Add ECDSA signature functions #518
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
raycoll
reviewed
Apr 27, 2017
crypto/s2n_ecdsa.c
Outdated
| uint8_t digest_out[MAX_DIGEST_LENGTH]; | ||
| GUARD(s2n_hash_digest(digest, digest_out, digest_length)); | ||
|
|
||
| // ECDSA_verify ignores the first parameter |
Closed
raycoll
reviewed
May 8, 2017
| "iwVevOxBJ1GL0usqhWNqOKoNp048H4rCmfyMN97E\n" | ||
| "-----END EC PRIVATE KEY-----\n"; | ||
|
|
||
| int main(int argc, char **argv) |
There was a problem hiding this comment.
Good positive and negative tests. Do you think it's worth extending this to iterate across digest sizes: 0 -> MAX_DIGEST_LENGTH ?
There was a problem hiding this comment.
The signature functions expects an s2n_hash_state parameter, which isn't easy to stuff bytes into. I opted to modify the test to attempt each hash algorithm so the signature function has to handle varied digest sizes.
There was a problem hiding this comment.
That seems reasonable and should cover all of our happy cases. Thanks for adding that!
raycoll
approved these changes
May 11, 2017
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adding ECDSA functions to sign/verify, and parse keys. They are currently modeled after the equivalent RSA functions and use a mixture of the EVP and low-level OpenSSL APIs. Once the EVP refactoring in #478 has been completed for s2n_hash, these can switch over as well.