Additional elliptic curves #25
Comments
|
It doesn't look viable without looking for some other APIs on Windows. See https://msdn.microsoft.com/en-us/library/windows/desktop/aa375520(v=vs.85).aspx for the supported curves when using CNG. The older legacy APIs we support don't even do ECC. |
|
Hi, I've got Windows side covered with powershell scripts - I was talking about adding additional curves on Linux |
|
I'm not particularly keen on turning oscrypto into a collection of different features on different operating systems. The general idea is something that can be used to consistently have features X, Y and Z on Mac, Linux and Windows without extra libraries to install or configure. That said, currently some variants of DSA are only supported in certain places and some TLS features aren't available on Windows XP, but I'd prefer not to add much to that list. If brainpoolp256r1 was supported on WIndows 7+, OpenSSL and at least some versions of macOS, I'd probably be okay with it. However, it doesn't look like there are APIs to get it on Windows nor macOS (https://stackoverflow.com/a/24231234/230074). |
|
Bringing up old topic: what about ed25519? |
|
@laurivosandi My first attempt to provide partial ed25519 is in #64 - but this is for OpenSSL only and @wbond is right in saying we should have this for other backends, too. |
|
I was about to post here with info about how I can't seem to use other curves on Windows, but then I found this, which seems to indicate we can use other curves as of Windows 10: |
|
On the macOS side it seems things like ed25519 are implemented in CryptoKit, which is Swift-only. :-\ |
Hi,
currently only secp256r1 seems to be supported among the 256-bit EC curves. Windows' certreq utility offers brainpoolp256r1 by default. Would it be much of an effort to add it to oscrypto?
The text was updated successfully, but these errors were encountered: