Key Derivation API

Dmitry Eremin-Solenikov dbaryshkov at gmail.com
Mon Jan 13 23:30:33 CET 2014


Hello,

As I'm digging into gpgsm support for GOST curves and kx/ecdh schemes for
GnuTLS,
I feel a desperate need for the key derivation API not limited to plain
ECDH.
Is it fine to extend the key exchange API on top of
gcry_pk_encrypt()/decrypt() (to add plain DH
shared secret computation, GOST algorithms, etc)?
Would it be better to add special gcry_pk_derive (?) API?

Actually I had the following prototype in mind:
gcry_error_t gcry_pk_derive (gcry_sexp_t *result, gcry_sexp_t data,
gcry_sexp_t privkey, gcry_sexp_t pubkey)

-- 
With best wishes
Dmitry
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20140114/0456c06f/attachment.html>


More information about the Gcrypt-devel mailing list