Open laurivosandi opened 6 years ago
wbond
commented
6 years ago It doesn't look viable without looking for some other APIs on Windows. See https://msdn.microsoft.com/en-us/library/windows/desktop/aa375520(v=vs.85).aspx for the supported curves when using CNG. The older legacy APIs we support don't even do ECC.
laurivosandi
commented
6 years ago Hi, I've got Windows side covered with powershell scripts - I was talking about adding additional curves on Linux
wbond
commented
6 years ago I'm not particularly keen on turning oscrypto into a collection of different features on different operating systems. The general idea is something that can be used to consistently have features X, Y and Z on Mac, Linux and Windows without extra libraries to install or configure. That said, currently some variants of DSA are only supported in certain places and some TLS features aren't available on Windows XP, but I'd prefer not to add much to that list.
If brainpoolp256r1 was supported on WIndows 7+, OpenSSL and at least some versions of macOS, I'd probably be okay with it. However, it doesn't look like there are APIs to get it on Windows nor macOS (https://stackoverflow.com/a/24231234/230074).
laurivosandi
commented
2 years ago Bringing up old topic: what about ed25519?
saper
commented
2 years ago @laurivosandi My first attempt to provide partial ed25519 is in https://github.com/wbond/oscrypto/pull/64 - but this is for OpenSSL only and @wbond is right in saying we should have this for other backends, too.
wbond
commented
1 year ago I was about to post here with info about how I can't seem to use other curves on Windows, but then I found this, which seems to indicate we can use other curves as of Windows 10:
wbond
commented
1 year ago On the macOS side it seems things like ed25519 are implemented in CryptoKit, which is Swift-only. :-\
Hi,
currently only secp256r1 seems to be supported among the 256-bit EC curves. Windows' certreq utility offers brainpoolp256r1 by default. Would it be much of an effort to add it to oscrypto?