-
Notifications
You must be signed in to change notification settings - Fork 163
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix/malleability sig #449
Fix/malleability sig #449
Conversation
Summary✅ Passed: 5571 🚧 Skipped
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See comments.
Summary✅ Passed: 5561 🚧 Skipped
|
Summary✅ Passed: 5607 🚧 Skipped
|
1 similar comment
Summary✅ Passed: 5607 🚧 Skipped
|
Rereviewed - we still accept zero signatures. For example, following doesn't fail: func TestZero(t *testing.T) {
var signature Signature
var bts [sizeSignature]byte
_, err := signature.SetBytes(bts[:])
if err == nil {
t.Fatal("expected error")
}
} |
Summary✅ Passed: 5607 🚧 Skipped
|
As we use compressed coordinates then X is computed from Y.
Summary✅ Passed: 5883 🚧 Skipped
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I made some updates - particularly checking against 0 values as this leads to div by zero elsewhere.
Tests work, but would be nice to have a confirmation.
And I checked that negative values are not issues as incoming bytes are represented as unsigned ints.
Description
Deserialisation eddsa and ecdsa signature now ensures that the data is in [0, mod] where mod is the relevant modulus (field of definition of relevant group size of the curve).
Type of change
Credits to Verichains for raising the issue