[gnutls-help] ED25519 status in GnuTLS
Nikos Mavrogiannopoulos
n.mavrogiannopoulos at gmail.com
Sun Nov 13 15:51:17 CET 2016
On Sun, 2016-11-13 at 07:20 +0100, Ondřej Surý wrote:
> Nikos,
>
> what's the current status of EdDSAS (Ed25519 and possibly Ed448) in
> GnuTLS?
>
> draft-irtf-cfrg-eddsa is in RFC Editor queue, that means only
> editorial
> changes
> are going to happen there.
>
> We are using:
>
> gnutls_pubkey_get_pk_ecc_raw
> gnutls_pubkey_import_ecc_raw
> gnutls_pubkey_get_pk_rsa_raw
> gnutls_pubkey_import_rsa_raw
>
> and I would love to have the EdDSA equivalents instead of going down
> for Nettle. (and for DNSSEC we need the Pure variants).
There is some testing code for EdDSA (non-pure variant) on a gitlab
branch. It would most likely need some refresh, however, I haven't
checked how and if the last version changed. The pure variant will need
quite more changes since it cannot be used with
gnutls_privkey_sign_hash(), but only with gnutls_privkey_sign_data()
and we have to introduce this distinction internally.
My plan is to introduce that feature on the next to 3.5.x branch once
3.5.x replaces the stable branch (around march).
regards,
Nikos
More information about the Gnutls-help
mailing list