projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: be80b21) | patch
Disallow Ed25519 signature maleability
authorMatt Caswell <matt@openssl.org>
Fri, 23 Nov 2018 13:50:43 +0000 (13:50 +0000)
committerMatt Caswell <matt@openssl.org>
Mon, 3 Dec 2018 14:21:05 +0000 (14:21 +0000)
commit0ac8f35c04c4fcdee421170ae6351e42b9e84ce4
tree6acf04eb393b745fc1ccdf9c483e7015485ba578tree | snapshot
parentbe80b21d2a9c1e0d4fb920ca023e4ec225d878a7commit | diff
Disallow Ed25519 signature maleability

Check that s is less than the order before attempting to verify the
signature as per RFC8032 5.1.7

Fixes #7693

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7697)
crypto/ec/curve25519.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.