[gnutls-help] GnuTLS 3.6.0 released

Jeremy Harris jgh at wizmail.org
Thu Sep 14 11:14:55 CEST 2017


says, for gnutls_privkey_sign_hash() :-

"Note that, not all algorithm support signing already hashed data. When
 signing with Ed25519, gnutls_privkey_sign_data() should be used."

Meantime there's a draft[1] for extending DKIM to use Ed25519 signatures
which wants to use signing of an already-computed hash, as opposed
to a hash-plus-signing operation.

[ Subissue: sha256 hash, specifically.  The GnuTLS docs do not seem
to say _what_ hashes are acceptable for what signing algorithms; only
that there's a way to request a hash that is "preferred", and that
for some signings that hash might be mandatory].

The draft refers to RFC 8032, which defines both "Pure" and "Hash"
variants of signing  (section 4).

Is there intent to support the Pure variant of Ed25519 signing in

1: https://tools.ietf.org/html/draft-ietf-dcrup-dkim-crypto-06

More information about the Gnutls-help mailing list