libtomcrypt
libtomcrypt copied to clipboard
Published
20 hours ago •
libtom
libtom
ed25519 - failing wycheproof testvectors
While hacking on https://github.com/DCIT/perl-CryptX/pull/59 I have found out that our current implementation of ed25519_verify falsely validates/verifies the following signatures which should be rejected:
{
"tcId" : 63,
"comment" : "checking malleability ",
"msg" : "54657374",
"sig" : "7c38e026f29e14aabd059a0f2db8b0cd783040609a8be684db12f82a27774ab067654bce3832c2d76f8f6f5dafc08d9339d4eef676573336a5c51eb6f946b31d",
"result" : "invalid",
"flags" : [ "SignatureMalleability" ]
},
{
"tcId" : 64,
"comment" : "checking malleability ",
"msg" : "54657374",
"sig" : "7c38e026f29e14aabd059a0f2db8b0cd783040609a8be684db12f82a27774ab05439412b5395d42f462c67008eba6ca839d4eef676573336a5c51eb6f946b32d",
"result" : "invalid",
"flags" : [ "SignatureMalleability" ]
},
{
"tcId" : 65,
"comment" : "checking malleability ",
"msg" : "54657374",
"sig" : "7c38e026f29e14aabd059a0f2db8b0cd783040609a8be684db12f82a27774ab02ee12ce5875bf9dff26556464bae2ad239d4eef676573336a5c51eb6f946b34d",
"result" : "invalid",
"flags" : [ "SignatureMalleability" ]
},
{
"tcId" : 66,
"comment" : "checking malleability ",
"msg" : "54657374",
"sig" : "7c38e026f29e14aabd059a0f2db8b0cd783040609a8be684db12f82a27774ab0e2300459f1e742404cd934d2c595a6253ad4eef676573336a5c51eb6f946b38d",
"result" : "invalid",
"flags" : [ "SignatureMalleability" ]
},
The key:
"key" : {
"curve" : "edwards25519",
"keySize" : 255,
"pk" : "7d4d0e7f6153a69b6242b522abbee685fda4420f8834b108c3bdae369ef549fa",
"sk" : "add4bb8103785baf9ac534258e8aaf65f5f1adb5ef5f3df19bb80ab989c4d64b",
"type" : "EDDSAKeyPair"
},
"keyDer" : "302a300506032b65700321007d4d0e7f6153a69b6242b522abbee685fda4420f8834b108c3bdae369ef549fa",
"keyPem" : "-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEAfU0Of2FTpptiQrUiq77mhf2kQg+INLEIw72uNp71Sfo=\n-----END PUBLIC KEY-----\n",
