On Sun, 2016-11-13 at 07:20 +0100, Ondřej Surý wrote: > Nikos, > > what's the current status of EdDSAS (Ed25519 and possibly Ed448) in > GnuTLS? > > draft-irtf-cfrg-eddsa is in RFC Editor queue, that means only > editorial > changes > are going to happen there. > > We are using: > > gnutls_pubkey_get_pk_ecc_raw > gnutls_pubkey_import_ecc_raw > gnutls_pubkey_get_pk_rsa_raw > gnutls_pubkey_import_rsa_raw > > and I would love to have the EdDSA equivalents instead of going down > for Nettle. (and for DNSSEC we need the Pure variants).
There is some testing code for EdDSA (non-pure variant) on a gitlab branch. It would most likely need some refresh, however, I haven't checked how and if the last version changed. The pure variant will need quite more changes since it cannot be used with gnutls_privkey_sign_hash(), but only with gnutls_privkey_sign_data() and we have to introduce this distinction internally. My plan is to introduce that feature on the next to 3.5.x branch once 3.5.x replaces the stable branch (around march). regards, Nikos _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
