#1 2022-11-02 07:18:48

Oxymoron
Member
Registered: 2022-11-02
Posts: 1

Ed25519

Hi all,

I am looking to sign a strinq with a private key using Ed25519. Is his possible with mORTMot ?
If yes could you please point me to a Demo or Documentation...

Thank you!

Offline

#2 2022-11-02 07:49:27

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,661
Website

Re: Ed25519

It is not yet implemented with the native mORMot unit.
We favored ECC256 instead for public key cryptography, for historical reasons.

But with OpenSSL, you can use mormot.crypt.openssl and then you will have ED25519 support.
You can use low-level OpenSslSign() function or our high-level ICryptAsym interface, with 'EdDSA' kind of algorithm.

Offline

#3 2022-11-02 10:22:39

igors233
Member
Registered: 2012-09-10
Posts: 241

Re: Ed25519

Just a note to everyone using OpenSSL there's a major vulnerability discovered, it's necessary to update both client/server:
https://www.tenable.com/blog/cve-2022-3 … rabilities

Offline

#4 2022-11-02 15:44:58

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,661
Website

Re: Ed25519

The CVE states:

In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.

So it is not a very common process - you need either a malicious server, or mutual authentication from the client - which is not the case for 99% of the HTTPS requests I guess.

Offline

Board footer

Powered by FluxBB