Now
MAIN commitmail json YAML
pkgsrc/security/libdecaf/Makefile@1.4
/
diff
pkgsrc/security/libdecaf/distinfo@1.2 / diff
pkgsrc/security/libdecaf/patches/patch-CMakeLists.txt@1.1 / diff
pkgsrc/security/libdecaf/distinfo@1.2 / diff
pkgsrc/security/libdecaf/patches/patch-CMakeLists.txt@1.1 / diff
security/libdecaf: Updates to v1.0.1
- Build scripts now depend on the sourceforce git repository directly.
Changes since v1.0.0:
October 10, 2020:
A paper by Konstantinos Chalkias, Franc箕ois Garillot, and Valeria
Nikolaenko, to be found at:
https://eprint.iacr.org/2020/1244.pdf
discusses malleability in EdDSA implementations. Their test
vectors reveal unintentional malleability in libdecaf's version
of EdDSA verify, in violation of RFC 8032. With this malleability,
an attacker could modify an existing valid signature to create a
new signature that is still valid, but only for the same message.
Releave v1.0.1, correcting this flaw.
Additional changes generated from git commit logs:
- (tag: v1.0.1) Fix bug in ristretto elligator: it should be able to take improper field elements as input
- Fix malleability bug from https://eprint.iacr.org/2020/1244.pdf and add test vectors
- Optimize s^2 -> s2
- Dont double generator for Ed448RistrettoPoint
- Update ristretto.sage for python3. Also add Ed448RistrettoPoint for reference
- Add safer version of EdDSA signing API
- Fix issues when compiling on GCC 9.1
- Also remove X_SER_BYTES while were at it
- Remove gf_hibit, since it was a relic from p521 days
- Adds errno.eexist, remove hardcoded error value
- Tweak generated code message
- Fix flaky Python generator
- Add full RFC 8032 test vectors
- Change test scripts to avoid GCC warnings
- Minor changes. Bump version number in CMakeLists.txt
- Build scripts now depend on the sourceforce git repository directly.
Changes since v1.0.0:
October 10, 2020:
A paper by Konstantinos Chalkias, Franc箕ois Garillot, and Valeria
Nikolaenko, to be found at:
https://eprint.iacr.org/2020/1244.pdf
discusses malleability in EdDSA implementations. Their test
vectors reveal unintentional malleability in libdecaf's version
of EdDSA verify, in violation of RFC 8032. With this malleability,
an attacker could modify an existing valid signature to create a
new signature that is still valid, but only for the same message.
Releave v1.0.1, correcting this flaw.
Additional changes generated from git commit logs:
- (tag: v1.0.1) Fix bug in ristretto elligator: it should be able to take improper field elements as input
- Fix malleability bug from https://eprint.iacr.org/2020/1244.pdf and add test vectors
- Optimize s^2 -> s2
- Dont double generator for Ed448RistrettoPoint
- Update ristretto.sage for python3. Also add Ed448RistrettoPoint for reference
- Add safer version of EdDSA signing API
- Fix issues when compiling on GCC 9.1
- Also remove X_SER_BYTES while were at it
- Remove gf_hibit, since it was a relic from p521 days
- Adds errno.eexist, remove hardcoded error value
- Tweak generated code message
- Fix flaky Python generator
- Add full RFC 8032 test vectors
- Change test scripts to avoid GCC warnings
- Minor changes. Bump version number in CMakeLists.txt