use strict verification for ed25519
This enables all the signature malleability checks (including one that is not RFC8032 compliant but are still likely important for Veilid.) For details on the additional check, see https://docs.rs/ed25519-dalek/2.0.0/ed25519_dalek/struct.VerifyingKey.html#method.verify_strict
This commit is contained in:
parent
dfeecdde0d
commit
8f18569e30
@ -225,7 +225,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
|
|||||||
let mut dig = Blake3Digest512::new();
|
let mut dig = Blake3Digest512::new();
|
||||||
dig.update(data);
|
dig.update(data);
|
||||||
|
|
||||||
pk.verify_prehashed(dig, None, &sig)
|
pk.verify_prehashed_strict(dig, None, &sig)
|
||||||
.map_err(|e| VeilidAPIError::parse_error("Verification failed", e))?;
|
.map_err(|e| VeilidAPIError::parse_error("Verification failed", e))?;
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user