<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">
<html lang="en">
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
<title>
GitLab
</title>
<style>img {
max-width: 100%; height: auto;
}
</style>
</head>
<body>
<div class="content">
<div>
<p dir="auto">The documentation of gnutls_privkey_sign_hash() says: “Note that, not all algorithm support signing already hashed data. When signing with Ed25519, gnutls_privkey_sign_data() should be used.”, but this is not stated for gnutls_pubkey_verify_hash2() at <a href="https://www.gnutls.org/manual/html_node/Operations.html#Operations" rel="nofollow noreferrer noopener" target="_blank">https://www.gnutls.org/manual/html_node/Operations.html#Operations</a>.</p>
<p dir="auto"><a href="https://tools.ietf.org/html/rfc6376#section-5.5" rel="nofollow noreferrer noopener" target="_blank">RFC6376</a> says “The Signer MUST compute the message hash as described in Section 3.7 and then sign it using the selected public-key algorithm.”</p>
<p dir="auto">For me this means, that not the data, but the hash must signed, so gnutls_privkey_sign_hash() and gnutls_pubkey_verify_hash2() must be used. They do work correctly, when RSA is used for signing/verifying the hash at this place.</p>
<p dir="auto">gnutls_pubkey_verify_hash2() calls _gnutls_pk_is_not_prehashed() which fails for ed25519.</p>
<p dir="auto">How shall the requirement to sign the hash from RFC6376 be implemented in GnuTLS for Ed25519, as presented in RFC8463? In particular which function shall verify the signature of the signed hash?</p>
</div>
</div>
<div class="footer" style="margin-top: 10px;">
<p style="font-size: small; color: #777777;">
—
<br>
Reply to this email directly or <a href="https://gitlab.com/gnutls/gnutls/issues/613#note_116288836">view it on GitLab</a>.
<br>
You're receiving this email because of your account on gitlab.com.
If you'd like to receive fewer emails, you can
<a href="https://gitlab.com/sent_notifications/d05a0e7bd6a38104667d84a7c47fa184/unsubscribe">unsubscribe</a>
from this thread or
adjust your notification settings.
<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Issue","url":"https://gitlab.com/gnutls/gnutls/issues/613#note_116288836"}}</script>
</p>
</div>
</body>
</html>