EC/PKCS8: OpenSSL didn't like phpseclib formed Ed25519 private keys

Tested with openssl pkey -in private.pem -pubout -text on OpenSSL 1.1.1f 31 Mar 2020
2024-12-04 02:28:06 +01:00 · 2022-02-14 20:42:29 -06:00 · 2022-02-14 20:42:29 -06:00 · 5bc572e2ce
commit 5bc572e2ce
parent f1dec13c38
3 changed files with 11 additions and 12 deletions
--- a/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php
+++ b/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php
@ -523,11 +523,13 @@ abstract class PKCS8 extends PKCS
        $key = [
            'version' => 'v1',
            'privateKeyAlgorithm' => [
-                'algorithm' => is_string(static::OID_NAME) ? static::OID_NAME : $oid,
+                'algorithm' => is_string(static::OID_NAME) ? static::OID_NAME : $oid
                'parameters' => $params
             ],
            'privateKey' => $key
        ];
        if ($oid != 'id-Ed25519' && $oid != 'id-Ed448') {
            $key['privateKeyAlgorithm']['parameters'] = $params;
        }
        if (!empty($attr)) {
            $key['attributes'] = $attr;
        }
--- a/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php
+++ b/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php
@ -226,8 +226,7 @@ abstract class PKCS8 extends Progenitor
                [],
                null,
                $password,
-                $curve instanceof Ed25519 ? 'id-Ed25519' : 'id-Ed448',
+                $curve instanceof Ed25519 ? 'id-Ed25519' : 'id-Ed448'
                "\0" . $curve->encodePoint($publicKey)
            );
        }
--- a/tests/Unit/Crypt/EC/KeyTest.php
+++ b/tests/Unit/Crypt/EC/KeyTest.php
@ -271,9 +271,11 @@ MCwwBwYDK2VwBQADIQAZv0QJaYTN/oVBusFn3DuWyFCGqjC2tssMXDitcDFm4Q==
    public function testEd25519PrivateKey()
    {
        // without public key (public key should be derived)
-        $key = PublicKeyLoader::load('-----BEGIN PRIVATE KEY-----
+        $expected = '-----BEGIN PRIVATE KEY-----
 MC4CAQAwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC
-----END PRIVATE KEY-----');
+-----END PRIVATE KEY-----';
        $key = PublicKeyLoader::load($expected);
        $this->assertSameNL($expected, $key->toString('PKCS8'));
        $this->assertSameNL('Ed25519', $key->getCurve());
        $this->assertSameNL('Ed25519', $key->getPublicKey()->getCurve());
@ -289,14 +291,10 @@ Z9w7lshQhqowtrbLDFw4rXAxZuE=
        // the above key not only omits NULL - it also includes a
        // unstructuredName attribute with a value of "Curdle Chairs"
        // that the following key does not have
-        $expected = '-----BEGIN PRIVATE KEY-----
+        $key = PublicKeyLoader::load('-----BEGIN PRIVATE KEY-----
 MFMCAQEwBwYDK2VwBQAEIgQg1O5y2/kTWErVttjx92n4rTr+fCjL8dT74Jeoj0R1
 WEKBIQAZv0QJaYTN/oVBusFn3DuWyFCGqjC2tssMXDitcDFm4Q==
-----END PRIVATE KEY-----';
+-----END PRIVATE KEY-----');
        $this->assertSameNL($expected, $key->toString('PKCS8'));
        $expected = EC::createKey('Ed25519')->toString('PKCS8');
        $key = PublicKeyLoader::load($expected);
        $this->assertSameNL('Ed25519', $key->getCurve());
        $this->assertSameNL('Ed25519', $key->getPublicKey()->getCurve());
    }