Using SECp256k1/ECDSA instead of Ed25519

[faustbrian]

I am currently working with data that requires to be handled with SECp256k1 instead of Ed25519. As far as I could find in the code, which could be wrong, everything is handled via Ed25519.

Is there some way with sodium/libsodium to make all crypto_sign_* methods use SECp256k1?

// Need this to be done with SECp256k1
function getKeysFromSecret($secret) {
	$hash = hash('sha256', $secret, true);

	$keypair = \Sodium\crypto_sign_seed_keypair($hash);

	$secret = \Sodium\crypto_sign_secretkey($keypair);
	$public = \Sodium\crypto_sign_publickey($keypair);
}

[paragonie-scott]

Is there some way with sodium/libsodium to make all crypto_sign_* methods use SECp256k1?

No, there isn't, and there never will be.

Libsodium is an opinionated API. You get one good algorithm for every use case. Fewer knobs and levers + more secure constructions = less crypto vulns in software that consumes the API.

For public key cryptography, you get ECDH and EdDSA over Curve25519. No Weierstrass or Koblitz curves.

If you want to use secp256k1 or foot-bullety ECDSA, maybe check out https://github.com/phpecc/phpecc instead? I can't vouch for the security of their library, of course.

[jedisct1]

@faustbrian Would you buy a commercial version (so, it comes with support and official packages) that keeps the exact same API, but uses only NIST-approved primitives under the hood?

[faustbrian]

@paragonie-scott Thanks, will take a look.

@jedisct1 It is for an open-source project so not buying anything.