Skip to content

add support for Brainpool curves in TLS 1.3 (RFC8734) #529

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Nov 27, 2024
Merged

add support for Brainpool curves in TLS 1.3 (RFC8734) #529

merged 3 commits into from
Nov 27, 2024

Conversation

tomato42
Copy link
Member

@tomato42 tomato42 commented Sep 11, 2024
edited
Loading

Add support for Brainpool curves in TLS 1.3, both for ECDH and signing

This change is Reviewable

@tomato42 tomato42 added the enhancement new feature to be implemented label Sep 11, 2024
@tomato42 tomato42 added this to the v0.8.0 milestone Sep 11, 2024
@tomato42 tomato42 self-assigned this Sep 11, 2024
@tomato42 tomato42 mentioned this pull request Sep 12, 2024
Merged
10 tasks
@tomato42 tomato42 requested a review from ueno September 13, 2024 17:30
ueno
ueno previously approved these changes Sep 15, 2024
View reviewed changes
Copy link
Collaborator

@ueno ueno left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Feature-wise, it looks good to me, though I see quite a lot of if curve_name == ... for those curves; perhaps they could be a dict lookup and defined in a single place for simplicity?

@tomato42
Copy link
Member Author

Feature-wise, it looks good to me, though I see quite a lot of if curve_name == ... for those curves; perhaps they could be a dict lookup and defined in a single place for simplicity?

yes, I was thinking of this, but I think it will be better to combine that with the refactoring of the all the different places that do signing and verification

@tomato42 tomato42 force-pushed the brainpool_in_tls13 branch 2 times, most recently from a5b9abc to 4b9763b Compare November 18, 2024 20:52
@tomato42 tomato42 mentioned this pull request Nov 25, 2024
Draft
@tomato42
Copy link
Member Author

@ueno In the end I did create a define with all the special schemes... I've also fixed few bugs in handling of those signature schemes, please, take a look at it.
The remaining test coverage for it is in the tlsfuzzer/tlsfuzzer#960

ueno
ueno approved these changes Nov 27, 2024
View reviewed changes
Copy link
Collaborator

@ueno ueno left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@tomato42 tomato42 merged commit dc34709 into master Nov 27, 2024
110 of 111 checks passed
@tomato42 tomato42 deleted the brainpool_in_tls13 branch November 27, 2024 07:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ueno ueno ueno approved these changes

Assignees

@tomato42 tomato42

Labels
enhancement new feature to be implemented
Projects
None yet
Milestone
v0.8.0
Development

Successfully merging this pull request may close these issues.
2 participants
@tomato42 @ueno