The EdDSA signature implementation in GNUnet calls the 'gcry_pk_sign
(&sig, msg, prv)' function not with the message itself, but with the
SHA512 hash value of the message.
Due to the intricities of EdDSA signing this is not necessary (hashing
is done in the sign function itself, as more than just
Thanks for the discovery and analysis of this, Bernd.
I wonder if this would be feasible to try to make into the 0.11.0 release..?
Bernd Fix transcribed 1.1K bytes:
> The EdDSA signature implementation in GNUnet calls the 'gcry_pk_sign
> (&sig, msg, prv)' function not with the message itself, bu
Feasible yes, desirable no: we're not _otherwise_ badly breaking
compatibility, so IMO we should put this in Mantis and flag it for the
release when we change the core KX and thus break compatibility badly
anyway.
On 07/11/2018 03:38 PM, Devan Carpenter wrote:
> Thanks for the discovery and analys
Does 0.11.0 change the wireformat of the p2p messages? If so, it could
be feasible to change the sign/verify semantics. But if not, it is
better to wait until other (crypto-related) changes make it into the
version that would break compatibility anyway...>Y<
On 07/11/2018 01:38 PM, Devan Carpe
Not compared to what most peers in existence use already. -C
On 07/11/2018 05:54 PM, Bernd Fix wrote:
> Does 0.11.0 change the wireformat of the p2p messages?
signature.asc
Description: OpenPGP digital signature
___
GNUnet-developers mailing list
GNUn
Filed as https://gnunet.org/bugs/view.php?id=5398
On 07/11/2018 02:58 PM, Bernd Fix wrote:
> The EdDSA signature implementation in GNUnet calls the 'gcry_pk_sign
> (&sig, msg, prv)' function not with the message itself, but with the
> SHA512 hash value of the message.
>
> Due to the intricities o