[gnutls-devel] GnuTLS | algorithms: implement X448 key exchange and Ed448 signature scheme (!984)

[Development of GNU's TLS library]

Merge request https://gitlab.com/gnutls/gnutls/merge_requests/984 was reviewed by Nikos Mavrogiannopoulos

--
  
Nikos Mavrogiannopoulos started a new discussion on lib/algorithms/mac.c: https://gitlab.com/gnutls/gnutls/merge_requests/984#note_275649509

> +	{.name = "SHAKE-256",
> +	 .oid = HASH_OID_SHAKE_256,
> +	 .id = GNUTLS_MAC_SHAKE_256},

nit: we do not seem to use it anywhere but we don't set block size here although in SHA3 we do.

--
  
Nikos Mavrogiannopoulos started a new discussion on tests/privkey-keygen.c: https://gitlab.com/gnutls/gnutls/merge_requests/984#note_275649511

>  		digest = GNUTLS_DIG_SHA512;
> +	else if (algorithm == GNUTLS_PK_EDDSA_ED448)
> +		digest = GNUTLS_DIG_SHAKE_256;

That looks strange given that we do not claim its implementation. I'm not sure what's the best solution here. What about amending its documentation to mention that it is an allowed option on X448 signatures?

--
  
Nikos Mavrogiannopoulos started a new discussion on .gitlab-ci.yml: https://gitlab.com/gnutls/gnutls/merge_requests/984#note_275649513

> +  - popd
> +  - SUBMODULE_NOFETCH=1 ./bootstrap
> +  - PKG_CONFIG_PATH=$NETTLE_DIR/lib64/pkgconfig dash ./configure --cache-file cache/config.cache --disable-gcc-warnings --disable-doc --disable-guile --disable-gost

@lumag Is the disable-gost necessary? Will new versions of nettle work with gnutls or gnutls should have been compiled with `--disable-gost`?


-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/984
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200123/179c7b49/attachment.html>