Alisa Sireneva
Alisa Sireneva
`recover` and `verify` are normally used in the following cases: - You want to make sure the message was received from the expected party. That's when you use `verify`. -...
That might be useful for, say, transit traffic if you want to filter out invalid data (not signatures) but you don't know what public key to verify them against. So...
I think I can't support this change. EdDSA schemes are defined by several parameters such as elliptic curve, base point and hash. So, ed25519 with BLAKE3 instead of SHA-512 is...
ed25519 is a well-known signing scheme, using a different hash function under the same name is confusing.
> confusing, but its faster and probably also more secure. We can change the name that is not a big deal. ed25519 is on the public domain :wink: I'll add...
Perhaps you don't know cryptography well so I'll explain an issue in your calculations. The search space size might be approx what you say but the required time is wrong....
Hmm... Let's see if I even understand what you say. `cipherPubKey` seems like it could be a public ECC key, but you also mentioned AES, so that might be ECIES-related....
Perhaps the problem is in the ciphertext format. sslcrypto expects the ciphertext to start with 16 bits of AES IV, followed by the ephemeral public key, followed by the AES-encrypted...
It'd help if you sent me an example of a ciphertext (here or to [email protected]). I can only guess the format is probably PKCS #7, but I'd like to make...
> Here there is a check to make sure the public key curve "nid" is matching This seems like an important check. Otherwise, a maliciously crafted public key could lead...