contextualized extension of the Ed25519 scheme

libtom / libtomcrypt

LibTomCrypt is a fairly comprehensive, modular and portable cryptographic toolkit that provides developers with a vast array of well known published block ciphers, one-way hash functions, chaining modes, pseudo-random number generators, public key cryptography and a plethora of other routines.

https://www.libtom.net

Other

1.51k stars 449 forks source link

contextualized extension of the Ed25519 scheme #597

Closed sa-kib closed 1 year ago

sa-kib commented 1 year ago

This PR adds Ed25519 context support and message pre-hashing support when signin/verifying.

Checklist

[x] documentation is updated
[x] tests are added

sjaeckel commented 1 year ago

87fbc596bf5a2a520718c5189154412ecb22fe74 is valid but I think we should keep the tweetnacl code as is (as much as possible). IMO a better fix would be to use msglen + siglen in the call of zeromem() inside ed25519_verify_private().

sjaeckel commented 1 year ago

@sa-kib thanks for the PR!

Please check the changes I did and confirm whether this is fine for you.

I'll rebase&squash then as necessary, force-push to your fork and will merge this PR afterwards.

sa-kib commented 1 year ago

@sjaeckel thank you for taking a look! I'm fine with the changes you've made (we weren't sure if we should touch tweetnacl), thank you for taking care. This PR originated from OP-TEE Ed25519ph support, so I wanted to gather some feedback from optee community regarding usage of these API calls we introduced.

sjaeckel commented 1 year ago

@jenswi-linaro @larperaxis you're the consumers of the API, are you fine with these changes as well?