[gnutls-devel] GnuTLS | crypto-selftests-pk.c: Use deterministic signatures in test_known_sig() (e106439e)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Fri Mar 13 12:01:54 CET 2020
Stephan Mueller commented on a discussion on lib/crypto-selftests-pk.c: https://gitlab.com/gnutls/gnutls/-/commit/e106439ebaba996413765e3a535b6fc9d59c00d1#note_304495171
> #ifdef ENABLE_NON_SUITEB_CURVES
> - PK_KNOWN_TEST(GNUTLS_PK_EC, 0,
> + PK_KNOWN_TEST(GNUTLS_PK_EC,
> GNUTLS_CURVE_TO_BITS
> (GNUTLS_ECC_CURVE_SECP192R1),
> GNUTLS_DIG_SHA256, ecdsa_secp192r1_privkey,
> - ecdsa_secp192r1_sig);
> + ecdsa_secp192r1_sig, GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE);
>
> - PK_KNOWN_TEST(GNUTLS_PK_EC, 0,
> + PK_KNOWN_TEST(GNUTLS_PK_EC,
> GNUTLS_CURVE_TO_BITS
> (GNUTLS_ECC_CURVE_SECP224R1),
> GNUTLS_DIG_SHA256, ecdsa_secp224r1_privkey,
> - ecdsa_secp224r1_sig);
> + ecdsa_secp224r1_sig, GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE);
Yes, you are right, there is one provision in FIPS IG that allows deterministic even now - please disregard my comments.
Note, teh provision allowing it is IG 9.4 stating that a KAT for DSA /ECDSA is permissible. I accidentally swapped that out of my memory :-)
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/commit/e106439ebaba996413765e3a535b6fc9d59c00d1#note_304495171
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200313/1d53e358/attachment-0001.html>
More information about the Gnutls-devel
mailing list