From 8f18569e30318b54a811322ae3b010b811431f28 Mon Sep 17 00:00:00 2001
From: Imuli <i@imu.li>
Date: Sat, 19 Aug 2023 23:07:32 +0000
Subject: [PATCH] use strict verification for ed25519

This enables all the signature malleability checks (including one that
is not RFC8032 compliant but are still likely important for Veilid.)

For details on the additional check, see
https://docs.rs/ed25519-dalek/2.0.0/ed25519_dalek/struct.VerifyingKey.html#method.verify_strict
---
 veilid-core/src/crypto/vld0/mod.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/veilid-core/src/crypto/vld0/mod.rs b/veilid-core/src/crypto/vld0/mod.rs
index acc36fa4..012be311 100644
--- a/veilid-core/src/crypto/vld0/mod.rs
+++ b/veilid-core/src/crypto/vld0/mod.rs
@@ -225,7 +225,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
         let mut dig = Blake3Digest512::new();
         dig.update(data);
 
-        pk.verify_prehashed(dig, None, &sig)
+        pk.verify_prehashed_strict(dig, None, &sig)
             .map_err(|e| VeilidAPIError::parse_error("Verification failed", e))?;
         Ok(())
     }