Open erlanger opened 4 years ago
triska
commented
4 years ago Yes, I fully agree, thank you for filing this!
In the future, could you please file library(crypto)-related issues in the ssl package at:
https://github.com/SWI-Prolog/packages-ssl/issues
This is so that interested readers can subscribe selectively to notifications regarding exclusively the cryptography-related functionality.
erlanger
commented
4 years ago In the future, could you please file library(crypto)-related issues in the ssl package
Sure, would be happy to do it. Thanks for handling the issue and for the great work you've done with the crypto lib.
erlanger
commented
4 years ago By the way, TLS 1.3 (RFC 8446) requires support for the Curve25519 algorithm (X25519) and also Ed25519 and X448, Ed448. All of them are supported by openssl 1.1.1 but I don't think they are yet in library(crypto).
triska
commented
4 years ago You can already use TLS 1.3 with SWI-Prolog if you compile with OpenSSL ≥ 1.1.1.
For example, try:
$ openssl s_client -connect www.metalevel.at:443 -tls1_3
to connect to an SWI-powered site with TLS 1.3.
What you are asking for, in the original issue, is to be able to load and reason about private keys using Curve25519 with library(crypto). This is needed if you want to manually use this curve for specific applications. Do you already have a concrete use case in mind? I am asking out of personal interest, not as an argument against implementing this.
erlanger
commented
4 years ago Do you already have a concrete use case in mind?
Yes, but can't talk about it.
BTW, crypto_name_curve/2 would also need to be extended somehow (new api?) to support Curve25519.
@triska , New versions of Openssl (since 1.1.0) support Curve25519, but
load_private_key/3does not work with it:Other older curves work fine:
The wikipedia article, in the Popularity section, shows why support for this curve is important.