openssl_pkey_derive-x25519.phpt - OpenGrok history log for /php-src/ext/openssl/tests/openssl_pkey

Revision		Date	Author	Comments
# 5f2a0c83		26-Apr-2024	Manuel Mausz	Add support for Curve25519 + Curve448 based keys For openssl_pkey_get_details we export the priv+pub parameters. ED25519/ED448 do not support streaming, so we need to use EVP_Di Add support for Curve25519 + Curve448 based keys For openssl_pkey_get_details we export the priv+pub parameters. ED25519/ED448 do not support streaming, so we need to use EVP_Digest{Sign,Verify} instead. In general the older EVP_{Sign,Verify} interface should be avoided as the key is passed very late. See BUGS section in OpenSSL manpages of EVP_{Sign,Verify}Final Additionally per requirement we need to allow sign/verify without digest. So we need to allow passing 0 as digest. In OpenSSL 3.0+ this also corresponds to the default digest (see EVP_PKEY_get_default_digest_name). For CSR creation we need to allow "null" as digest_alg option. Closes GH-14052 show more ...

Revision

Date

Author

Comments

# 5f2a0c83

26-Apr-2024

Manuel Mausz

Add support for Curve25519 + Curve448 based keys

For openssl_pkey_get_details we export the priv+pub parameters.

ED25519/ED448 do not support streaming, so we need to use
EVP_Di

Add support for Curve25519 + Curve448 based keys

For openssl_pkey_get_details we export the priv+pub parameters.

ED25519/ED448 do not support streaming, so we need to use
EVP_Digest{Sign,Verify} instead. In general the older EVP_{Sign,Verify}
interface should be avoided as the key is passed very late.
See BUGS section in OpenSSL manpages of EVP_{Sign,Verify}Final

Additionally per requirement we need to allow sign/verify without
digest. So we need to allow passing 0 as digest. In OpenSSL 3.0+ this also
corresponds to the default digest (see EVP_PKEY_get_default_digest_name).

For CSR creation we need to allow "null" as digest_alg option.

Closes GH-14052