-
-
Notifications
You must be signed in to change notification settings - Fork 753
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Encryption/decryption using Ed25519. #2272
Comments
ed25519 is a signature algorithm, it cannot be used for encryption.
…On Mon, Jul 29, 2024 at 5:51 PM Rahul Subramaniyam ***@***.***> wrote:
I am trying to encrypt using Ed25519, I ran into this error:
ErrorStack([Error { code: 50331798, library: "digital envelope routines", function: "evp_pkey_asym_cipher_init", reason: "operation not supported for this keytype", file: "crypto/evp/asymcipher.c", line: 189 }])
From looking around previous reports on this error, I am not sure if encryption/decryption is even supported for Ed25519, as it is primarily intended for signatures. Please let mw know.
Some context on why Ed25519 is being used: we have existing infra that uses biscuit_auth for authentication, and biscuit is primarily based on Ed25519. Ideally, would like to use the same key pair for the encrypt/decrypt as well.
Thanks.
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>
--
All that is necessary for evil to succeed is for good people to do nothing.
|
Thanks for confirming. In this case, what are the choices apart from RSA for the asymmetric encryption? Any EC based ones that should be preferred? |
It is possible to use ECDH to build a hybrid asymmetric encryption scheme
(see, ECIES for example).
…On Mon, Jul 29, 2024 at 6:08 PM Rahul Subramaniyam ***@***.***> wrote:
Thanks for confirming. In this case, what are the choices apart from RSA
for the asymmetric encryption? Any EC based ones that should be preferred?
—
Reply to this email directly, view it on GitHub
<#2272 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAAGBFPV6MS3SKSZCX4CXDZO24MFAVCNFSM6AAAAABLVDGJTGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDENJXGA4TEOJXGQ>
.
You are receiving this because you commented.Message ID:
***@***.***>
--
All that is necessary for evil to succeed is for good people to do nothing.
|
From what I understand, ECIES is not something openssl supports as is. We would need to add some layers on top for the hybrid scheme. Is this correct? |
Yes, you'd have to build it yourself.
…On Mon, Jul 29, 2024 at 6:22 PM Rahul Subramaniyam ***@***.***> wrote:
From what I understand, ECIES is not something openssl supports as is. We would need to add some layers on top for the hybrid scheme. Is this correct?
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you commented.Message ID: ***@***.***>
--
All that is necessary for evil to succeed is for good people to do nothing.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I am trying to encrypt using Ed25519, I ran into this error:
ErrorStack([Error { code: 50331798, library: "digital envelope routines", function: "evp_pkey_asym_cipher_init", reason: "operation not supported for this keytype", file: "crypto/evp/asymcipher.c", line: 189 }])
From looking around previous reports on this error, I am not sure if encryption/decryption is even supported for Ed25519, as it is primarily intended for signatures. Please let mw know.
Some context on why Ed25519 is being used: we have existing infra that uses
biscuit_auth
for authentication, and biscuit is primarily based on Ed25519. Ideally, would like to use the same key pair for the encrypt/decrypt as well.Thanks.
The text was updated successfully, but these errors were encountered: