Nitrokey / nitrokey-fido2-firmware

FIDO2 USB token optimized for security, extensibility, and style. A fork of Solo key.
https://www.nitrokey.com/
Other
53 stars 6 forks source link

Use deterministic signing #16

Open szszszsz opened 5 years ago

szszszsz commented 5 years ago

Use deterministic signing, as in: https://github.com/trustcrypto/libraries/blob/419fe44dbd5ab065f118df31881185f32aab0ee7/fido2/crypto.cpp#L190

Source: https://github.com/solokeys/solo/issues/158#issuecomment-489211479

szszszsz commented 5 years ago

RFC for deterministic ECC signing: https://tools.ietf.org/html/rfc6979. Briefly, it differs from the base method by deterministically calculating the k parameter using HMAC, resulting in the same signature for the same data.

Documentation for the used ECC implementation in micro-ecc:

Implementation discussion: https://github.com/kmackay/micro-ecc/issues/37

Use example: https://github.com/trustcrypto/libraries/commit/419fe44dbd5ab065f118df31881185f32aab0ee7