Skip to content
Commit 08afd2f3 authored by Matt Caswell's avatar Matt Caswell
Browse files

Disallow Ed448 signature malleability



Check that s is less than the order before attempting to verify the
signature as per RFC8032 5.2.7

Fixes #7706

Reviewed-by: default avatarKurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/7748)
parent 275a7b9e
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment