Disallow Ed448 signature malleability
Check that s is less than the order before attempting to verify the signature as per RFC8032 5.2.7 Fixes #7706 Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/7748)
parent
275a7b9e
Please register or sign in to comment