Implement Phase 2 roadmap tasks: EdDSA, X25519/X448, and ChaCha20-Poly1305

[Copilot]

Description

Implements modern cryptographic algorithms per ROADMAP_CN.md Phase 2 tasks 2.1-2.3: Ed25519/Ed448 signatures, X25519/X448 key exchange, and ChaCha20-Poly1305 AEAD cipher verification.

Related Issue

Addresses requirements in https://github.com/zhaozg/lua-openssl/blob/master/ROADMAP_CN.md#第二阶段短期目标-1-3个月

Type of Change

• New feature
• Documentation update

Changes Made

EdDSA Support (Ed25519/Ed448)

• Modified src/pkey.c to detect EdDSA key types and use NULL digest with one-shot EVP_DigestSign/EVP_DigestVerify API
• Handles OpenSSL 1.1.1+ and 3.x with conditional compilation

X25519/X448 Key Exchange

• Extended openssl_derive() to accept X25519/X448 key types alongside existing DH/EC support
• Works with both private and public peer keys

ChaCha20-Poly1305 Verification

• Confirmed AEAD functionality using existing GCM control interface (EVP_CTRL_GCM_*)

Test Suites

• test/eddsa.lua: 12 tests covering signatures, PEM/DER, edge cases
• test/xecdh.lua: 11 tests covering key exchange, serialization, determinism
• test/chacha20.lua: 10 tests covering AEAD with AAD, authentication failures

Documentation

• Added usage examples in README.md for all three features

Testing

• Existing tests pass (188/188)
• Added new tests (33 new tests, all passing)
• Manual testing performed

Test Coverage: 221/221 tests passing

• Ed25519/Ed448: Key generation, signing/verification, import/export, 1MB messages
• X25519/X448: Key exchange, PEM/DER serialization, multiple exchanges
• ChaCha20-Poly1305: Basic AEAD, AAD authentication, tag verification

Security Scan: CodeQL reports 0 alerts

Checklist

• My code follows the style guidelines of this project (clang-format)
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• Any dependent changes have been merged and published

OpenSSL Compatibility

• OpenSSL 1.0.2u
• OpenSSL 1.1.1w (one-shot API required for EdDSA)
• OpenSSL 3.0.x (tested on 3.0.13)
• OpenSSL 3.5+
• LibreSSL 3.3.6+ (EdDSA/X25519 tests skip on LibreSSL)

Additional Notes

Usage Examples:

-- Ed25519 signing
local key = openssl.pkey.ctx_new("ED25519"):keygen()
local sig = openssl.pkey.sign(key, "message")
assert(openssl.pkey.verify(key, "message", sig))

-- X25519 key exchange
local alice = openssl.pkey.ctx_new("X25519"):keygen()
local bob = openssl.pkey.ctx_new("X25519"):keygen()
local secret = alice:derive(bob)

-- ChaCha20-Poly1305 AEAD
local cc20 = openssl.cipher.get("chacha20-poly1305")
local enc = cc20:encrypt_new()
enc:ctrl(openssl.cipher.EVP_CTRL_GCM_SET_IVLEN, 12)
enc:init(key, nonce)
enc:update(aad, true)  -- Set AAD
local ct = enc:update(msg) .. enc:final()
local tag = enc:ctrl(openssl.cipher.EVP_CTRL_GCM_GET_TAG, 16)

Backward Compatibility: All changes are additive. Existing API unchanged.

---

For development roadmap and planning, see:

• ROADMAP.md (English)
• ROADMAP_CN.md (Chinese)

Original prompt

---

This section details on the original issue you should resolve

<issue_title>完成 roadmap 第二阶段 的前三个任务</issue_title>
<issue_description>任务描述地址: https://github.com/zhaozg/lua-openssl/blob/master/ROADMAP_CN.md#%E7%AC%AC%E4%BA%8C%E9%98%B6%E6%AE%B5%E7%9F%AD%E6%9C%9F%E7%9B%AE%E6%A0%87-1-3%E4%B8%AA%E6%9C%88</issue_description>

Comments on the Issue (you are @copilot in this section)

• Fixes 完成 roadmap 第二阶段 的前三个任务 #370

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.