Deprecate the old deterministic ECDSA function

The current interface does not allow passing an RNG, which is needed for blinding. Using the scheme's internal HMAC-DRBG results the same blinding values for the same key and message, diminishing the effectiveness of the countermeasure. A new function `mbedtls_ecdsa_det_ext` is available to address this problem.
2019-01-04 15:55:43 +00:00 · 2019-01-04 15:55:43 +00:00 · e65e0597a8
commit e65e0597a8
parent 651eac8c5e
2 changed files with 15 additions and 2 deletions
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@ -503,6 +503,8 @@ cleanup:
 /*
 * Deterministic signature wrappers
 */
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
 int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r,
                            mbedtls_mpi *s, const mbedtls_mpi *d,
                            const unsigned char *buf, size_t blen,
@ -517,6 +519,7 @@ int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r,
    return( ecdsa_sign_det_restartable( grp, r, s, d, buf, blen, md_alg,
                                        NULL, NULL, NULL ) );
 }
+#endif /* MBEDTLS_DEPRECATED_REMOVED */

 int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r,
                                mbedtls_mpi *s, const mbedtls_mpi *d,