Open daa opened 3 years ago
Had a look at this today.... and gee OpenSSL have really made a mess of things :(
They seem to want us to go via EVP_DigestSignInit
and have the key upfront rather than only at signing time. Apparently they consider this a "bug" rather than a feature:
Since the private key is passed in the call to EVP_SignFinal() any error relating to the private key (for example an unsuitable key and digest combination) will not be indicated until after potentially large amounts of data have been passed through EVP_SignUpdate().
It is not possible to change the signing parameters using these function.
The previous two bugs are fixed in the newer EVP_SignDigest*() function.
This indicates we might need a larger overhaul that I hoped for.
While one can construct Ed25519 key pair with
pkey.new {type = "ED25519"}
it requires message digest context as itssign()
input but EdDSA supports only one-shot api (https://www.openssl.org/docs/man1.1.1/man7/Ed25519.html) and consequentlysign()
method must accept only plain data and giving it a digest results in an error. Note thatlua-resty-openssl
gets this aspect right: https://github.com/fffonion/lua-resty-openssl#pkeysign .