On 2020-01-08 04:10, Hans Leidekker wrote:
On Tue, 2020-01-07 at 14:22 -0600, Derek Lesho wrote:
+/* this is necessary since GNUTLS doesn't support ECDH public key encryption, maybe we can replace this when it does: + https://github.com/gnutls/gnutls/blob/cdc4fc288d87f91f974aa23b6e8595a53970ce... */ +NTSTATUS compute_secret_ecc (struct key *privkey_in, struct key *pubkey_in, struct secret *secret) It would be nice if we could avoid adding another dependency. Has any effort been made to add this feature to GnuTLS?
Not that I know of. I just took a second look, and I think the functionality does exist in nettle, so I might be able to add support for it in GNUTLS. However, that would take a very long time to trickle down into the libraries shipped by most distros