Skip to content

Commit

Permalink
Document open issues around Ed25519
Browse files Browse the repository at this point in the history 
Reference the open issues in WICG/webcrypto-secure-curves around
randomized signatures and small-order points in the spec text.
  • Loading branch information
@twiss
twiss committed Oct 15, 2024
1 parent 6248189 commit f6d2b01
Showing 1 changed file with 26 additions and 0 deletions.
26 changes: 26 additions & 0 deletions spec/Overview.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10078,6 +10078,16 @@ <h4>Operations</h4>
Section 5.1.6, with |message| as |M|,
using the Ed25519 private key associated with |key|.
</p>
<div class="issue">
<p>
Some implementations may (wish to) generate randomized signatures
as per <a href="https://datatracker.ietf.org/doc/draft-irtf-cfrg-det-sigs-with-noise/">draft-irtf-cfrg-det-sigs-with-noise</a>
instead of deterministic signatures as per [[RFC8032]].
</p>
<p>
See <a href="https://github.com/WICG/webcrypto-secure-curves/issues/28">WICG/webcrypto-secure-curves issue 28</a>.
</p>
</div>
</li>
<li>
<p>
Expand Down Expand Up @@ -10105,13 +10115,29 @@ <h4>Operations</h4>
If the key data of |key| represents an invalid point or a small-order element
on the Elliptic Curve of Ed25519, return `false`.
</p>
<div class="issue">
<p>
Not all implementations perform this check.
</p>
<p>
See <a href="https://github.com/WICG/webcrypto-secure-curves/issues/27">WICG/webcrypto-secure-curves issue 27</a>.
</p>
</div>
</li>
<li>
<p>
If the point R, encoded in the first half of |signature|,
represents an invalid point or a small-order element
on the Elliptic Curve of Ed25519, return `false`.
</p>
<div class="issue">
<p>
Not all implementations perform this check.
</p>
<p>
See <a href="https://github.com/WICG/webcrypto-secure-curves/issues/27">WICG/webcrypto-secure-curves issue 27</a>.
</p>
</div>
</li>
<li>
<p>
Expand Down

0 comments on commit f6d2b01

Please sign in to comment.