singpolyma
commented
8 years ago Do you have a PHP library for ECC that you're using?
Open ctrlcctrlv opened 9 years ago
singpolyma
commented
8 years ago Do you have a PHP library for ECC that you're using?
ctrlcctrlv
commented
8 years ago Yep, libsodium-php, but I want to make it so that people can export their keys in GnuPG format.
Rotzbua
commented
6 years ago You can use openssl for encryption and signing. Of course you need a modern openssl version which support ecc.
Mikiya83
commented
5 years ago Any news about ECC support ? Thanks
sartor
commented
3 years ago I need this feature too
Rotzbua
commented
3 years ago @sartor Then implement it and create a pr.
mpdude
commented
3 years ago Could anyone give some starting pointers what would be needed for this extension? In particular for adding the necessary import/export formats (“packet” in GPG speak?), when libsodium would be used for the heavy lifting parts?
mpdude
commented
2 years ago @singpolyma do you think you could give some starting pointers what needs to be done for this?
singpolyma
commented
2 years ago I have put in the extensions needed for ECDH, ECDSA, and EdDSA key parsing, serialization, and fingerprint calculation 3b62407e877fc65900ce7695753b010826043397
singpolyma
commented
2 years ago Support for verifying Ed25519 signatures: fe63af6334c482a4c6f580267a60b09164dc4e4d
singpolyma
commented
2 years ago sodium will not be able to support the full range of OpenPGP ECC options, since it is limited to 25519 curve, but it's a start
mpdude
commented
2 years ago 😮
🕺🏼 Thank you @singpolyma!
Now I will have to learn how to use it.
My goal is writing a pure-PHP CLI that can be used by Git instead of a full GPG implementation, and just for signing.
Maybe that can lower the barrier for PHP devs to start signing their Git commits.
Rotzbua
commented
2 years ago @mpdude As mentioned in https://github.com/singpolyma/openpgp-php/issues/13#issuecomment-352028324 just use openssl. I already implemented it years ago. Unfortunately the code is lost 😢 and the only thing I remember that I used normal openssl for the ecc crypto part. Good luck 🚀
ECC keys were recently added to GnuPG, and various RFCs are open or accepted for it:
https://www.gnupg.org/faq/whats-new-in-2.1.html https://www.ietf.org/id/draft-koch-eddsa-for-openpgp-03.txt https://www.gnupg.org/documentation/manuals/gcrypt/ECC-key-parameters.html#ECC-key-parameters https://tools.ietf.org/html/rfc6637 https://www.ietf.org/mail-archive/web/openpgp/current/msg07321.html
However, openpgp-php doesn't support ECC keys. I've been trying to add it myself, but it's quite difficult. I'm not sure what key fields I should use, for example.
Anyone have any ideas or want to take a crack at it? ECC keys are awesome and super useful.