Page MenuHomePhabricator

Use curve25519-sha256 from crypto libs if available
Open, WishlistPublic

Description

Use curve25519-sha256 from crypto libs if available.

This is at least implemented in OpenSSL already.

Event Timeline

asn triaged this task as Wishlist priority.Jul 12 2019, 12:58 PM
asn created this task.
asn added a project: Restricted Project.
ansasaki claimed this task.Aug 6 2019, 10:45 AM
Jakuje added a subscriber: Jakuje.Wed, Sep 25, 4:18 PM

I think this was addressed by https://gitlab.com/libssh/libssh-mirror/merge_requests/63 for OpenSSL.

The support should be available also in the mbedTLS and libgcrypt, but the question is whether it makes sense there as the primary backend is openssl here.

https://en.wikipedia.org/wiki/Curve25519
https://tls.mbed.org/core-features
https://github.com/gpg/libgcrypt/blob/master/cipher/ecc-curves.c

asn added a comment.Mon, Sep 30, 7:26 PM

I think supporting mbedtls in future would be nice as it is GPL licensed. libgcrypt is just a mess and we should remove it at one point.