Open sinu opened 3 years ago
How would an Ed25519ph certificate differ from a regular Ed25519 cert? I'm not aware of any parameters or OIDs that would indicate prehash operation
@randombit please see https://datatracker.ietf.org/doc/html/draft-ietf-curdle-pkix-00#section-11.3 https://datatracker.ietf.org/doc/html/draft-ietf-curdle-pkix-00#section-11.2
OID id-Curve25519 OBJECT IDENTIFIER ::= { 1.3.101.110 } id-Curve448 OBJECT IDENTIFIER ::= { 1.3.101.111 } id-Curve25519ph OBJECT IDENTIFIER ::= { 1.3.101.112 } id-Curve448ph OBJECT IDENTIFIER ::= { 1.3.101.113 }
Those parameters do not appear in the final RFC https://datatracker.ietf.org/doc/html/rfc8410
Hi all
I am facing issue to generate ed25519ph certificate, able to generate certificate with ED25519, can you guide me the syntax to generate ed25519ph
botan keygen --algo=Ed25519 --params=Ed25519ph > server_key.pem
botan sign_cert ca_cert.pem ca_key.pem server_csr.pem --hash=SHA-512 > server_cert.pem
openssl x509 -in server_cert.pem -text -noout