add Ed25519 and Ed448 support to the EVP_PKEY layer

  - Add WC_EVP_PKEY_ED25519 / WC_EVP_PKEY_ED448 type constants and
   matching EVP_PKEY_ED25519 / EVP_PKEY_ED448 OpenSSL aliases.
  - Extend WOLFSSL_EVP_PKEY with ed25519/ed448 fields and ownership
   bits, and free them in wolfSSL_EVP_PKEY_free().
  - Add d2i probe functions that accept both SubjectPublicKeyInfo /
   PKCS#8 PrivateKeyInfo encodings and raw 32/57-byte key material,
   and hook them into the d2i_evp_pkey_try() chain.
  - Map the Ed25519/Ed448 signature OIDs in the relevant lookups and
   teach the PEM key-format dispatch and SSL_CTX_use_PrivateKey
   switch about the new types.

Author: lealem47

src/pk.c

@@ -6262,6 +6262,16 @@ WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio,
             case DHk:
                 type = WC_EVP_PKEY_DH;
                 break;
+        #ifdef HAVE_ED25519
+            case ED25519k:
+                type = WC_EVP_PKEY_ED25519;
+                break;
+        #endif
+        #ifdef HAVE_ED448
+            case ED448k:
+                type = WC_EVP_PKEY_ED448;
+                break;
+        #endif
             default:
                 type = WOLFSSL_FATAL_ERROR;
                 break;
@@ -6409,6 +6419,16 @@ WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_PrivateKey(XFILE fp, WOLFSSL_EVP_PKEY **key,
             case DHk:
                 type = WC_EVP_PKEY_DH;
                 break;
+        #ifdef HAVE_ED25519
+            case ED25519k:
+                type = WC_EVP_PKEY_ED25519;
+                break;
+        #endif
+        #ifdef HAVE_ED448
+            case ED448k:
+                type = WC_EVP_PKEY_ED448;
+                break;
+        #endif
             default:
                 type = WOLFSSL_FATAL_ERROR;
                 break;

src/ssl.c

@@ -17747,6 +17747,14 @@ word32 nid2oid(int nid, int grp)
                     return CTC_SHA3_512wECDSA;
                 #endif
             #endif /* HAVE_ECC */
+            #ifdef HAVE_ED25519
+                case WC_NID_ED25519:
+                    return CTC_ED25519;
+            #endif /* HAVE_ED25519 */
+            #ifdef HAVE_ED448
+                case WC_NID_ED448:
+                    return CTC_ED448;
+            #endif /* HAVE_ED448 */
             }
             break;
 
@@ -18131,6 +18139,14 @@ int oid2nid(word32 oid, int grp)
                     return WC_NID_ecdsa_with_SHA3_512;
                 #endif
             #endif /* HAVE_ECC */
+            #ifdef HAVE_ED25519
+                case CTC_ED25519:
+                    return WC_NID_ED25519;
+            #endif /* HAVE_ED25519 */
+            #ifdef HAVE_ED448
+                case CTC_ED448:
+                    return WC_NID_ED448;
+            #endif /* HAVE_ED448 */
             }
             break;
 

src/ssl_load.c

@@ -5256,6 +5256,18 @@ int wolfSSL_CTX_use_PrivateKey(WOLFSSL_CTX *ctx, WOLFSSL_EVP_PKEY *pkey)
             WOLFSSL_MSG("populating ECC key");
             ret = ECC_populate_EVP_PKEY(pkey, pkey->ecc);
             break;
+    #endif
+    #ifdef HAVE_ED25519
+        case WC_EVP_PKEY_ED25519:
+            /* DER is already stored in pkey->pkey.ptr by d2i_evp_pkey. */
+            WOLFSSL_MSG("populating Ed25519 key");
+            break;
+    #endif
+    #ifdef HAVE_ED448
+        case WC_EVP_PKEY_ED448:
+            /* DER is already stored in pkey->pkey.ptr by d2i_evp_pkey. */
+            WOLFSSL_MSG("populating Ed448 key");
+            break;
     #endif
         default:
             ret = 0;

wolfcrypt/src/evp.c

@@ -41,6 +41,12 @@
 #include <wolfssl/openssl/evp.h>
 #include <wolfssl/openssl/kdf.h>
 #include <wolfssl/wolfcrypt/wolfmath.h>
+#ifdef HAVE_ED25519
+#include <wolfssl/wolfcrypt/ed25519.h>
+#endif
+#ifdef HAVE_ED448
+#include <wolfssl/wolfcrypt/ed448.h>
+#endif
 
 static const struct s_ent {
     const enum wc_HashType macType;
@@ -11679,6 +11685,26 @@ void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY* key)
                     break;
                 #endif /* ! NO_DH ... */
 
+                #ifdef HAVE_ED25519
+                case WC_EVP_PKEY_ED25519:
+                    if (key->ed25519 != NULL && key->ownEd25519 == 1) {
+                        wc_ed25519_free(key->ed25519);
+                        XFREE(key->ed25519, key->heap, DYNAMIC_TYPE_ED25519);
+                        key->ed25519 = NULL;
+                    }
+                    break;
+                #endif /* HAVE_ED25519 */
+
+                #ifdef HAVE_ED448
+                case WC_EVP_PKEY_ED448:
+                    if (key->ed448 != NULL && key->ownEd448 == 1) {
+                        wc_ed448_free(key->ed448);
+                        XFREE(key->ed448, key->heap, DYNAMIC_TYPE_ED448);
+                        key->ed448 = NULL;
+                    }
+                    break;
+                #endif /* HAVE_ED448 */
+
                 #ifdef HAVE_HKDF
                 case WC_EVP_PKEY_HKDF:
                     XFREE(key->hkdfSalt, NULL, DYNAMIC_TYPE_SALT);