questions on using ed25519
Viktor Dukhovni
openssl-users at dukhovni.org
Wed Apr 22 17:12:05 UTC 2020
On Wed, Apr 22, 2020 at 01:27:03PM +0200, Nicola Tuveri wrote:
> Unfortunately at the moment the command line utilities do not support
> generating Ed25519 or Ed448 signatures for files.
>
> The reason is that in OpenSSL at the moment we only support pureEd25519,
> which does not prehash the "message" to be signed, as Viktor mentioned
> before.
Which means no support in dgst(1), but that manpage suggests pkeyutl(1),
which e.g. for RSA supports signing raw (unhashed input), but sadly the
EVP_PKEY_METHOD for ed25519 has a NULL sign() member, instead, somewhat
ironically, it has a digestsign() method. This is presumably to
distinguish between the pure and prehash variants. Therefore, presently
pkeyutl(1) indeed appears to not implement signing and verifying with
ed25519, this looks doable with modest effort.
--
Viktor.
More information about the openssl-users
mailing list