gpg: Fix false negatives in Ed25519 signature verification.
0a5a854510fdUnpublished
Actions

Unpublished Commit · Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

Description

gpg: Fix false negatives in Ed25519 signature verification.

* g10/pkglue.c (pk_verify): Fix Ed25519 signatrue values.
* tests/openpgp/verify.scm (msg_ed25519_rshort): New
(msg_ed25519_sshort): New.
("Checking that a valid Ed25519 signature is verified as such"): New.

About one out of 256 signature won't verify due to stripped zero
bytes. See the source comment for details.

Reported-by: Andre Heinecke
Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Provenance

• werner

Authored on Aug 25 2016, 3:18 PM

Parents

rG74a082bc1096: common: Rename an odd named function.

Branches

Unknown

Tags

Unknown

Event Timeline

Werner Koch <wk@gnupg.org> committed rG0a5a854510fd: gpg: Fix false negatives in Ed25519 signature verification. (authored by Werner Koch <wk@gnupg.org>).Aug 25 2016, 4:18 PM

• gniibe mentioned this in T7426: Retain binary representation of key for import->export (in particular, Ed25519 signature).Nov 25 2024, 7:16 AM

• werner mentioned this in rG52616ae81d80: gpg: Fix modifying signature data by pk_verify for Ed25519..Nov 25 2024, 11:07 AM

• werner mentioned this in rG7c378e0be78c: gpg: Fix modifying signature data by pk_verify for Ed25519..Nov 25 2024, 11:11 AM

Changes (2)

Path

Size

g10/

pkglue.c

tests/

openpgp/

verify.scm

rG0a5a854510fd

View Options

g10/pkglue.c