[gnutls-devel] GnuTLS | crypto-selftests-pk.c: Use deterministic signatures in test_known_sig() (e106439e)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Fri Mar 13 12:00:31 CET 2020




Nikos Mavrogiannopoulos commented on a discussion on lib/crypto-selftests-pk.c: https://gitlab.com/gnutls/gnutls/-/commit/e106439ebaba996413765e3a535b6fc9d59c00d1#note_304494312

>  #ifdef ENABLE_NON_SUITEB_CURVES
> -		PK_KNOWN_TEST(GNUTLS_PK_EC, 0,
> +		PK_KNOWN_TEST(GNUTLS_PK_EC,
>  			      GNUTLS_CURVE_TO_BITS
>  			      (GNUTLS_ECC_CURVE_SECP192R1),
>  			      GNUTLS_DIG_SHA256, ecdsa_secp192r1_privkey,
> -			      ecdsa_secp192r1_sig);
> +			      ecdsa_secp192r1_sig, GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE);
>  
> -		PK_KNOWN_TEST(GNUTLS_PK_EC, 0,
> +		PK_KNOWN_TEST(GNUTLS_PK_EC,
>  			      GNUTLS_CURVE_TO_BITS
>  			      (GNUTLS_ECC_CURVE_SECP224R1),
>  			      GNUTLS_DIG_SHA256, ecdsa_secp224r1_privkey,
> -			      ecdsa_secp224r1_sig);
> +			      ecdsa_secp224r1_sig, GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE);

Note Stephan that the deterministic mode is only used to avoid calling the random generator early, but it is not really tested as such. The operation tested is the ECDSA/DSA operation (e.g., previously it was tested with a fixed random number, now it is the same but with random number generated the RFC6979 way).

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/commit/e106439ebaba996413765e3a535b6fc9d59c00d1#note_304494312
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200313/5e680679/attachment.html>


More information about the Gnutls-devel mailing list