[WAL-447] feat: Ed25519 + secp256k1 support on iOS/Android

[szijpeter]

Summary

Add Ed25519 and secp256k1 support on iOS and Android, addressing the algorithm gap left by Signum (which only supports NIST curves + RSA). Uses cryptography-kotlin 0.6.0 as a supplementary crypto backend for the unsupported algorithms.

Why

Walt-id supports 8 key types. Signum handles 6 (P-256, P-384, P-521, RSA/2048/3072/4096). The 2 it cannot:

Key Type	Used for	Signum	This PR
Ed25519	did:key, did:jwk, DID/VC interop	❌	✅ via cryptography-kotlin
secp256k1	Bitcoin/Ethereum DIDs, blockchain VCs	❌	✅ via cryptography-kotlin

These algorithms cannot be hardware-backed on either platform (neither Android KeyStore nor iOS Secure Enclave support them). They are software-backed keys by necessity.

Architecture

sealed class IosKey / AndroidKey
├── Hardware (Signum/Supreme)         ← P-256, RSA — platform keystore backed
│   └── create() / load() / delete()
└── Software (cryptography-kotlin)    ← Ed25519, secp256k1 — software backed
    └── create() / load(jwkBytes) / exportKeyMaterial()

No top-level companion / factory — callers go directly to the subclass they need. The type system enforces the distinction.

Persistence: PlatformKeyStore (renamed from HardwareKeyStore) stores software key material (JWK) in a SQLite column alongside hardware key metadata. Hardware keys persist in the platform keystore; software keys persist in the database.

Platform crypto providers

Platform	Ed25519	secp256k1	Provider
iOS	CryptoKit (via cryptography-provider-optimal)	OpenSSL3 (via cryptography-provider-openssl3-prebuilt)	~5MB
Android	BouncyCastle (via cryptography-provider-jdk)	BouncyCastle (via cryptography-provider-jdk)	Uses existing BC dep

Dependency sizes

Library	Size	Role
cryptography-core	~200KB	Common API
cryptography-provider-optimal (iOS)	~1MB	CryptoKit + Apple provider (Ed25519)
cryptography-provider-openssl3-prebuilt (iOS)	~1.4MB	Prebuilt OpenSSL (secp256k1)
cryptography-provider-jdk (Android)	~200KB	JCA wrapper (uses existing BouncyCastle)

What changed

Crypto module (waltid-crypto):

• IosKey.kt / AndroidKey.kt → sealed hierarchy with Hardware + Software subclasses
• JWKKey.ios.kt → Ed25519/secp256k1 support via SoftwareKeyOps helper
• Added iOS tests (IosKeyTest.kt, JWKKeyIosTest.kt)
• Rewrote AndroidKeyTest.kt with parameterized hardware + software tests

Wallet persistence (waltid-openid4vc-wallet-persistence):

• HardwareKeyStore → PlatformKeyStore (handles both hardware + software keys)
• PlatformKeyProvider interface extended with loadSoftwareKey(), exportSoftwareKeyMaterial(), isHardwareBacked()
• SQLite schema: added key_material TEXT column for software key JWK storage
• IosPlatformKeyProvider / AndroidPlatformKeyProvider updated to dispatch by key type

JWS construction for EdDSA/ES256K

Signum's indispensable-josef has no JwsAlgorithm.EdDSA or JwsAlgorithm.ES256K — its JOSE types are a closed set (EC + RSA only). For software keys, JWS is constructed manually using existing utilities:

• KeyUtils.rawSignaturePayloadForJws() — builds header + payload base64url
• KeyUtils.signJwsWithRawSignature() — concatenates into compact serialization
• JwsUtils.decodeJwsStrings() — parses JWS for verification

No new utility files were needed — everything reuses existing code.

Future work

• iOS Ed25519 could use Keychain directly (Apple supports kSecAttrKeyTypeEdDSA since iOS 13) for OS-level persistence instead of SQLite
• iOS hardware key tests need an Xcode test app (Keychain requires app bundle context)
• If Signum adds EdDSA support (a-sit-plus/signum#162), cryptography-kotlin can be dropped

Test plan

• iOS simulator: 17 tests pass (5 IosKey.Software + 6 JWKKey + 1 Conversion + 5 secp256k1)
• Android emulator: 11 tests pass (5 Hardware P-256/RSA + 5 Software Ed25519/secp256k1 + 1 Conversion)
• EUDI e2e: credential receive + present against public EUDI backends passes
• No regressions on existing P-256/RSA operations
• iOS hardware tests (require app bundle — TODO, tests written but need Xcode test app)

Related to WAL-447

[linear]

WAL-447

WAL-1033

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 746e9e94-9ac6-4cb2-aa35-5221f42641dc

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[waltkb]

Looks pretty fine in this state already

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud