luaossl
luaossl copied to clipboard
EdDSA is not supported
While one can construct Ed25519 key pair with pkey.new {type = "ED25519"}
it requires message digest context as its sign()
input but EdDSA supports only one-shot api (https://www.openssl.org/docs/man1.1.1/man7/Ed25519.html) and consequently sign()
method must accept only plain data and giving it a digest results in an error. Note that lua-resty-openssl
gets this aspect right: https://github.com/fffonion/lua-resty-openssl#pkeysign .
> pkey = require "openssl.pkey"
> k = pkey.new {type = "ED25519"}
> k:sign("abcd")
bad argument #1 to 'sign' (EVP_MD_CTX* expected, got string)
> digest = require "openssl.digest"
> h = digest.new("sha256")
> h:update("abcd")
> k:sign(h)
pkey:sign: pmeth_fn.c:39:error:0608D096:digital envelope routines:EVP_PKEY_sign_init:operation not supported for this keytype