The signature generation process allows the application to provide optional randomness. If they pass in a 0 pointer, we'll fall back to deterministic signatures (which are perfectly secure); if the application passes in a pointer to a random function, we call that to get the randomness (which we stir into the final R value).
What happens if the application passes a random function, and that function returns failure? Presumably, if the application gave us a function, it wants a nondeterministic signature; however we can't do that. Currently, we do fall back to a deterministic mode; is this correct?
The signature generation process allows the application to provide optional randomness. If they pass in a 0 pointer, we'll fall back to deterministic signatures (which are perfectly secure); if the application passes in a pointer to a random function, we call that to get the randomness (which we stir into the final R value).
What happens if the application passes a random function, and that function returns failure? Presumably, if the application gave us a function, it wants a nondeterministic signature; however we can't do that. Currently, we do fall back to a deterministic mode; is this correct?