On Thu, 2017-09-28 at 21:48 +0200, Niels Möller wrote: > There are several unfinished projects, curve448, gost cryptos, > skein,... > > But there are also a few new features completed since the nettle-3.3 > release: rsa-pss, and hkdf. And a couple of bugfixes. And we have the > ABI problems which are only half way fixed, and which I think are > pretty > important. > > So I'm thinking, maybe we should try to fix the ABI issue and get in > shape for release, and not try to get more new features in 3.4?
The existing code in nettle seems to be sufficient for a TLS-1.3 release of gnutls. There is already a merge request which can use the GOST code, and ed/x448 would be nice to have. > To get minimal ABI breakage, I also suspect we would need a release > branch where I revert recent changes that grow the size of struct > ecc_curve; my idea is to introduce functions returning pointers to > the > instances of this struct. But as long as applications are using the > data > symbols directly as advertised in ecc-curves.h, executables with > R_X86_64_COPY relocations will break, in the same way as arrays like > nettle_hashes. I agree that this is the most important to address. I don't think I have any good suggestion in addressing that. > See https://www.lysator.liu.se/~nisse/nettle/plan.html for current > list. (it seems to have a typo and list plan for 3.3) > armv8-linux-gnu (qemu) > x86_64-freebsd I have already two such systems for gnutls' CI. I could send a patch on .gitlab-ci.yml for nettle to run there too. regards, Nikos _______________________________________________ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
