[gnutls-help] GnuTLS 3.6.0 released
jgh at wizmail.org
Thu Sep 14 11:14:55 CEST 2017
says, for gnutls_privkey_sign_hash() :-
"Note that, not all algorithm support signing already hashed data. When
signing with Ed25519, gnutls_privkey_sign_data() should be used."
Meantime there's a draft for extending DKIM to use Ed25519 signatures
which wants to use signing of an already-computed hash, as opposed
to a hash-plus-signing operation.
[ Subissue: sha256 hash, specifically. The GnuTLS docs do not seem
to say _what_ hashes are acceptable for what signing algorithms; only
that there's a way to request a hash that is "preferred", and that
for some signings that hash might be mandatory].
The draft refers to RFC 8032, which defines both "Pure" and "Hash"
variants of signing (section 4).
Is there intent to support the Pure variant of Ed25519 signing in
More information about the Gnutls-help