You are not logged in.
- Topics: Active | Unanswered
#1 2022-11-02 07:18:48
- Oxymoron
- Member
- Registered: 2022-11-02
- Posts: 1
Ed25519
Hi all,
I am looking to sign a strinq with a private key using Ed25519. Is his possible with mORTMot ?
If yes could you please point me to a Demo or Documentation...
Thank you!
Offline
#2 2022-11-02 07:49:27
Re: Ed25519
It is not yet implemented with the native mORMot unit.
We favored ECC256 instead for public key cryptography, for historical reasons.
But with OpenSSL, you can use mormot.crypt.openssl and then you will have ED25519 support.
You can use low-level OpenSslSign() function or our high-level ICryptAsym interface, with 'EdDSA' kind of algorithm.
Offline
#3 2022-11-02 10:22:39
- igors233
- Member
- Registered: 2012-09-10
- Posts: 234
Re: Ed25519
Just a note to everyone using OpenSSL there's a major vulnerability discovered, it's necessary to update both client/server:
https://www.tenable.com/blog/cve-2022-3 … rabilities
Offline
#4 2022-11-02 15:44:58
Re: Ed25519
The CVE states:
In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.
So it is not a very common process - you need either a malicious server, or mutual authentication from the client - which is not the case for 99% of the HTTPS requests I guess.
Offline