cryptography does not support encoding a FFDH public key in a certificate at this time. OpenSSL should since the OID for a DH public key cert is defined in RFC 3279 (among other places).
-Paul On Wed, May 15, 2024 at 1:02 PM Bruno Martin <bruno.mar...@univ-cotedazur.fr> wrote: > > Hi, > > For teaching purposes I wish to implement a semi-ephemeral DH key exchange > like in NIST SP800-56 (but for a non EC group). > The recipient’s key is static while the sender’s key is ephemeral. > To authenticate the ephemeral sender key I’d like to X.509 certify it (and > also the recipent’s one too). > > I can generate the dh parameters, the static and ephemeral keys, put it in > PEM format. > So far so good. > But I cannot find how to create the csr to provide to a CA. > While trying with x509, I got the error message > Key must be an rsa, dsa, ec, ed25519, or ed448 private key. > > Is there any way to get a certificate for a dh public key ? > > I can accept to use OpenSSL for this but couldn’t find either a way to > proceed. > > Thanks for you help and sorry if my question is not well addressed to the > list. > I did not subscribe to the list, so I would appreciate a direct reply. > > Regards, > > Bruno > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev@python.org > https://mail.python.org/mailman/listinfo/cryptography-dev _______________________________________________ Cryptography-dev mailing list Cryptography-dev@python.org https://mail.python.org/mailman/listinfo/cryptography-dev