[gnutls-devel] GnuTLS | pk: implement deterministic ECDSA/DSA for provable signing (!1051)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Sat Aug 3 18:53:25 CEST 2019

Daiki Ueno commented on a discussion on lib/crypto-backend.h: https://gitlab.com/gnutls/gnutls/merge_requests/1051#note_199813679

>  	int (*sign) (gnutls_pk_algorithm_t, gnutls_datum_t * signature,
>  		     const gnutls_datum_t * data,
>  		     const gnutls_pk_params_st *priv,
> -		     const gnutls_x509_spki_st *sign);
> +		     const gnutls_x509_spki_st *sign,
> +		     unsigned int flags);

Yes I thought about it, but neither params seem to be a good fit for this flag: `gnutls_pk_params_st` is associated with the private key, so it lasts after signing, and `gnutls_x509_spki_st` is a public interface about SPKI, while deterministic signing has nothing to do with it.

Also `privkey_sign_prehashed()` already takes a flag in addition to those params.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/1051#note_199813679
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190803/fc680db0/attachment.html>

More information about the Gnutls-devel mailing list