Open tomato42 opened 4 years ago
Which algorithms should be abstracted? Or we can just implement ECDSAKey
interface?
The whole ECDSAKey
interface should be implemented.
You can look at examples with AES: https://github.com/tlsfuzzer/tlslite-ng/blob/master/tlslite/utils/openssl_aes.py and https://github.com/tlsfuzzer/tlslite-ng/blob/master/tlslite/utils/python_aes.py and with RSA: https://github.com/tlsfuzzer/tlslite-ng/blob/master/tlslite/utils/openssl_rsakey.py and https://github.com/tlsfuzzer/tlslite-ng/blob/master/tlslite/utils/python_rsakey.py
(slightly counter-intuitively, the openssl_
prefix is used for implementations that use M2Crypto)
use m2crypto, pycryptodome, cryptography or some other native library to accelerate ECDSA and ECDHE operations
some mechanism similar to the one used for RSA keys should be used to select the backend implementing the actual crypto
this is continuation of work from #196