~mdw / catacomb / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1b59808) | patch
pub/ed25519.c: Range-check coordinates and scalars when verifying.
authorMark Wooding <mdw@distorted.org.uk>
Wed, 10 May 2017 20:13:54 +0000 (21:13 +0100)
committerMark Wooding <mdw@distorted.org.uk>
Sun, 14 May 2017 13:58:42 +0000 (14:58 +0100)
commitaccdbbc96b8ee45ba633af3980046b9db5cd8e7e
tree89886e5aad44c7141dba941e89b61c1fffcf271ftree | snapshot (tar.gz zip)
parent1b59808c769df96b1fcb5fb38c7f8fce069d0455commit | diff
pub/ed25519.c: Range-check coordinates and scalars when verifying.

This is a requirement of RFC8032, though Bernstein et al don't see the
point.

It's easy enough to test that verification rejects an out-of-range
scalar part in the signature, but there's hardly any space in the
curve-point part, so I've had to cheat.
pub/Makefile.am diff | blob | blame | history
pub/ed25519.c diff | blob | blame | history
pub/t/ed25519.local [new file with mode: 0644] blob
Catacomb cryptographic library