-
Notifications
You must be signed in to change notification settings - Fork 63
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Using SECp256k1/ECDSA instead of Ed25519 #46
Comments
No, there isn't, and there never will be. Libsodium is an opinionated API. You get one good algorithm for every use case. Fewer knobs and levers + more secure constructions = less crypto vulns in software that consumes the API. For public key cryptography, you get ECDH and EdDSA over Curve25519. No Weierstrass or Koblitz curves. If you want to use secp256k1 or foot-bullety ECDSA, maybe check out https://github.com/phpecc/phpecc instead? I can't vouch for the security of their library, of course. |
@faustbrian Would you buy a commercial version (so, it comes with support and official packages) that keeps the exact same API, but uses only NIST-approved primitives under the hood? |
@paragonie-scott Thanks, will take a look. @jedisct1 It is for an open-source project so not buying anything. |
I am currently working with data that requires to be handled with SECp256k1 instead of Ed25519. As far as I could find in the code, which could be wrong, everything is handled via Ed25519.
Is there some way with sodium/libsodium to make all crypto_sign_* methods use SECp256k1?
The text was updated successfully, but these errors were encountered: