[openssl-project] EdDSA and "default_md"?

Viktor Dukhovni openssl-users at dukhovni.org
Wed Aug 8 20:22:23 UTC 2018

Don't know whether everyone here also reads openssl-users, so to recap,
Robert Moskowitz <rgm at htt-consult.com> reports considerable frustration
as a result of "default_md = sha256" being incompatible with Ed25519
(and Ed448).  He's working around this with "-md null" sprinkled about
liberally, but it is not especially intutive.

What should we do here?  Perhaps we need a "default_md = default" that
picks a sensible default for each key algorithm (sha256 typically,
but "null" for EdDSA)?  Or ignore "default_md" with EdDSA, or ???


More information about the openssl-project mailing list