Niels Möller <[email protected]> writes:
> Daiki Ueno <[email protected]> writes:
>
>> The attached patch adds support for the deterministic DSA and ECDSA, as
>> defined in RFC 6979, which enables us to use the signing function
>> without randomness.
>
> Thanks, I've had a first read, and added some comments on your MR
> (https://git.lysator.liu.se/nettle/nettle/-/merge_requests/64).
Thank you; I updated the MR to address those comments.
I have a slight feeling that the current API is not easy to use, as the
caller needs to instantiate both hash and HMAC contexts, as there are no
correlations between the two:
struct sha256_ctx sha256;
sha256_init (&sha256);
sha256_update (&sha256, length, message);
sha256_digest (&sha256, SHA256_DIGEST_SIZE, digest);
struct hmac_sha256_ctx hmac_sha256;
ecdsa_sign_deterministic (&key,
&hmac_sha256, &nettle_hmac_sha256,
digest,
&sig);
What would you say to introducing a specialized API, something like the
following?
void
ecdsa_sha256_sign_deterministic (const struct ecc_scalar *key,
size_t length,
const uint8_t *message,
struct dsa_signature *signature);
Regards,
--
Daiki Ueno
_______________________________________________
nettle-bugs mailing list -- [email protected]
To unsubscribe send an email to [email protected]
