Use safer deterministic function in psa_ecdsa_sign

commit: 5e843fa133e01fd852e9b0a69709a66b1c4b7fbf [log] [tgz]
author: Darryl Green <darryl.green@arm.com> Thu Sep 05 14:06:34 2019 +0100
committer: Darryl Green <darryl.green@arm.com> Thu Sep 05 14:06:34 2019 +0100
tree: d5c55f2d5590ee29f28cd29b041d491af2ab00b2
parent: 75f2c20f9c59ce702edd5e73d777a3a01b06f542 [diff]
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ef2d50e..a80f13d 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c

@@ -3271,9 +3271,11 @@
         psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
         const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
         mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info );
-        MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det( &ecp->grp, &r, &s, &ecp->d,
-                                                 hash, hash_length,
-                                                 md_alg ) );
+        MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det_ext( &ecp->grp, &r, &s,
+                                                     &ecp->d, hash,
+                                                     hash_length, md_alg,
+                                                     mbedtls_ctr_drbg_random,
+                                                     &global_data.ctr_drbg ) );
     }
     else
 #endif /* MBEDTLS_ECDSA_DETERMINISTIC */
commit	5e843fa133e01fd852e9b0a69709a66b1c4b7fbf	[log] [tgz]
author	Darryl Green <darryl.green@arm.com>	Thu Sep 05 14:06:34 2019 +0100
committer	Darryl Green <darryl.green@arm.com>	Thu Sep 05 14:06:34 2019 +0100
tree	d5c55f2d5590ee29f28cd29b041d491af2ab00b2
parent	75f2c20f9c59ce702edd5e73d777a3a01b06f542 [diff]