#32858: Add OpenSSL ECDH functionality #5700
Conversation
|
Hello, and thanks for your contribution! I'm a bot set up to make sure that the project can legally accept your contribution by verifying you have signed the PSF contributor agreement (CLA). Unfortunately we couldn't find an account corresponding to your GitHub username on bugs.python.org (b.p.o) to verify you have signed the CLA (this might be simply due to a missing "GitHub Name" entry in your b.p.o account settings). This is necessary for legal reasons before we can look at your contribution. Please follow the steps outlined in the CPython devguide to rectify this issue. Thanks again to your contribution and we look forward to looking at it! |
There was a problem hiding this comment.
Thanks for your contribution.
You are working on two separate things here. Please create a separate issue for the kxinfo method. Before you start on a patch, let's first discuss if the feature should be added at all and how a good API should look like.
The same is true for set_ecdh_curve(). New or improved featured must be added to PEP 543 and implemented in a way, that works with other TLS implementations. I suggest that the function accepts 1..n group names from an enum of groups based on https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 .
I need to discuss this with @Lukasa first.
|
A Python core developer has requested some changes be made to your pull request before we can consider merging it. If you could please address their requests along with any other requests in other reviews from core developers that would be appreciated. Once you have made the requested changes, please le
B6F0
ave a comment on this pull request containing the phrase |
|
I will submit separate pull requests as suggested. |
Added support for selecting "X25519" in SSLContext.set_ecdh_curve(). Added method SSLSocket.kxinfo() to provide information about key exchange. Changed set_ecdh_curve() to use SSL_CTX_set1_curves_list which is available since OpenSSL 1.0.2.