Support for brainpool curves in OpenSSL 1.0.2

pyca / cryptography

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers.

https://cryptography.io

Other

6.67k stars 1.53k forks source link

Support for brainpool curves in OpenSSL 1.0.2 #778

Closed hynek closed 10 years ago

hynek commented 10 years ago

I know it’s not out yet but I want to put it here so we don’t forget.

OpenSSL 1.0.2 finally brings brainpool curves that seem to be slightly better than the NIST ones.

We should support them conditionally, making it easy to detect their presence. E.g. I totally want to use them in pyOpenSSL/Twisted once they’re out.

reaperhulk commented 10 years ago

We can set up a builder that runs against the 1.0.2 beta on linux actually. The conditional bindings we write don't affect coverage so having it live outside of travis is not a problem.

reaperhulk commented 10 years ago

OpenSSL 1.0.2 support was added in response to this, but rather than add the brainpool NIDs directly we're going to try to steer potential users towards OBJ_sn2nid.

amluto commented 10 years ago

Hmm. It may make sense to adjust the pyOpenSSL bindings accordingly. I'll comment further at https://github.com/pyca/pyopenssl/pull/57

amluto commented 10 years ago

pyOpenSSL pull request updated -- brainpool curves should work now if your OpenSSL supports them.