Always select SHA-256 or longer hash for Ed25519 signatures (new format)

Due to a bug, a shorter hash could be selected, and signing would throw as a result.
This change fixes the issue by automatically picking SHA-256, if needed.
The same was already done for legacy EdDSA signatures.

src/crypto/crypto.js

@@ -468,3 +468,20 @@ function checkSupportedCurve(oid) {
     throw new UnsupportedError('Unknown curve OID');
   }
 }
+
+/**
+ * Get preferred hash algo for a given elliptic algo
+ * @param {module:enums.publicKey} algo - alrogithm identifier
+ * @param {module:type/oid} [oid] - curve OID if needed by algo
+ */
+export function getPreferredCurveHashAlgo(algo, oid) {
+  switch (algo) {
+    case enums.publicKey.ecdsa:
+    case enums.publicKey.eddsaLegacy:
+      return publicKey.elliptic.getPreferredHashAlgo(oid);
+    case enums.publicKey.ed25519:
+      return enums.hash.sha256;
+    default:
+      throw new Error('Unknown elliptic signing algo');
+  }
+}

src/key/helper.js

@@ -5,8 +5,6 @@
  */
 
 import {
-  PublicKeyPacket,
-  PublicSubkeyPacket,
   SecretKeyPacket,
   SecretSubkeyPacket,
   SignaturePacket
@@ -129,17 +127,11 @@ export async function getPreferredHashAlgo(key, keyPacket, date = new Date(), us
         prefAlgo : hashAlgo;
     }
   }
-  switch (Object.getPrototypeOf(keyPacket)) {
-    case SecretKeyPacket.prototype:
-    case PublicKeyPacket.prototype:
-    case SecretSubkeyPacket.prototype:
-    case PublicSubkeyPacket.prototype:
   switch (keyPacket.algorithm) {
-        case enums.publicKey.ecdh:
     case enums.publicKey.ecdsa:
     case enums.publicKey.eddsaLegacy:
-          prefAlgo = crypto.publicKey.elliptic.getPreferredHashAlgo(keyPacket.publicParams.oid);
-      }
+    case enums.publicKey.ed25519:
+      prefAlgo = crypto.getPreferredCurveHashAlgo(keyPacket.algorithm, keyPacket.publicParams.oid);
   }
   return crypto.hash.getHashByteLength(hashAlgo) <= crypto.hash.getHashByteLength(prefAlgo) ?
     prefAlgo : hashAlgo;