projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2561eeb) | patch
Disallow Ed25519 signature maleability
authorMatt Caswell <matt@openssl.org>
Fri, 23 Nov 2018 13:50:43 +0000 (13:50 +0000)
committerMatt Caswell <matt@openssl.org>
Mon, 3 Dec 2018 14:25:20 +0000 (14:25 +0000)
commitf3243f22298045de3bd31bf47cdf0abe8394843a
treea8e3314978df0cf9b0f534d46f08aa8656920f03tree | snapshot
parent2561eeb6b9cea581d4bbbc0d2574998f0590f53ccommit | diff
Disallow Ed25519 signature maleability

Check that s is less than the order before attempting to verify the
signature as per RFC8032 5.1.7

Fixes #7693

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7697)

(cherry picked from commit 0ac8f35c04c4fcdee421170ae6351e42b9e84ce4)
crypto/ec/curve25519.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.