5

I have been using the openssl libraries in PHP to generate keypairs for RSA encryption, and have seen that in the latest version of PHP, 7.2, libsodium has now been integrated.

I would like to update to the newer library, and can generate the keypairs. In the openssl libraries I was able to export the keys to an encrypted keyfile, for storage on the filesystem.

How is this equivalence achieved with libsodium?

Thanks,

Leon

Itergator
  • 299
  • 3
  • 16

1 Answers1

1

libsodium does not support RSA. Per https://wiki.php.net/rfc/libsodium the algorithms that libsodium supports are as follows:

  • Password hashing and key derivation (sodium_crypto_pwhash_*)

    • Argon2i (the chosen algorithm of the Password Hashing Competition)
    • Scrypt
  • ECDH over Curve25519 (sodium_crypto_box)
  • Authenticated secret key encryption (sodium_crypto_secretbox)
  • Ed25519 digital signatures (sodium_crypto_sign)
  • AEAD Modes
    • ChaCha20-Poly1305
    • AES-256-GCM

One of the design principals of libsodium is that people don't know how to choose the best cryptographic primitive so libsodium chooses for you and doesn't let you choose for yourself.

neubert
  • 15,947
  • 24
  • 120
  • 212
  • 4
    Ok, I now understand that RSA is not supported, but asymmetric key encryption is. How would you go about exporting and encrypting the key on the file system for later use? – Itergator Mar 02 '18 at 16:28