aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/util/crypto_ecc.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
index dc3f206e7a..e6d6bc133d 100644
--- a/src/util/crypto_ecc.c
+++ b/src/util/crypto_ecc.c
@@ -492,9 +492,14 @@ GNUNET_CRYPTO_ecdhe_key_create ()
gcry_mpi_t d;
int rc;
+ /* NOTE: For libgcrypt >= 1.7, we do not need the 'eddsa' flag here,
+ but should also be harmless. For libgcrypt < 1.7, using 'eddsa'
+ disables an expensive key testing routine. We do not want to run
+ the expensive check for ECDHE, as we generate TONS of keys to
+ use for a very short time. */
if (0 != (rc = gcry_sexp_build (&s_keyparam, NULL,
"(genkey(ecc(curve \"" CURVE "\")"
- "(flags eddsa)))")))
+ "(flags eddsa no-keytest)))")))
{
LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
return NULL;
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2025-09-25 08:07:35 +0000