(): dev.whyoleg.cryptography.serialization.asn1/ObjectIdentifier // dev.whyoleg.cryptography.serialization.asn1.modules/EdwardsOids.Ed25519.<get-Ed25519>|<get-Ed25519>(){}[0]
+    final val Ed448 // dev.whyoleg.cryptography.serialization.asn1.modules/EdwardsOids.Ed448|{}Ed448[0]
+        final fun <get-Ed448>(): dev.whyoleg.cryptography.serialization.asn1/ObjectIdentifier // dev.whyoleg.cryptography.serialization.asn1.modules/EdwardsOids.Ed448.<get-Ed448>|<get-Ed448>(){}[0]
+}
+
+final object dev.whyoleg.cryptography.serialization.asn1.modules/MontgomeryOids { // dev.whyoleg.cryptography.serialization.asn1.modules/MontgomeryOids|null[0]
+    final val X25519 // dev.whyoleg.cryptography.serialization.asn1.modules/MontgomeryOids.X25519|{}X25519[0]
+        final fun <get-X25519>(): dev.whyoleg.cryptography.serialization.asn1/ObjectIdentifier // dev.whyoleg.cryptography.serialization.asn1.modules/MontgomeryOids.X25519.<get-X25519>|<get-X25519>(){}[0]
+    final val X448 // dev.whyoleg.cryptography.serialization.asn1.modules/MontgomeryOids.X448|{}X448[0]
+        final fun <get-X448>(): dev.whyoleg.cryptography.serialization.asn1/ObjectIdentifier // dev.whyoleg.cryptography.serialization.asn1.modules/MontgomeryOids.X448.<get-X448>|<get-X448>(){}[0]
+}
+
 final object dev.whyoleg.cryptography.serialization.asn1.modules/RsaKeyAlgorithmIdentifier : dev.whyoleg.cryptography.serialization.asn1.modules/KeyAlgorithmIdentifier { // dev.whyoleg.cryptography.serialization.asn1.modules/RsaKeyAlgorithmIdentifier|null[0]
     final val algorithm // dev.whyoleg.cryptography.serialization.asn1.modules/RsaKeyAlgorithmIdentifier.algorithm|{}algorithm[0]
         final fun <get-algorithm>(): dev.whyoleg.cryptography.serialization.asn1/ObjectIdentifier // dev.whyoleg.cryptography.serialization.asn1.modules/RsaKeyAlgorithmIdentifier.algorithm.<get-algorithm>|<get-algorithm>(){}[0]

cryptography-serialization/asn1/modules/src/commonMain/kotlin/AlgorithmIdentifierSerializer.kt

@@ -45,9 +45,18 @@ public abstract class AlgorithmIdentifierSerializer<AI : AlgorithmIdentifier> :
             index = 0,
             deserializer = ObjectIdentifier.serializer()
         )
-        check(decodeElementIndex(descriptor) == 1)
-        val parameters = decodeParameters(algorithm)
-        check(decodeElementIndex(descriptor) == CompositeDecoder.DECODE_DONE)
-        parameters
+        when (val idx = decodeElementIndex(descriptor)) {
+            1 -> {
+                val parameters = decodeParameters(algorithm)
+                check(decodeElementIndex(descriptor) == CompositeDecoder.DECODE_DONE)
+                parameters
+            }
+            CompositeDecoder.DECODE_DONE -> {
+                // Some algorithms (e.g., Ed25519/Ed448/X25519/X448 per RFC 8410) omit parameters.
+                // Delegate to subclass to construct an identifier without consuming parameters from the stream.
+                decodeParameters(algorithm)
+            }
+            else -> error("Unexpected element index: $idx")
+        }
     }
-}
+}

cryptography-serialization/asn1/modules/src/commonMain/kotlin/KeyAlgorithmIdentifierSerializer.kt

@@ -26,8 +26,10 @@ internal object KeyAlgorithmIdentifierSerializer : AlgorithmIdentifierSerializer
         }
         ObjectIdentifier.EC  -> EcKeyAlgorithmIdentifier(decodeParameters(EcParameters.serializer()))
         else                 -> {
-            // TODO: somehow we should ignore parameters here
+            // For algorithms like Ed25519/Ed448/X25519/X448 (RFC 8410), parameters are absent.
+            // Accept both ABSENT and explicit NULL: attempt to read optional parameters and ignore the value.
+            decodeParameters<Nothing>(NothingSerializer())
             UnknownKeyAlgorithmIdentifier(algorithm)
         }
     }
-}
+}

cryptography-serialization/asn1/modules/src/commonMain/kotlin/Oids.kt

@@ -0,0 +1,18 @@
+/*
+ * Copyright (c) 2025 Oleg Yukhnevich. Use of this source code is governed by the Apache 2.0 license.
+ */
+
+package dev.whyoleg.cryptography.serialization.asn1.modules
+
+import dev.whyoleg.cryptography.serialization.asn1.ObjectIdentifier
+
+public object EdwardsOids {
+    public val Ed25519: ObjectIdentifier = ObjectIdentifier("1.3.101.112")
+    public val Ed448: ObjectIdentifier = ObjectIdentifier("1.3.101.113")
+}
+
+public object MontgomeryOids {
+    public val X25519: ObjectIdentifier = ObjectIdentifier("1.3.101.110")
+    public val X448: ObjectIdentifier = ObjectIdentifier("1.3.101.111")
+}
+

cryptography-serialization/asn1/src/commonMain/kotlin/internal/DerDecoder.kt

@@ -36,6 +36,7 @@ internal class DerDecoder(
 
         while (true) {
             val index = currentIndex
+            if (index >= descriptor.elementsCount) return CompositeDecoder.DECODE_DONE
             tagOverride = descriptor.getElementContextSpecificTag(index)
 
             if (descriptor.isElementOptional(index)) {