projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 488521d) | patch
Disallow Ed448 signature malleability
authorMatt Caswell <matt@openssl.org>
Mon, 3 Dec 2018 17:01:07 +0000 (17:01 +0000)
committerMatt Caswell <matt@openssl.org>
Tue, 11 Dec 2018 11:58:40 +0000 (11:58 +0000)
commitf807ad17f327c40d2ed89739f7ed037ea9a80ee5
treee39272c7f71455950a18f70b3fc537e52da30ed6tree | snapshot
parent488521d77fdc1de5ae256ce0d9203e35ebc92993commit | diff
Disallow Ed448 signature malleability

Check that s is less than the order before attempting to verify the
signature as per RFC8032 5.2.7

Fixes #7706

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/7748)

(cherry picked from commit 08afd2f37a4465c90b9b9e2081c9e8df4726db89)
crypto/ec/curve448/eddsa.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.