14 January 2018, 20:13
Is there a particular way to enable Curve25519 in the Hiawatha and mbed TLS integration?

As far as I can tell, it is included in mbed TLS [1] and the mbedtls/include/mbedtls/config.h of the Hiawatha source code shows it as enabled, but it does not appear to show up in the available curves of Hiawatha in use. For example, my own browser connections with new versions of Firefox or Chromium are not using it and it does not show up in SSL Labs tests.

Hugo Leisink
14 January 2018, 23:21
According to the mbed TLS documentation [], all curves should be allowed. I must admit that I'm not as familiar with EC as with RSA. So, I can't tell you more than this.
15 January 2018, 01:51
Thanks for the reply. I have seen on occasion notes about Curve25519 or X25519 being implemented differently than other curves and various libraries and software having to add or change methods to allow it to be specified or enabled. I wonder if it could have something to do with that.
This topic has been closed.