Hello,I'd like to use ECDH key agreement with GnuTLS. As far as I can see, there is no public function to generate a shared secret with ECC keys.
In lib/nettle/pk.c [1], the ECDH functions are defined if ENABLE_FIPS140 is defined.
According to thee documentation [2], FIPS140-2 mode is not available without adding configure option –enable-fips140-mode.
In an old message on this ML [3], it was offered these functions to be exported in the normal API, but this message wasn't answered, and the ecdh functions are still private and available only with FIPS140-2 mode.
I'd like to make a feature request for the ECDH functions to be available in the normal API, even in non FIPS140-2 mode. Would it be possible in a future version?
Thanks in advance /Nicolas [1] https://gitlab.com/gnutls/gnutls/-/blob/master/lib/nettle/pk.c [2] https://www.gnutls.org/manual/html_node/FIPS140_002d2-mode.html [3] https://lists.gnupg.org/pipermail/gnutls-help/2019-November/004580.html
OpenPGP_0xFE82139440BD22B9.asc
Description: application/pgp-keys
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ Gnutls-help mailing list Gnutls-help@lists.gnutls.org http://lists.gnupg.org/mailman/listinfo/gnutls-help