From e88492917524df1258c2f1ab2a6db2ee10b38d5b Mon Sep 17 00:00:00 2001
From: Filippo Tessarotto <zoeslam@gmail.com>
Date: Fri, 4 Feb 2022 10:15:39 +0100
Subject: [PATCH] EC: decipher private key to generate signature

---
 phpseclib/Crypt/EC/PrivateKey.php |  2 +-
 tests/Unit/Crypt/EC/CurveTest.php | 13 +++++++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/phpseclib/Crypt/EC/PrivateKey.php b/phpseclib/Crypt/EC/PrivateKey.php
index 01e71d69..6e64f7eb 100644
--- a/phpseclib/Crypt/EC/PrivateKey.php
+++ b/phpseclib/Crypt/EC/PrivateKey.php
@@ -106,7 +106,7 @@ class PrivateKey extends EC implements Common\PrivateKey
 
         if ($this->curve instanceof TwistedEdwardsCurve) {
             if ($this->curve instanceof Ed25519 && self::$engines['libsodium'] && !isset($this->context)) {
-                $result = sodium_crypto_sign_detached($message, $this->toString('libsodium'));
+                $result = sodium_crypto_sign_detached($message, $this->withPassword(false)->toString('libsodium'));
                 return $shortFormat == 'SSH2' ? Strings::packSSH2('ss', 'ssh-' . strtolower($this->getCurve()), $result) : $result;
             }
 
diff --git a/tests/Unit/Crypt/EC/CurveTest.php b/tests/Unit/Crypt/EC/CurveTest.php
index cf2ad0a0..e43a4f7a 100644
--- a/tests/Unit/Crypt/EC/CurveTest.php
+++ b/tests/Unit/Crypt/EC/CurveTest.php
@@ -190,6 +190,19 @@ class Unit_Crypt_EC_CurveTest extends PhpseclibTestCase
         $this->assertTrue($publickey->verify($plaintext, $sig));
     }
 
+    public function testCanSignWithAnEncryptedPrivateKey()
+    {
+        EC::useBestEngine();
+
+        $plaintext = 'zzz';
+
+        $privatekey = EC::createKey('Ed25519')->withPassword('foo');
+        $publickey = $privatekey->getPublicKey();
+        $sig = $privatekey->sign($plaintext);
+
+        $this->assertTrue($publickey->verify($plaintext, $sig));
+    }
+
     /**
      * Sign with best engine, verify with internal engine
      *