dmercer-google
commented
5 years ago You may want to add a comment as to why we use deterministic signatures. Perhaps something like:
// Deterministic signatures are used as the are generally preferable on deices with
// poor entropy sources as is so often the case with IoT.Up to you though. Just a suggestion
The mbedTLS stack has deterministic ecdsa signagure capability. As it considered to provide higher security switching to it from the non-det version is advised and done in this PR.
QA: unit test validate ecdsa signature agains openssl library, tests pass. Also manual tests were conducted if the iot_core_mqtt_client is able to connect to MQTT bridge, connection was successful.