Direct Ed25519 functionality
Nikolaos D. Bougalis
nikb at bougalis.net
Sat Aug 12 22:30:21 UTC 2023
Thanks Bill, that’s what I thought. It’s somewhat unfortunate, as the high-level EVP APIs impose additional complexity (and actually measurable overhead over the raw ED25519_xxx APIs I mentioned) in situations that don’t require/warrant the flexibility that the EVP interface provides.
Using OpenSSL (which is already a dependency) for Ed25519 would allow me to eliminate a separate dependency on donna-ed25519, but I’m not sure I can justify the increased API complexity and the significant performance degradation (on the order of 50% for signing and 100% for verification).
On Sat, Aug 12, 2023 at 12:04, Billy Brumley <[bbb at iki.fi](mailto:On Sat, Aug 12, 2023 at 12:04, Billy Brumley <<a href=)> wrote:
> Hey Nik,
>> OpenSSL 1.1.1 includes three functions for “direct” Ed25519 signing and verification:
>> Am I missing something here? Are these intentionally undocumented? Is there a reason why we don’t
>> make them publicly available?
> All crypto operations, including Ed25519, should use the higher level EVP
> interface. It's an architecture design decision in OpenSSL.
> Hope it helps,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users