On 12/05/2015 20:10, Salz, Rich wrote: > You can't easily have test vectors for DSA signatures since they include a random. Any test vector would have to include the random, and any API would have to be able to accept the random as part of the "sign" API. Verification should be okay. > > What Mr. Salz refers to by "Verification should be okay" is probably this: You can have test vectors in the form of known good signatures withpublic keys listed in the test vector. For DSA, those would be the (message, y, r, s)quads mentioned by the OP (y is the public key, (r, s) is the signature), dependingon his class library, it might be possible to reformat those vectors to the formatused by his code for real messages. The importance of such test vectors is to detect if an implementation is accidentally implementing a different signature algorithm (such as accidentally appending a 0 byte to each message both during signing and verification). This would not be detected by signing and verifying sample messages with random parameters. Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com Transformervej 29, 2860 S?borg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150512/42bf5255/attachment.html>
