This is not really true. At least, for some of the tests. https://github.com/openssl/openssl/blob/master/test/ecdsatest.c#L73 That hijacks the RNG to feed the expected nonce, so it can check vs a KAT. Cheers, BBB On Mon, Aug 30, 2021 at 12:40 PM Tomas Mraz <tomas@xxxxxxxxxxx> wrote: > > Hello, > > your analysis is right. It does only pairwise consistency test as the > KAT is impossible to do for regular DSA and ECDSA due to random nonce > being input of the signature algorithm and thus the signature always > changes. > > Tomas > > On Fri, 2021-08-27 at 22:47 +0530, Nagarjun J wrote: > > Hi, > > > > Does openssl-3.0.0 really does ecdsa KAT ? The post test logs says > > "ECDSA KAT :PASS. But when i debuged the code it actually doing ECDSA > > pairwise consistency test. > > > > Thanks, > > Nagarjun > > -- > Tomáš Mráz > No matter how far down the wrong road you've gone, turn back. > Turkish proverb > [You'll know whether the road is wrong if you carefully listen to your > conscience.] > >
