Testing ECC signatures
Dmitry Eremin-Solenikov
dbaryshkov at gmail.com
Wed Sep 25 22:44:22 CEST 2013
On 25/09/13 22:51, Werner Koch wrote:
> On Wed, 25 Sep 2013 18:51, dbaryshkov at gmail.com said:
>
>> "random-override" value (like it is done for several RSA padding modes).
>> However I see no simple way to pass that further to ecc_sign (in my
>> case) function.
>
> For ECC I suggest to use the rfc6979 flag, which creates deterministic
> signatures.
I should think about applicability of rfc6979 to GOST signature algorithms.
>> interface changes to
>> move S-Exp processing directly to algorithms (if I understood
>> correctly andthat is
>> the way the code base currently moves)?
>
> Yes, that is what I am working on.
OK, I will just wait for the interface changes. I don't want to change
internal pkey/ecc interfaces, if you are going to change that in
observable future.
> In general I don't like the idea of having a feature to override random,
> because that could easily slip into the real code path. But sometimes
> these things are required for certification purposes.
Yes, I see your point. However adding such feature will make testing easier.
--
With best wishes
Dmitry
More information about the Gcrypt-devel
mailing list