EC: when using openssl to do signing use unencrypted key

phpseclib · Jan 24, 2024 · 6a6c222 · 6a6c222 · terrafrost · Jan 24, 2024
1 parent 6b34da4
commit 6a6c222
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/phpseclib/Crypt/EC/PrivateKey.php b/phpseclib/Crypt/EC/PrivateKey.php
@@ -150,7 +150,7 @@ public function sign($message)
             // we use specified curves to avoid issues with OpenSSL possibly not supporting a given named curve;
             // doing this may mean some curve-specific optimizations can't be used but idk if OpenSSL even
             // has curve-specific optimizations
-            $result = openssl_sign($message, $signature, $this->toString('PKCS8', ['namedCurve' => false]), $this->hash->getHash());
+            $result = openssl_sign($message, $signature, $this->withPassword()->toString('PKCS8', ['namedCurve' => false]), $this->hash->getHash());
 
             if ($result) {
                 if ($shortFormat == 'ASN1') {