[gnutls-devel] GnuTLS | crypto-selftests-pk.c: Use deterministic signatures in test_known_sig() (e106439e)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Fri Mar 13 12:00:31 CET 2020
Nikos Mavrogiannopoulos commented on a discussion on lib/crypto-selftests-pk.c: https://gitlab.com/gnutls/gnutls/-/commit/e106439ebaba996413765e3a535b6fc9d59c00d1#note_304494312
> #ifdef ENABLE_NON_SUITEB_CURVES
> - PK_KNOWN_TEST(GNUTLS_PK_EC, 0,
> + PK_KNOWN_TEST(GNUTLS_PK_EC,
> GNUTLS_CURVE_TO_BITS
> (GNUTLS_ECC_CURVE_SECP192R1),
> GNUTLS_DIG_SHA256, ecdsa_secp192r1_privkey,
> - ecdsa_secp192r1_sig);
> + ecdsa_secp192r1_sig, GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE);
>
> - PK_KNOWN_TEST(GNUTLS_PK_EC, 0,
> + PK_KNOWN_TEST(GNUTLS_PK_EC,
> GNUTLS_CURVE_TO_BITS
> (GNUTLS_ECC_CURVE_SECP224R1),
> GNUTLS_DIG_SHA256, ecdsa_secp224r1_privkey,
> - ecdsa_secp224r1_sig);
> + ecdsa_secp224r1_sig, GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE);
Note Stephan that the deterministic mode is only used to avoid calling the random generator early, but it is not really tested as such. The operation tested is the ECDSA/DSA operation (e.g., previously it was tested with a fixed random number, now it is the same but with random number generated the RFC6979 way).
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/commit/e106439ebaba996413765e3a535b6fc9d59c00d1#note_304494312
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200313/5e680679/attachment.html>
More information about the Gnutls-devel
mailing list