[Question] Options for SHA256, ECC
Closed this issue · 3 comments
Hi,
I really like your library implementation, just two files pure and simple. Is it possible to include optional, common sha256, ECC kobliz and NIST for signing?. Thank you.
Hi,
It's technically possible, but that's out of scope. Monocypher aims to be simple and to the point. Compatibility with other systems is not really a goal.
SHA-512 and Ed25519 are an exception, because the let me test Monocypher with reputable test vectors (I then added HMAC so SHA-512 users have a keyed mode just like Blake2b). If I had a reliable way to test EdDSA without relying on existing test vectors, Monocypher wouldn't support SHA-512 at all.
SHA-256 can't be justified the same way. I already have my test vectors, nobody is using EdDSA with SHA-256, and it's slow. It's easier on 32-bit machines, but if I cared about that I'd use Blake2s or Blake3, which are faster.
As for Koblitz curves and NIST (I think you meant ECDSA?): Monocypher already has ECC and signatures, and implementing those curve would not reuse any of Monocypher's code: the arithmetic is different (binary field), the equations are different, and the signature protocol is different. Even if I wanted to implement them (it's a lot of work, so I really don't) I would do so in a separate project.
Loup.
Thank you for the comprehensive reply. I guess for what I am asking I have to look at mbedTLS. By the way, your solution is so elegant. I am not a C programmer but your code is so easy to read. Thank you for the project.
Readability of the code was an important goal of mine, glad you liked it.
Closing this now, I hope you find what you need.