I have a situation where i have to verify a certificate signature with the ed25519ph (sha512) algorithm. The library that verifies the signature only knows this algorithm. The certificate i already had was signed with ed25519 only and i didn't have any other certificates nor a tool to generate a new one, so i resorted to openssl - for now it's the best option. I spend some time this week reading and trying a bunch of times the generation of a new certificate in the der format with ed25519ph... but i can't find out if i'm doing it the right way. I don't have a tool to check if the sha512 part was done.
So, using openssl version 3.0.7, i execute the following:
openssl genpkey -algorithm ED25519 -out private_key.pem - for an ed25519 private key; there is no ed25519ph... but here i must say - i don't really get all the details about the ed25519ph. I know at some point ed25519 is used and the sha512 should be used somewhere... but yeah...
then i try to use this to generate the certificate: openssl req -x509 -new -nodes -key private_key.pem -sha512 -days 365 -out root_certificate.pem
this certificate i convert to der, somehow like this: openssl x509 -outform DER -in root_certificate.pem -out root_certificate.der
and then i can check the certificate with a hex viewer and also openssl that it's in der format.
I use the der certificate as a c structure which i give to the Verification algorithm and it fails somewhere where the sha512 is performed... like i mentioned it really tries to perform ed25519ph on the certificate/signature. I know it extracts properly the "message" and the signature, the public key from the certificate. but the signature verification fails from the fact that the sha512 is not correct... the only variant being that the algorithm used is ed25519 and not ed25519ph.
So, openssl 3.0.7 supports ed25519ph, but do i use it properly? What mistakes do i commit?
Also, to check if i have ed25519 at least i use this tool: https://cyphr.me/ed25519_applet/ed.html
Unfortunately it doesn't support ed25519ph and i can't confirm if i really generated a good certificate or not.
So, any help or ideas in regards to this - would really change my week. :)
