[gnutls-devel] GnuTLS | crypto-selftests-pk.c: Use deterministic signatures in test_known_sig() (e106439e)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Fri Mar 13 10:39:55 CET 2020




Stephan Mueller started a new discussion on lib/crypto-selftests-pk.c: https://gitlab.com/gnutls/gnutls/-/commit/e106439ebaba996413765e3a535b6fc9d59c00d1#note_304441684

>  #ifdef ENABLE_NON_SUITEB_CURVES
> -		PK_KNOWN_TEST(GNUTLS_PK_EC, 0,
> +		PK_KNOWN_TEST(GNUTLS_PK_EC,
>  			      GNUTLS_CURVE_TO_BITS
>  			      (GNUTLS_ECC_CURVE_SECP192R1),
>  			      GNUTLS_DIG_SHA256, ecdsa_secp192r1_privkey,
> -			      ecdsa_secp192r1_sig);
> +			      ecdsa_secp192r1_sig, GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE);
>  
> -		PK_KNOWN_TEST(GNUTLS_PK_EC, 0,
> +		PK_KNOWN_TEST(GNUTLS_PK_EC,
>  			      GNUTLS_CURVE_TO_BITS
>  			      (GNUTLS_ECC_CURVE_SECP224R1),
>  			      GNUTLS_DIG_SHA256, ecdsa_secp224r1_privkey,
> -			      ecdsa_secp224r1_sig);
> +			      ecdsa_secp224r1_sig, GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE);

Do I understand it correctly that for ECDSA and DSA only deterministic signatures are tested as part of the power-on tests? Wasn't it stated that deterministic signatures are not supported in FIPS mode? If so, would in FIPS mode any test being exectued?

Also, note, deterministic signatures are not yet approved. This implies that for FIPS at the moment only self tests with non-deterministic signatures are possible, i.e. the pairwise-consistency test.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/commit/e106439ebaba996413765e3a535b6fc9d59c00d1#note_304441684
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200313/e6444f92/attachment.html>


More information about the Gnutls-devel mailing list