[gnutls-devel] GnuTLS | Add configuration option to disable/enable DSA (!1850)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Wed Jul 17 23:50:58 CEST 2024
Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1850 was reviewed by Daiki Ueno
--
Daiki Ueno started a new discussion on lib/crypto-selftests-pk.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1850#note_2004361143
> FALLTHROUGH;
> case GNUTLS_PK_DSA:
> +#ifdef ENABLE_DSA_SIGN
Why not include `case GNUTLS_PK_DSA:` in this `#ifdef` block, like the `ENABLE_GOST` case?
--
Daiki Ueno started a new discussion on configure.ac: https://gitlab.com/gnutls/gnutls/-/merge_requests/1850#note_2004361178
> LIBS=$save_LIBS
>
> +AC_ARG_ENABLE(dsa-sign,
I would move this near the other `AC_ARG_ENABLE` handling (e.g., after line 735), instead of the middle of the Nettle function checks.
--
Daiki Ueno started a new discussion on lib/algorithms/sign.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1850#note_2004361190
> .aid = TLS_SIGN_AID_UNKNOWN },
> -
> +#ifdef ENABLE_DSA_SIGN
We usually keep known algorithms in the algorithm database, but filter them at the usage; for example, GOST signing algorithms are still there, though it's filtered out in `_wrap_nettle_pk_exists` or so.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1850
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20240717/2b990dcb/attachment.html>
More information about the Gnutls-devel
mailing list