Hi, https://gnutls.org/reference/gnutls-abstract.html says, for gnutls_privkey_sign_hash() :-
"Note that, not all algorithm support signing already hashed data. When signing with Ed25519, gnutls_privkey_sign_data() should be used." Meantime there's a draft[1] for extending DKIM to use Ed25519 signatures which wants to use signing of an already-computed hash, as opposed to a hash-plus-signing operation. [ Subissue: sha256 hash, specifically. The GnuTLS docs do not seem to say _what_ hashes are acceptable for what signing algorithms; only that there's a way to request a hash that is "preferred", and that for some signings that hash might be mandatory]. The draft refers to RFC 8032, which defines both "Pure" and "Hash" variants of signing (section 4). Is there intent to support the Pure variant of Ed25519 signing in future? -- Thanks, Jeremy 1: https://tools.ietf.org/html/draft-ietf-dcrup-dkim-crypto-06 _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
