[openssl/openssl] f3090f: Implement deterministic ECDSA sign (RFC6979)

Shane noreply at github.com
Wed Nov 30 07:37:02 UTC 2022


  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: f3090fc710e30a749acaf9e5dfbe20dd163cf15d
      https://github.com/openssl/openssl/commit/f3090fc710e30a749acaf9e5dfbe20dd163cf15d
  Author: slontis <shane.lontis at oracle.com>
  Date:   2022-11-30 (Wed, 30 Nov 2022)

  Changed paths:
    M crypto/build.info
    A crypto/deterministic_nonce.c
    M crypto/dsa/dsa_local.h
    M crypto/dsa/dsa_ossl.c
    M crypto/dsa/dsa_sign.c
    M crypto/ec/ecdsa_ossl.c
    M doc/build.info
    A doc/man7/EVP_KDF-HMAC-DRBG.pod
    M doc/man7/EVP_RAND-HMAC-DRBG.pod
    M doc/man7/EVP_SIGNATURE-DSA.pod
    M doc/man7/EVP_SIGNATURE-ECDSA.pod
    M doc/man7/OSSL_PROVIDER-default.pod
    M doc/man7/provider-signature.pod
    M include/crypto/dsa.h
    M include/crypto/ec.h
    A include/internal/deterministic_nonce.h
    M include/openssl/core_names.h
    M providers/defltprov.c
    A providers/implementations/include/prov/hmac_drbg.h
    M providers/implementations/include/prov/implementations.h
    M providers/implementations/include/prov/names.h
    M providers/implementations/kdfs/build.info
    A providers/implementations/kdfs/hmacdrbg_kdf.c
    M providers/implementations/rands/drbg_hmac.c
    M providers/implementations/rands/drbg_local.h
    M providers/implementations/signature/dsa_sig.c
    M providers/implementations/signature/ecdsa_sig.c
    M test/evp_kdf_test.c
    M test/evp_test.c
    M test/recipes/30-test_evp.t
    A test/recipes/30-test_evp_data/evpkdf_hmac_drbg.txt

  Log Message:
  -----------
  Implement deterministic ECDSA sign (RFC6979)

This PR is based off the contributions in PR #9223 by Jemmy1228.

It has been modified and reworked to:
(1) Work with providers
(2) Support ECDSA and DSA
(3) Add a KDF HMAC_DRBG implementation that shares code with the RAND HMAC_DRBG.

A nonce_type is passed around inside the Signing API's, in order to support any
future deterministic algorithms.

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18809)


  Commit: 0a7528cc7c3b80e00e3093f5d32525574138a33e
      https://github.com/openssl/openssl/commit/0a7528cc7c3b80e00e3093f5d32525574138a33e
  Author: slontis <shane.lontis at oracle.com>
  Date:   2022-11-30 (Wed, 30 Nov 2022)

  Changed paths:
    M doc/man7/EVP_RAND-CTR-DRBG.pod
    M doc/man7/EVP_RAND-HASH-DRBG.pod
    M doc/man7/EVP_RAND-SEED-SRC.pod
    M doc/man7/EVP_RAND-TEST-RAND.pod

  Log Message:
  -----------
  Fix docs related to EVP_RAND_CTX_new() that were not passing the parent
parameter.

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18809)


  Commit: 5375fd8e948234e8b8a10ded94badf6f59b53608
      https://github.com/openssl/openssl/commit/5375fd8e948234e8b8a10ded94badf6f59b53608
  Author: Billy Brumley <bbrumley at gmail.com>
  Date:   2022-11-30 (Wed, 30 Nov 2022)

  Changed paths:
    M test/recipes/30-test_evp.t
    A test/recipes/30-test_evp_data/evppkey_rfc6979.txt

  Log Message:
  -----------
  [test/recipes] RFC6979 deterministic ECDSA KATs in evptest format

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18809)


  Commit: 6b3d28757620e0781bb1556032bb6961ee39af63
      https://github.com/openssl/openssl/commit/6b3d28757620e0781bb1556032bb6961ee39af63
  Author: slontis <shane.lontis at oracle.com>
  Date:   2022-11-30 (Wed, 30 Nov 2022)

  Changed paths:
    M test/evp_test.c
    M test/recipes/30-test_evp.t
    A test/recipes/30-test_evp_data/evppkey_dsa_rfc6979.txt
    A test/recipes/30-test_evp_data/evppkey_ecdsa_rfc6979.txt
    R test/recipes/30-test_evp_data/evppkey_rfc6979.txt

  Log Message:
  -----------
  [test/recipes] Add RFC6979 deterministic DSA KATs in evptest format

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18809)


Compare: https://github.com/openssl/openssl/compare/9ba4f489ecd3...6b3d28757620


More information about the openssl-commits mailing list