Switch to deterministic DSA.
6466db10fb22Unpublished
Actions

Unpublished Commit · Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

Description

Switch to deterministic DSA.

* agent/pksign.c (rfc6979_hash_algo_string): New.
(do_encode_dsa) [Libgcrypt >= 1.6]: Make use of RFC-6979.

Now that we have a good (and not NSA/NIST demanded ;-) specification
on how to use DSA without a random nonce, we take advantage of it and
thus avoid pitfalls related to a misbehaving RNG during signature
creation.

Note that OpenPGP has the option of using a longer hash algorithm but
truncated to what is suitable for the used DSA key size. The hash
used as input to RFC-6979 will also be one with an appropriate digest
length but not a truncated one. This is allowed by RFC-6979.

Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Provenance

• werner

Authored on Sep 7 2013, 10:06 AM

Parents

rG244587ea41d4: scd: Suppress gcc warning about possible uninitialized use.

Branches

Unknown

Tags

Unknown

Event Timeline

Werner Koch <wk@gnupg.org> committed rG6466db10fb22: Switch to deterministic DSA. (authored by Werner Koch <wk@gnupg.org>).Sep 8 2013, 11:25 AM

Changes (1)

Path

Size

agent/

pksign.c

rG6466db10fb22

View Options

Switch to deterministic DSA.6466db10fb22UnpublishedActions