From feced404bb3431589bd3acb95a1d3c895b6a1886 Mon Sep 17 00:00:00 2001
From: terrafrost <terrafrost@gmail.com>
Date: Fri, 15 Jul 2022 08:53:06 -0500
Subject: [PATCH] EC/PKCS8: OpenSSL didn't like phpseclib formed Ed25519 public
 keys

---
 phpseclib/Crypt/Common/Formats/Keys/PKCS8.php |  7 +++++--
 tests/Unit/Crypt/EC/KeyTest.php               | 13 +++----------
 2 files changed, 8 insertions(+), 12 deletions(-)

diff --git a/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php b/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php
index 11d99567..0244c66b 100644
--- a/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php
+++ b/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php
@@ -625,12 +625,15 @@ abstract class PKCS8 extends PKCS
 
         $key = [
             'publicKeyAlgorithm' => [
-                'algorithm' => is_string(static::OID_NAME) ? static::OID_NAME : $oid,
-                'parameters' => $params
+                'algorithm' => is_string(static::OID_NAME) ? static::OID_NAME : $oid
             ],
             'publicKey' => "\0" . $key
         ];
 
+        if ($oid != 'id-Ed25519' && $oid != 'id-Ed448') {
+            $key['publicKeyAlgorithm']['parameters'] = $params;
+        }
+
         $key = ASN1::encodeDER($key, Maps\PublicKeyInfo::MAP);
 
         return "-----BEGIN PUBLIC KEY-----\r\n" .
diff --git a/tests/Unit/Crypt/EC/KeyTest.php b/tests/Unit/Crypt/EC/KeyTest.php
index 4fba2b7d..979d3c59 100644
--- a/tests/Unit/Crypt/EC/KeyTest.php
+++ b/tests/Unit/Crypt/EC/KeyTest.php
@@ -256,18 +256,11 @@ BjoJZJZQztmlj7Qep/sf1l8=
     // from https://tools.ietf.org/html/draft-ietf-curdle-pkix-07#section-10.1
     public function testEd25519PublicKey()
     {
-        $key = PublicKeyLoader::load('-----BEGIN PUBLIC KEY-----
-MCowBQYDK2VwAyEAGb9ECWmEzf6FQbrBZ9w7lshQhqowtrbLDFw4rXAxZuE=
------END PUBLIC KEY-----');
-        $this->assertSameNL('Ed25519', $key->getCurve());
-
-        // in the above key AlgorithmIdentifier has a single "child". in the
-        // following key it has two. The second one is ("optional") NULL.
-        // https://security.stackexchange.com/q/110330/15922 elaborates on
-        // why phpseclib is encoding the NULL as opposed to omitting it.
         $expected = '-----BEGIN PUBLIC KEY-----
-MCwwBwYDK2VwBQADIQAZv0QJaYTN/oVBusFn3DuWyFCGqjC2tssMXDitcDFm4Q==
+MCowBQYDK2VwAyEAGb9ECWmEzf6FQbrBZ9w7lshQhqowtrbLDFw4rXAxZuE=
 -----END PUBLIC KEY-----';
+        $key = PublicKeyLoader::load($expected);
+        $this->assertSameNL('Ed25519', $key->getCurve());
         $this->assertSameNL($expected, $key->toString('PKCS8'));
     }