HMaker
commented
2 years ago Which algorithms should be abstracted? Or we can just implement ECDSAKey interface?
Open tomato42 opened 4 years ago
HMaker
commented
2 years ago Which algorithms should be abstracted? Or we can just implement ECDSAKey interface?
tomato42
commented
2 years ago The whole ECDSAKey interface should be implemented.
You can look at examples with AES: https://github.com/tlsfuzzer/tlslite-ng/blob/master/tlslite/utils/openssl_aes.py and https://github.com/tlsfuzzer/tlslite-ng/blob/master/tlslite/utils/python_aes.py and with RSA: https://github.com/tlsfuzzer/tlslite-ng/blob/master/tlslite/utils/openssl_rsakey.py and https://github.com/tlsfuzzer/tlslite-ng/blob/master/tlslite/utils/python_rsakey.py
(slightly counter-intuitively, the openssl_ prefix is used for implementations that use M2Crypto)
use m2crypto, pycryptodome, cryptography or some other native library to accelerate ECDSA and ECDHE operations
some mechanism similar to the one used for RSA keys should be used to select the backend implementing the actual crypto
this is continuation of work from #196