According to OpenSSL ChangeLog, OpenSSL 1.1.1 added support for EdDSA (which includes Ed25519). I'm running PHP 7.3.5 with OpenSSL 1.1.1b, which should support it. I tried to use an Ed25519 (the ones from https://www.rfc-editor.org/rfc/rfc8410#section-10.3). That got me the following error (as returned by openssl_error_string()) with the "Ed25519 private key without the public key" key.
error:0608D096:digital envelope routines:EVP_PKEY_sign_init:operation not supported for this keytype
The "Ed25519 private key encoded with an attribute and the public key" key got me a different error.
Warning: openssl_sign(): supplied key param cannot be coerced into a private key in /path/to/test.php on line 3 bad error:0D078094:asn1 encoding routines:asn1_item_embed_d2i:sequence length mismatch
This the code I used.
$r = openssl_sign('hello, world!', $signature, '-----BEGIN PRIVATE KEY-----
MHICAQEwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC
oB8wHQYKKoZIhvcNAQkJFDEPDA1DdXJkbGUgQ2hhaXJzgSEAGb9ECWmEzf6FQbrB
Z9w7lshQhqowtrbLDFw4rXAxZuE=
-----END PRIVATE KEY-----');
echo $r ? 'good' : 'bad';
echo "\n";
echo openssl_error_string();
I guess PHP just doesn't yet support Ed25519.
I guess not, if we go by the documentation, it looks like the signing/verification requirements are different from the normal usage of the openssl library.
The Ed25519 and Ed448 EVP_PKEY implementation supports key generation, one-shot digest sign and digest verify using PureEdDSA and Ed25519 or Ed448 (see RFC8032).
and comments like:
The PureEdDSA algorithm does not support the streaming mechanism of other signature algorithms using, for example, EVP_DigestUpdate(). The message to sign or verify must be passed using the one-shot EVP_DigestSign() and EVP_DigestVerify() functions.
When calling EVP_DigestSignInit() or EVP_DigestVerifyInit(), the digest type parameter MUST be set to NULL.
So, unless you can call the openssl api directly or can add more openssl glue functions to support one-shot signing/verification support then I guess not.