From 65ad3e4daf83f3a0a529cfc6417a12531b39a48e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Mon, 6 Jan 2014 16:57:24 +0100
Subject: [PATCH] Use deterministic ECDSA in the PK layer

---
 library/pk_wrap.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index eb87d3c60..3f05edd97 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -303,10 +303,19 @@ static int ecdsa_sign_wrap( void *ctx, md_type_t md_alg,
                    unsigned char *sig, size_t *sig_len,
                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
 {
+    /* Use deterministic ECDSA by default if available */
+#if defined(POLARSSL_ECDSA_DETERMINISTIC)
+    ((void) f_rng);
+    ((void) p_rng);
+
+    return( ecdsa_write_signature_det( (ecdsa_context *) ctx,
+                hash, hash_len, sig, sig_len, md_alg ) );
+#else
     ((void) md_alg);
 
     return( ecdsa_write_signature( (ecdsa_context *) ctx,
                 hash, hash_len, sig, sig_len, f_rng, p_rng ) );
+#endif
 }
 
 static void *ecdsa_alloc_wrap( void )