[prev in list] [next in list] [prev in thread] [next in thread]
List: gcrypt-devel
Subject: Re: ECDSA verification succeeds when it shouldn't
From: NIIBE Yutaka <gniibe () fsij ! org>
Date: 2021-02-02 1:27:54
Message-ID: 875z3b2r8l.fsf () iwagami ! gniibe ! org
[Download RAW message or body]
Guido Vranken via Gcrypt-devel <gcrypt-devel@gnupg.org> wrote:
> My fuzzer found this:
[...]
> gcry_pk_verify() returns GPG_ERR_NO_ERROR for these parameters but other
> libraries return failure.
Thank you.
For some reason which I don't know, perhaps hisotorically, checking
public key was not done (other than for EdDSA).
I created the task:
https://dev.gnupg.org/T5282
And push a fix commit:
https://dev.gnupg.org/rC598d0f3e0294a487e01b88cc714a8cd0a47329bb
--
_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic