openssl_sign 支持 Ed25519 密钥吗?
does openssl_sign support Ed25519 keys?
根据OpenSSL ChangeLog, OpenSSL 1.1.1 added support for EdDSA (which includes Ed25519). I'm running PHP 7.3.5 with OpenSSL 1.1.1b, which should support it. I tried to use an Ed25519 (the ones from https://www.rfc-editor.org/rfc/rfc8410#section-10.3)。这让我遇到了以下错误(由 openssl_error_string() 返回),其中包含“Ed25519 私钥没有 public 密钥 ”密钥。
error:0608D096:digital envelope routines:EVP_PKEY_sign_init:operation not supported for this keytype
使用属性编码的“Ed25519 私钥和 public 密钥”密钥给我带来了不同的错误。
Warning: openssl_sign(): supplied key param cannot be coerced into a private key in /path/to/test.php on line 3 bad error:0D078094:asn1 encoding routines:asn1_item_embed_d2i:sequence length mismatch
这是我使用的代码。
$r = openssl_sign('hello, world!', $signature, '-----BEGIN PRIVATE KEY-----
MHICAQEwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC
oB8wHQYKKoZIhvcNAQkJFDEPDA1DdXJkbGUgQ2hhaXJzgSEAGb9ECWmEzf6FQbrB
Z9w7lshQhqowtrbLDFw4rXAxZuE=
-----END PRIVATE KEY-----');
echo $r ? 'good' : 'bad';
echo "\n";
echo openssl_error_string();
我想 PHP 只是还不支持 Ed25519。
我猜不是,如果我们按照 documentation,看起来 signing/verification 要求与 openssl 库的正常用法不同。
The Ed25519 and Ed448 EVP_PKEY implementation supports key generation,
one-shot digest sign and digest verify using PureEdDSA and Ed25519 or
Ed448 (see RFC8032).
评论如下:
The PureEdDSA algorithm does not support the streaming mechanism of other signature algorithms using, for example, EVP_DigestUpdate(). The message to sign or verify must be passed using the one-shot EVP_DigestSign() and EVP_DigestVerify() functions.
When calling EVP_DigestSignInit() or EVP_DigestVerifyInit(), the digest type parameter MUST be set to NULL.
所以,除非你可以直接调用 openssl api 或者可以添加更多的 openssl 胶水函数来支持 one-shot signing/verification 否则我想不会。
根据OpenSSL ChangeLog, OpenSSL 1.1.1 added support for EdDSA (which includes Ed25519). I'm running PHP 7.3.5 with OpenSSL 1.1.1b, which should support it. I tried to use an Ed25519 (the ones from https://www.rfc-editor.org/rfc/rfc8410#section-10.3)。这让我遇到了以下错误(由 openssl_error_string() 返回),其中包含“Ed25519 私钥没有 public 密钥 ”密钥。
error:0608D096:digital envelope routines:EVP_PKEY_sign_init:operation not supported for this keytype
使用属性编码的“Ed25519 私钥和 public 密钥”密钥给我带来了不同的错误。
Warning: openssl_sign(): supplied key param cannot be coerced into a private key in /path/to/test.php on line 3 bad error:0D078094:asn1 encoding routines:asn1_item_embed_d2i:sequence length mismatch
这是我使用的代码。
$r = openssl_sign('hello, world!', $signature, '-----BEGIN PRIVATE KEY-----
MHICAQEwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC
oB8wHQYKKoZIhvcNAQkJFDEPDA1DdXJkbGUgQ2hhaXJzgSEAGb9ECWmEzf6FQbrB
Z9w7lshQhqowtrbLDFw4rXAxZuE=
-----END PRIVATE KEY-----');
echo $r ? 'good' : 'bad';
echo "\n";
echo openssl_error_string();
我想 PHP 只是还不支持 Ed25519。
我猜不是,如果我们按照 documentation,看起来 signing/verification 要求与 openssl 库的正常用法不同。
The Ed25519 and Ed448 EVP_PKEY implementation supports key generation, one-shot digest sign and digest verify using PureEdDSA and Ed25519 or Ed448 (see RFC8032).
评论如下:
The PureEdDSA algorithm does not support the streaming mechanism of other signature algorithms using, for example, EVP_DigestUpdate(). The message to sign or verify must be passed using the one-shot EVP_DigestSign() and EVP_DigestVerify() functions.
When calling EVP_DigestSignInit() or EVP_DigestVerifyInit(), the digest type parameter MUST be set to NULL.
所以,除非你可以直接调用 openssl api 或者可以添加更多的 openssl 胶水函数来支持 one-shot signing/verification 否则我想不会。