Niels Möller <ni...@lysator.liu.se> writes: > Daiki Ueno <u...@gnu.org> writes: > >> The attached patch adds support for the deterministic DSA and ECDSA, as >> defined in RFC 6979, which enables us to use the signing function >> without randomness. > > Thanks, I've had a first read, and added some comments on your MR > (https://git.lysator.liu.se/nettle/nettle/-/merge_requests/64).
Thank you; I updated the MR to address those comments. I have a slight feeling that the current API is not easy to use, as the caller needs to instantiate both hash and HMAC contexts, as there are no correlations between the two: struct sha256_ctx sha256; sha256_init (&sha256); sha256_update (&sha256, length, message); sha256_digest (&sha256, SHA256_DIGEST_SIZE, digest); struct hmac_sha256_ctx hmac_sha256; ecdsa_sign_deterministic (&key, &hmac_sha256, &nettle_hmac_sha256, digest, &sig); What would you say to introducing a specialized API, something like the following? void ecdsa_sha256_sign_deterministic (const struct ecc_scalar *key, size_t length, const uint8_t *message, struct dsa_signature *signature); Regards, -- Daiki Ueno _______________________________________________ nettle-bugs mailing list -- nettle-bugs@lists.lysator.liu.se To unsubscribe send an email to nettle-bugs-le...@lists.lysator.liu.se