Query regarding openssl-3.0.0 ecdsa self tests
Billy Brumley
bbrumley at gmail.com
Mon Aug 30 10:17:03 UTC 2021
This is not really true. At least, for some of the tests.
https://github.com/openssl/openssl/blob/master/test/ecdsatest.c#L73
That hijacks the RNG to feed the expected nonce, so it can check vs a KAT.
Cheers,
BBB
On Mon, Aug 30, 2021 at 12:40 PM Tomas Mraz <tomas at openssl.org> wrote:
>
> Hello,
>
> your analysis is right. It does only pairwise consistency test as the
> KAT is impossible to do for regular DSA and ECDSA due to random nonce
> being input of the signature algorithm and thus the signature always
> changes.
>
> Tomas
>
> On Fri, 2021-08-27 at 22:47 +0530, Nagarjun J wrote:
> > Hi,
> >
> > Does openssl-3.0.0 really does ecdsa KAT ? The post test logs says
> > "ECDSA KAT :PASS. But when i debuged the code it actually doing ECDSA
> > pairwise consistency test.
> >
> > Thanks,
> > Nagarjun
>
> --
> Tomáš Mráz
> No matter how far down the wrong road you've gone, turn back.
> Turkish proverb
> [You'll know whether the road is wrong if you carefully listen to your
> conscience.]
>
>
More information about the openssl-users
mailing list