ECDSA vs EDDSA
wk at gnupg.org
Wed Nov 12 15:12:14 CET 2014
On Wed, 12 Nov 2014 14:28, peter at digitalbrains.com said:
> After browsing a bit in the source, I conclude that RFC 6979 is used for
> both classic DSA and ECDSA; something not immediately apparent from the
> commit message when you don't know the code.
Right. And actually it can also be used for 2.0. This requires a
runtime check for the libgcrypt version and to add the rfc6979 flag for
libgcrypt 1.6. In 2.0 we have use this in g10/pkglue.c:
if (gcry_sexp_build (&s_hash, NULL, "%m", hash))
BUG (); /* gcry_sexp_build should never fail. */
it needs to be replaced with something like
if (gcry_check_version ("1.6.0")
err = gcry_sexp_build (&hash, NULL,
"(data (flags rfc6979) (hash %s %b))",
err = gcry_sexp_build (&s_hash, NULL, "%m", hash);
but the callers of that pk_sign function need to provide the hash
algorithm as well. Thus more than a few lines need to be changed. it
would be useful to have this for plain DSA, though.
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-users