Skip to content
Commit f3243f22 authored by Matt Caswell's avatar Matt Caswell
Browse files

Disallow Ed25519 signature maleability



Check that s is less than the order before attempting to verify the
signature as per RFC8032 5.1.7

Fixes #7693

Reviewed-by: default avatarPaul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7697)

(cherry picked from commit 0ac8f35c04c4fcdee421170ae6351e42b9e84ce4)
parent 2561eeb6
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment