Add secure DSA nonce flag.

This change adds the option to calculate (EC)DSA nonces by hashing the message and private key along with entropy to avoid leaking the private key if the PRNG fails.
author: Adam Langley <agl@chromium.org> 2013-01-24 16:27:28 -0500
committer: Ben Laurie <ben@links.org> 2013-06-13 17:26:07 +0100
commit: 8a99cb29d1f0013243a532bccc1dc70ed678eebe (patch)
tree: e29022ee28dbc0e6507597b2baf094760924f421 /crypto/ec/ec_lcl.h
parent: 64a786a292e301bfbcb269cd2bff0533503d5b8b (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/ec/ec_lcl.h b/crypto/ec/ec_lcl.h
index da7967df38..6f714c7575 100644
--- a/crypto/ec/ec_lcl.h
+++ b/crypto/ec/ec_lcl.h
@@ -246,6 +246,7 @@ struct ec_key_st {
 	BIGNUM	 *priv_key;
 
 	unsigned int enc_flag;
+	char nonce_from_hash_flag;
 	point_conversion_form_t conv_form;
 
 	int 	references;
author	Adam Langley <agl@chromium.org>	2013-01-24 16:27:28 -0500
committer	Ben Laurie <ben@links.org>	2013-06-13 17:26:07 +0100
commit	8a99cb29d1f0013243a532bccc1dc70ed678eebe (patch)
tree	e29022ee28dbc0e6507597b2baf094760924f421 /crypto/ec/ec_lcl.h
parent	64a786a292e301bfbcb269cd2bff0533503d5b8b (diff)